Grade 10: Digital Forenscis: Test 3
In Linux, in which directory are most system configuration files stored?
/etc
On a Linux computer, what contains group memberships for the local system
/etc/group
In Linux, in which directory are most applications and commands stored?
/usr
What should be created in order to begin a digital forensics case?
An investigation plat
Which data-hiding technique changes data from readable code to data that looks like binary executable code?
Bit-shifting
Which data-hiding technique replaces bits of the host file with other bits of data?
Bit-shifting
Which images store graphics information as grid of pixels?
Bitmap
What terms refers to recovering fragments of a file
Carving
What type of laws should computer investigators be especially aware of when working with image files in order to avoid infringement violations?
Copyright
What is the process of converting raw picture data to another format called?
Demosaic
If a graphic file cannot be open in an image viewer, what should the next step be?
Examining the file's header data
Steganography cannot be used with file formats other than image files.
False
Windows OSs do not have a kernel
False
Because digital forensics tools have limitations in performing hashing...
Hexadecimal editor
What does scope creep typically do?
Increases the time and resources needed to extract, analyze, and present data
Which data-hiding technique places data from the secret file into the host file without displaying the secret data when the host file is viewed in it associated program?
Insertion
What technology is designed to recover encrypted data if users forget their passphrases or if the user key is corrupted after a system failure?
Key escrow
Which type of compression compresses data permanently by discarding bits of information in the file?
Lossy
Many passwords-protect OSs and applications store passwords in the form which type of hash values?
MD5
Macintosh moved to the Intel processors and became UNIX based with which operating system?
OS X
Which action alters hash values, making cracking passwords more difficult?
Salting passwords
Which term refers to data-hiding technique that uses host files to cover the contents of a secret message
Steganography
What limits the data that can be sought in a criminal investigation?
The search warrant
Before OS X, the Hierarchical File System was used, in which files are stored in directories that can be nested in other directories
True
Several password-cracking tools are available for handling password-protected data or system
True
Some encryption schemes are so complex that they time to crack them can be measured in days, weeks, years, and even decades
True
The Internet is the best source for learning more about file formats and their extensions
True
The two major forms of steganography are insertion and substitution
True
What is the simplest way to access a file header?
Use a hexadecimal editor
What kinds of images are based on mathematical instructions that define lines, curves, texts, ovals, and other geometric shapes?
Vector Images
What type of attacks uses every possible letter, number, and character found on a keyboard when cracking a password?
brute-force
