CHFI Study Questions

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which Attribute ID does NTFS set as a flag after encrypting a file where the data decryption field (DDF) and data recovery field (DRF) are stored?

0x100

Maximum file system size of ext4

1EiB

How many bytes does a directory entry have allotted for each file and directory in the FAT file system?

32

Number of bytes reserved at the beginning of a CD-ROM for booting?

32,768

Maximum file system size of ext3

32TB

How many bytes are each logical block in an HFS volume?

512

How many bytes is each logical block in GPT?

512

MBR almost always refers to the partition sector of a disk also known as

512-byte boot sector

Size of the partition table structure that stores information about the partitions present on a hard disk

64-byte

Number of allocation blocks restricted by HFS

65,535

What is a machine-readable language used in major digital operations, such as sending and receiving emails?

ASCII

Data structure situated at sector 1 in the volume boot record of a hard disk to explain the physical layout of a disk volume?

BIOS Parameter Block (BPB)

Technique used to distribute malware on the web with tactics such as keyword stuffing, doorway pages, page swapping, and adding unrelated keywords to get a higher search engine ranking for malware pages?

Blackhat SEO

What UFS file system part is composed of a few blocks in the partition reserved at the beginning?

Boot Blocks

What component of a typical FAT32 file system consists of data that the document framework uses to get to the volume and utilizes the framework parcel to stack the working portion documents?

Boot Sector

EnablePrefetcher value 2

Boot prefetching is enabled

Web application threat that occurs when the application fails to guard memory properly and allows writing beyond maximum size?

Buffer Overflow

What layer of web application architecture is responsible for the core functioning of the system and includes logic and applications, such as .NET, use by developers to build websites according to client requirements?

Business layer

Architectural layer of mobile device environments represents any program that runs on the Android platform

Client Application

What layer of web application architecture includes all the web appliances, such as smartphones and PCs, where interaction with a web application deployed on a web server occurs?

Client layer

Web application threat occurs when an attacker is allowed to gain access as a legitimate user to a web application or data such as account records, credit card numbers, passwords, or other authenticated information?

Cookie Poisoning

What UFS file system part comprises a collection, including a header with statistics and free lists, a number of inodes containing file attributes, and number of data blocks?

Cylinder groups

Phase of EFI that uses the Hand-Off Block List (HOBL) to initialize the entire system physical memory, I/O, and MIMO resources.

DXE

Tool for Mac that recovers files from crashed or virus corrupted HDD

Data Rescue 4

Biggest threat to mobile devices?

Data loss

Which web application threat occurs when attackers exploit HTTP, gain access to unauthorized directories, and execute commands outside the web server's root directory?

Directory Traversal

Tool that undeletes and recovers lost files from hard drives, memory cards and USB Flash drives?

DiskDigger

Where are deleted items stored on Windows Vista and Later versions of Windows?

Drive:\$Recycle.Bin

Where are deleted items stored on Windows 98 and earlier versions of Windows?

Drive:\RECYCLED

Where are deleted items stored on the Windows 2000, XP, and NT versions of Windows?

Drive:\RECYCLER

Developed by Remy Card as an extensible file system for Linux and is the basis for all currently shipping linux distros?

Ext2

Linux file system developed by Stephen Tweedie in 2001 as a journaling file system to improve reliability

Ext3

Which of the two parts of the Linux File system architecture has the memory space where the system supplies all services through an executed system call?

Kernel Space

Which component of the NTFS architecture is the processing mode that permits the executable code to have direct access to all the system components?

Kernel mode

In GUID Partition Table, which Logical Block Address contains the Partition Entry Array?

LBA 2

Which LBA is the first usable sector?

LBA 34

Which of the three different files storing data and logs in SQL servers holds the entire log information associated with the database?

LDF

Commands used to determine running processes in Windows?

Listdlls Tasklist Pslist

3 tiers of log management

Log Generation Log Monitoring Log Analysis and Storage

Which HFS volume structure contains the Master Directory Block (MDB), which defines a wide variety of data about the volume itself?

Logical block 2

Which of the three different files storing data and logs in SQL servers is the starting point of a database and points to other files in the database?

MDF

What was linux's first file system?

MINIX

What information held by the superblock allows the mounting software to verify the superblock for the EXT2 file system?

Magic Number

Who are legitimate authorizers of a search warrant?

Magistrate Court of law Concerned authority

Which component of the NTFS architecture contains executable master boot code that the system BIOS loads into memory?

