Digital Forensics

Digital Forensics Quiz crafted by -

Deep Shankar Yadav

Principal Consultant  

eSec Forte Technologies


Introduction to Digital Forensics

The “application of computer science and investigative techniques for a legal purpose involving the analysis of digital evidence” is defined as Digital Forensics. In a broader sense, it involves the use of specialised tools and procedures to investigate many types of computer-related crimes, such as fraud, unlawful use such as child pornography and various types of computer breaches. Some experts may also define the field as the application of scientifically derived and proven methods to the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital sources with the goal of facilitating or furthering the reconstruction of criminal events, or assisting in the prediction of unauthorised actions shown to be criminal.


Let’s look at the questions and their answers:


Que 1.Which of the following techniques is used to check and ensure the authenticity and integrity of the digital evidence?

a) Imaging

b) Hashing

c) Carving

d) Copying 

Answer- b) Hashing


Que 2. Which of the following is the best practice to preserve the exact state of the evidence?

a) File system Imaging

b) Copying all data

c) Logical Imaging

d) Physical Imaging

 Answer- d) Physical Imaging


Que 3. Which of the following tools is used to perform memory Forensics?

a) Wireshark

b) Volatility

c) Event viewer

d) Aircrack 

Answer-  b) Volatility


Que 4. Which of the following is described as the Destructive method for data extraction in mobile forensics?

a) Chip off

b) Downgrade 

c) Physical Imaging

d) Retrying password again and again

Answer-  a) Chip off


Que 5.Which of the following tool can be used to capture and analyze the network traffic? 

a) Snort 

b) Wireshark 

c) Tcpdump 

d) All of the above

Answer- d) All of the above


Que 6. In Windows OS, which file contains information about user credentials?

a) Server

b) SAM

c) Program files

d) Users

Answer- b) SAM


Que 7. Which of the following is not a method for malware analysis?

a) Static Analysis

b) Dynamic Analysis

c) Signature Comparison

d) Carving

Answer-  d) Carving


Que 8. The technique of Hiding data inside another file is called?

a) Rootkits

b) Stenography

c) Image Rendering

d) Bitmapping 

Answer- b) Stenography


Que 9. Which of the following tool is used for mobile forensics investigation?

a) UFED

b) Volatility

c) Hex Editor

d) FTK Imager

Answer- a) UFED


Que 10. In which type of the attack a very large number of specially crafted network packets are sent to a server?

a) Virus

b) DOS

c) Rootkit

d) Malware

Answer- b) DOS


Que 11. Which of the following application is an open source tool to analyse the disk images?

a) Encase

b) FTK toolkit

c) Autopsy

d) X-Ways

Answer- c) Autopsy


Que 12. Which of the following is the best way to ensure that data is deleted completely?

a) Deleting

b) Shift + Delete

c) Formatting

d) Low Level Formatting

Answer- d) Low Level Formatting


Que 13. The starting few bytes in a file which are used to identify a file format are known as?

a) File Size

b) File Name

c) File Signature

d) Date/Time

Answer- c) File Signature


Que 14. While collecting evidences which type of data should be collected first?

a) Volatile data 

b) Non-Volatile data

c) Sample of infected files

d) Sample of malware doing all activity

Answer- a) Volatile Data


Que 15. Bitcoin is based on which technology?

a) Artificial Intelligence

b) Machine Learning

c) Blockchain

d) Cloud Computing

Answer- c) Blockchain


Share on