470 Chapt 13

The ______________ tool can be used to bypass a virtual machine's hypervisor, and can be used with OpenStack.

FROST

Metadata in a prefetch file contains an application's _____________ times in UTC format and a counter of how many times the application has run since the prefect file was created.​

MAC

What information below is not something recorded in Google Drive's snapshot.db file?​

file SHA values and sizes

To reduce the time it takes to start applications, Microsoft has created __________ files, which contain the DLL pathnames and metadata used by applications.​

prefetch

​With cloud systems running in a virtual environment, _______________ can give you valuable information before, during, and after an incident.

snapshot

Which is not a valid method of deployment for a cloud?​

targeted

​At what offset is a prefetch file's create date & time located?

​0x80

In a prefetch file, the application's last access date and time are at offset _______________.​

​0x90

Which of the following is not a valid source for cloud forensics training?​

​A+ Security

Select the folder below that is most likely to contain Dropbox files for a specific user:​

​C:\Users\username\Dropbox

Where is the snapshot database created by Google Drive located in Windows?​

​C:\Users\​username​\AppData\Local\\Google\Drive

The __________________________ is an organization that has developed resource documentation for CSPs and their staff. It provides guidance for privacy agreements, security measures, questionnaires, and more.​

​Cloud Security Alliance

Which of the following is NOT a service level for the cloud?​ ​

​Virtualization as a service

What cloud service listed below provides a freeware type 1 hypervisor used for public and private clouds?​

​XenServer and XenCenter Windows Management Console

The __________________ Dropbox file stores information on shared directories associated with a Dropbox user account and file transfers between Dropbox and the client's system.​

​filecache.dbx

A _________________ is a tool with application programming interfaces (APIs) that allow reconfiguring a cloud on the fly; it's accessed through the application's Web interface.​

​management plane

Which of the following is not one of the five mechanisms the government can use to get electronic information from a provider?​

​seizure order

The Google drive file _________________ contains a detailed list of a user's cloud transactions.​

​sync_log.log

What cloud application offers a variety of cloud services, including automation and CRM, cloud application development, and Web site marketing?​

Salesforce

A ________________ is written by a judge to compel someone to do or not do something, such as a CSP producing user logon activities.​

court order