Computer Forensics Chapter 11 Notes

Ace your homework & exams now with Quizwiz!

Router logs can be used to verify what types of e-mail data? a. tracking flows through e-mail server ports b. finding blind copies c. message content d. content of attached files

a. tracking flows through e-mail server ports

After examining e-mail headers to find an e-mail's originating address, investigators use forward lookups to track an e-mail to a suspect. a. true b. false

a. true

E-mail accessed with a Web browser leaves files in temporary folders. a. true b. false

a. true

To analyze e-mail evidence, an investigator must be knowledgeable about an e-mail server's internal operations. a. true b. false

a. true

When you access your e-mail, what type of computer architecture are you using? a. domain b. client/server c. mainframe and minicomputers d. none of the above

b. client/server

A forensic linguist can determine an author's gender by analyzing chat logs and social media communications. a. true b. false

b. false

You can view e-mail headers in Notepad with all popular e-mail clients. a. true b. false

b. false

Sendmail uses which file for instructions on processing an e-mail message? a. syslogd.conf b. sendmail.cf c. mapi.log d. mese.ese

b. sendmail.cf

On a UNIX-like system, which file specifies where to save different types of e-mail log files? a. /var/spool/log b. syslog.conf c. maillog d. log

b. syslog.conf

Which of the following types of files can provide useful information when you're examining an e-mail server? a. .emx files b. .slf files c. .log files d. .dbf files

c. .log files

In Microsoft Outlook, e-mails are typically stored in which of the following? a. .evolution file b. res1.log and res2.log files c. .pst and .ost files d. PU020102.db file

c. .pst and .ost files

To trace an IP address in an e-mail header, what type of lookup service can you use? a. Intelius Inc.'s AnyWho online directory b. Verizon's http://superpages.com c. A domain lookup service, such as www.arin.net, www.internic.com, or www.whois.net d. None of the above

c. A domain lookup service, such as www.arin.net, www.internic.com, or www.whois.net

Logging options on e-mail servers can be which of the following? a. disabled by users b. set up in a circular logging configuration c. Configured to a specified size before being overwritten d. Both b and c

c. Configured to a specified size before being overwritten

When confronted with an e-mail server that no longer contains a log with the date information you need for your investigation, and the client has deleted the e-mail, what should you do? a. Check the current database files for an existing copy of the e-mail. b. Search available log files for any forwarded messages. c. Restore the e-mail server from a backup. d. Do nothing because after the file has been deleted, it can no longer be recovered.

c. Restore the e-mail server from a backup.

What information is NOT in an e-mail header? a. domain name b. internet address c. blind copy (bcc) address d. all of the above

c. blind copy (bcc) address

Phishing does which of the following? a. uses DNS positioning b. uses DHCP c. lures users with false promises d. takes people to fake web sites

c. lures users with false promises

E-mail headers contain which of the following information? a. An ESMTP number or reference number b. The sender and receiver e-mail addresses c. The e-mail servers the message traveled through to reach its destination d. All of the above

d. All of the above

Which of the following is a current formatting standard for e-mail? a. HTML b. outlook c. SMTP d. MIME

d. MIME

What's the main piece of information you look for in an e-mail message you're investigating? a. Message number b. Sender or receiver's e-mail address c. Subject line content d. Originating e-mail domain or IP address

d. Originating e-mail domain or IP address

When searching a victim's computer for a crime committed with a specific e-mail, which of the following provides information for determining the e-mail's originator? a. e-mail header b. username and password c. firewall log d. both a and c

d. both a and c


Related study sets

Educational Psychology Final Exam Part 1

View Set

Slope-Intercept Form of a Line: Quiz

View Set

Ch.3.4 Helpdesk: Evaluating websites

View Set

Foundations for Teaching English Language Learners Ch. 6

View Set

Combo with "STUDY" and 27 others

View Set

Why did Europeans search for new trade routes

View Set