Forensics study guide chapter 12

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following types of files can provide useful information when you're examining an e-mail server? a. .dbf firles b. .emx files c. .log files d. .slf files

.log files

Logging options on many email servers can be: a. Disabled by the administrator b. Set up in circular logging configuration c. Configured to a specified size before being overwritten d. All of the above

All of the above

To analyze e-mail evidence, an investigator must be knowledgeable about an e-mail server's internal operations. True or False?

False

UNIX, NetWare, and Microsoft email servers create specialized databases for every email user. True or False?

False

What is the e-mail storage frmat in Novell Evolution?

Mbox

When confronted with an e-mail server that no longer contains a log with the date information you need for your investigation you need for your investigation, and the client has deleted the e-mail, what should you do? a. search available log files for any forwarded messages b. restore the e-mail server from a backup c. check the current database files for an existing copy of the e-mail d. after it's deleted, the file can o longer be recovered.

Restore the e-mail server from a backup

Sendmail uses which file for instructions on processing an e-mail message?

Sendmail.cf

Router logs can be used to verify what types of email data? a. Message content b. content of attached files c. tracking flows though e-mail server ports d. finding blind copies

Tracking flows through email server ports

All email headers contain the same types of information. True or False?

True

Internet e-mail accessed with a Web brower leaves files in temporary folders. True or False.

True

You can view e-mail headers in all popular e-mail clients. True or False?

True

In Microsoft Outlook, what are the email storage files typically found on a client computer? a. .pst & .ost b. res1.log & res2.log c. PU020102.db d. .evolution

a. .pst and .ost

To trace an IP address in an email header, what type of lookup service can you use? (Choose all that apply) a. ATT anywho online directory b. Verizon superpages.com c. A Domain lookup service, such as www.arin.net, www.internic.com.,or ww.whois.net d. Any web search engine

a. A Domain lookup service, such as www.arin.net, www.internic.com.,or ww.whois.net d. Any Web search engine

What information is not in an e-mail header? a. blind copy addresses b. internet addresses c. domain name d. contents of the message e. type of e-mail server used to sen the e-mail

a. Blind copy (Bcc) addresses d. Contents of the message

When searching a victims computer for a crime committed with a specific email, what provides information for determining the emails originator? (choose all that apply) a. E-mail header b. username and password c. Firewall log d. All of the above

a. E-mail header c. Firewall log

E-mail headers contain which of the following information? (Choose all that apply.) a. The sender and receiver email addresses b. An Enhanced Simples Mail Transfer Protocol (ESMTOP) or reference number c. The email servers the message traveled through to reach its destination d. The IP address of the receiving server a. All of the above

a. The sender and receiver email addresses b. An Enhanced Simples Mail Transfer Protocol (ESMTOP) or reference number c. The email servers the message traveled through to reach its destination

Which of the following is a current formatting standard for e-mail? a. SMTP b. MIME c. Outlook d. HTML

b. MIME

What's the main piece of information you look for in an email message you're investigating? a. Senders or receivers's e-mail address b. originating email domain or IP address c. Subject line content d. Message Number e. All of the above

b. Origination email domain or IP address

In UNIX e-mail, the syslog.conf file contains what information? a. logging instructions for the sendmail.cf file b. the event, the priority level of concern, and the action taken when an e-mail is logged c. SMPT executable code d. POP3 executable code

b. The even, the priority level of concern, and the action taken when an e-mail is logged

When you access your email, what type of computer architecture are you using? a. mainframe and minicomputers b. Domain c. Client/server d. None of the above.

c. Client/server


Set pelajaran terkait

Combo with ch 16 Cancer and 21 others

View Set

Intro to Business Spring Final Part 2

View Set

Business Law - Module 10 -- Agency Law

View Set

Present simple, present continuous, past simple, present perfect, future continuous, present perfect continuous and past continuous

View Set

OB Chapter 24: Nursing Management of the Newborn at Risk: Acquired and Congenital Newborn Conditions

View Set