C702 - CHFI CH10
The Tor's hidden service protocol allows users to host websites anonymously with what domains and can only be accessed by users of the Tor network?
.onion Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1027.
On a Windows machine, the Tor browser uses which port for establishing connections via Tor nodes?
9150/9151 Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1032.
In such scenarios, where the usage of the Tor network is restricted, what helps circumvent the restrictions and allows users to access the Tor network? The usage of these nodes makes it difficult for governments, organizations, and ISPs to censor the usage of the Tor network.
Bridge nodes Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1028.
On a Windows machine, where are the prefetch files located?
C:\WINDOWS\Prefetch Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1033.
Which provides anonymity to its users through encryption and is not indexed by search engines?
Dark web Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1025.
Which relay provides an entry point to the Tor network?
Entry/guard relay Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1026.
When a Tor browser is installed and executed on a Windows machine, the user activity is recorded in which Windows Registry?
HKEY_\\SOFTWARE\Mozilla\Firefox\Launcher Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1032.
Which relay is used for the transmission of data in an encrypted format?
Middle relay Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1026.
The directory of the 'state' file where the Tor browser is executed is located where?
\Tor Browser\Browser\TorBrowser\Data\Tor\ Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1032.
Tor is a browser that is used to access the contents of the ________.
dark web Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1025.
Which command will allow investigators to test for the active network connections on the machine and be able to identify whether Tor was used on that machine?
netstat -ano Correct. For more information on this topic see Computer Hacking Forensics Investigator Module 10 page 1032.