Master Boot Record (MBR)

In NTFS, this is the relational database consisting of information regarding the files and file attributes.

Master File Table (MFT)

Information held by the superblock that allows the system to determine if the file system needs to be fully checked and increments each time the system places access to the file system?

Mount Count

CAN-SPAM's Main requirements

Must have physical address Honor opt-out requests in 10 days Commercial email must be ID'd as an ad Do not use false or misleading header info Do not use deceptive subjects

Commands to determine logged on users

Net session PsLoggedOn LogonSessions

Architectural layer of mobile device environments that allows a mobile device to communicate with the network operator

Network interface

Which component of the NTFS architecture reads the contents of the Boot.ini file?

Ntldlr.dll

Field type referring to the volume descriptor as a primary

Number 1

Field type referring to the volume descriptor as a partition descriptor

Number 3

Architectural layer of mobile devices environments that offers utilities for scheduling multiple tasks, memory management tasks, synchronization, and priority allocation?

Operating System

Web application threat that occurs when attackers intend to manipulate the communication exchanged between the client and server to make changes in application data.

Parameter Tampering

What is Enterprise Theory of Investigation (ETI)?

Powerful methodology to identify criminals who have escaped prosecution

What must an investigator do in order to offer a good report to a court of law and ease the prosecution?

Preserve the evidence

What partition holds the information regarding the operating system, system area, and other information required for booting?

Primary partition

ISO 9660 compliant portion of a CD that describes the location of contiguous root directory similar to the super block in UNIX

Primary volume descriptor

RAID level that uses byte level data striping across multiple drives and distributes the parity information among all member drives?

RAID 5

RFC for normal email communication

RFC 5322

Federal Rule of Evidence governing proceedings in the courts

Rule 101

Federal Rule of Evidence containing rulings on evidence

Rule 103

The phase of EFI consisting of initializiation code the system executes after powering on the system, manages platform reset events, and sets the system state.

SEC

Types of flash based memory

SLC, MLC, TLC

Act to protect investors from the possibility of fraudulent accounting activities by corporations.

SOX

Which field is the standard identifier set to CD001 for a CD-ROM compliant to ISO 9660?

Second

Inode field that shows when creation occurred and last modification

Timestamp

Tool that recovers lost data from hard drives, RAID, photos, deleted files, iPods and removeable disks connected via FireWire or USB?

Total Recall

web application threat that occurs when attackers tamper with the URL, HTTP requests, headers, hidden fields, form fields, or query strings?

Unvalidated input

File system and logical volume manager developed by Sun Microsystems

ZFS

Expert witnesses should conduct themselves while presenting by...

avoiding leaning and developing self-confidence

Web application threat that occurs when attackers identify a flaw, bypass authentication, and compromise the network.

broken access controls

Inode field that determines what the inode describes and the permissions that users have to it

mode

Command to determine the NetBIOS name table cache in windows?

nbtstat

Recover My Files tool

recover files even if emptied from recycle bin perform disk recovery after a crash recover from hdd, camera card, USB, Zip, floppy or other media

CompuServe-generated format from 1987 that uses lossless data compression techniques, maintaining the visual quality of the image?

GIF

Act that requires companies that offer financial products or services to protect customer information against security threats.

GLBA

Architectural layer of mobile devices environments that is responsible for creating menus and sub-menus in designing application.

GUI API

PowerShell command to parse GPTs of both types of hard disks, UEFI or MBR

Get-Boot Sector

Which web application threat arises when a web application is unable to handle technical issues properly and the website returns information, such as database dumps, stack traces, and codes?

Improper Error Handling

Web application threat that occurs when attackers insert malicious code, commands, or scripts into the input gates of web applications, enabling the applications to interpret and run the newly supplied malicious input.

Injection flaws

What is the name of the abstract layer that resides on top of a complete file system, allows client application to access various file systems, and consists of a dispatching layer of numerous caches?

Virtual File System (VFS)

Elements of cyber crime

fast-paced speed anonymity through masquerading volatile evidence


Kaugnay na mga set ng pag-aaral

Ch. 16: Program Management, Chapter 16: Program Management, NURS 450 - Ch. 21

View Set

TN Insurance license exam practice !

View Set

anti bagsak reviewer ca ni baby girl iloveyousomuch 10000000000x

View Set

Microecon: Trade offs and Comparative Adv and the Market System

View Set

Geology 1500-11 EXAM 2 CH 7 METAMORPHIC ROCKS

View Set