Digital Forensics
Digital Forensics Quiz crafted by -
Deep Shankar Yadav
Principal Consultant
eSec Forte Technologies
Introduction to Digital Forensics
The “application of computer science and investigative techniques for a legal purpose involving the analysis of digital evidence” is defined as Digital Forensics. In a broader sense, it involves the use of specialised tools and procedures to investigate many types of computer-related crimes, such as fraud, unlawful use such as child pornography and various types of computer breaches. Some experts may also define the field as the application of scientifically derived and proven methods to the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital sources with the goal of facilitating or furthering the reconstruction of criminal events, or assisting in the prediction of unauthorised actions shown to be criminal.
Let’s look at the questions and their answers:
Que 1.Which of the following techniques is used to check and ensure the authenticity and integrity of the digital evidence?
a) Imaging
b) Hashing
c) Carving
d) Copying
Answer- b) Hashing
Que 2. Which of the following is the best practice to preserve the exact state of the evidence?
a) File system Imaging
b) Copying all data
c) Logical Imaging
d) Physical Imaging
Answer- d) Physical Imaging
Que 3. Which of the following tools is used to perform memory Forensics?
a) Wireshark
b) Volatility
c) Event viewer
d) Aircrack
Answer- b) Volatility
Que 4. Which of the following is described as the Destructive method for data extraction in mobile forensics?
a) Chip off
b) Downgrade
c) Physical Imaging
d) Retrying password again and again
Answer- a) Chip off
Que 5.Which of the following tool can be used to capture and analyze the network traffic?
a) Snort
b) Wireshark
c) Tcpdump
d) All of the above
Answer- d) All of the above
Que 6. In Windows OS, which file contains information about user credentials?
a) Server
b) SAM
c) Program files
d) Users
Answer- b) SAM
Que 7. Which of the following is not a method for malware analysis?
a) Static Analysis
b) Dynamic Analysis
c) Signature Comparison
d) Carving
Answer- d) Carving
Que 8. The technique of Hiding data inside another file is called?
a) Rootkits
b) Stenography
c) Image Rendering
d) Bitmapping
Answer- b) Stenography
Que 9. Which of the following tool is used for mobile forensics investigation?
a) UFED
b) Volatility
c) Hex Editor
d) FTK Imager
Answer- a) UFED
Que 10. In which type of the attack a very large number of specially crafted network packets are sent to a server?
a) Virus
b) DOS
c) Rootkit
d) Malware
Answer- b) DOS
Que 11. Which of the following application is an open source tool to analyse the disk images?
a) Encase
b) FTK toolkit
c) Autopsy
d) X-Ways
Answer- c) Autopsy
Que 12. Which of the following is the best way to ensure that data is deleted completely?
a) Deleting
b) Shift + Delete
c) Formatting
d) Low Level Formatting
Answer- d) Low Level Formatting
Que 13. The starting few bytes in a file which are used to identify a file format are known as?
a) File Size
b) File Name
c) File Signature
d) Date/Time
Answer- c) File Signature
Que 14. While collecting evidences which type of data should be collected first?
a) Volatile data
b) Non-Volatile data
c) Sample of infected files
d) Sample of malware doing all activity
Answer- a) Volatile Data
Que 15. Bitcoin is based on which technology?
a) Artificial Intelligence
b) Machine Learning
c) Blockchain
d) Cloud Computing
Answer- c) Blockchain