CHFI quiz 4

Ace your homework & exams now with Quizwiz!

Intruders attempting to gain remote access to a system try to find the other systems connected to the network and visible to the compromised system.

True

Which of the following refers to the data stored in the registries, cache, and RAM of digital devices?

volatile information

Investigators can use Linux commands to gather necessary information from the system. Identify the following shell command that is used to display the kernel ring buffer or information about device drivers loaded into the kernel.

dmesg

What command is used to determine the NetBIOS name table cache in Windows?

Nbtstat

Thumbnails of images remain on computers even after files are deleted.

True

Which of the following is NOT a command used to determine running processes in Windows?

Tasklist Pslist Netstat (correct) Listdlls

What prefetch does value 1 from the registry entry EnablePrefetcher tell the system to use?

Application prefetching is enabled.

What prefetch does value 2 from the registry entry EnablePrefetcher tell the system to use?

Boot prefetching is enabled.

What prefetch does value 3 from the registry entry EnablePrefetcher tell the system to use?

Both application and boot prefetching are enabled.

What is NOT a command used to determine logged-on users?

LoggedSessions

What are the unique identification numbers assigned to Windows user accounts for granting user access to particular resources?

Microsoft Security ID

What is NOT a command used to determine open files?

Net file Openfiles Open files (correct) PsFile

Which tool helps collect information about network connections operative in a Windows system?

Netstat

The value 0 associated with the registry entry EnablePrefetcher tells the system to use which prefetch?

Prefetching is disabled.

Which of the following consists of volatile storage?

RAM

In Windows Event Log File Internals, the following file is used to store the Databases related to the system:

System.evtx

The information about the system users is stored in which file?

SAM database file

Which is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples?

Volatility Framework

What tool enables you to retrieve information about event logs and publishers in Windows 10?

Wevtutil

________ command is used to display the network configuration of the NICs on the system.

ipconfig /all

See all study sets

CHFI quiz 4

Related study sets

4490 Chapter 3

ap euro study guide

CH 10

Macro Theory Exam 1 Study Guide

Marketing Chapter 9

Accounting Chapter 8

Lab Practical 2 Review

History Chapter 22

RMI Chapter 4 Quiz Questions CPCU 500

France

Business 101 Chapter 12 Vocabulary and Summaries

B&B test three

Volkswagen Training

Parts of Speech

MKT 3010 Chapter 17

Accounting-Chapter 1

Life & Health Insurance

Unit 3 AP Psychology FRQ

PMP 8: Project Quality Management

FDA Guidance Documents