MCQOPTIONS
Saved Bookmarks
MCQOPTIONS
This section includes 379 Mcqs, each offering curated multiple-choice questions to sharpen your Computer Science Engineering (CSE) knowledge and support exam preparation. Choose a topic below to get started.
| 101. |
Absence of evidence refutes an alibi. |
| A. | true |
| B. | false |
| Answer» C. | |
| 102. |
In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should: |
| A. | state that the alibi is considered unproven |
| B. | search the internet for any pertinent information |
| C. | recreate the events surrounding the alibi |
| D. | contact other investigators and average their opinions |
| Answer» D. contact other investigators and average their opinions | |
| 103. |
To demonstrate that someone is lying about an alibi, it is necessary to: |
| A. | find evidence that clearly demonstrates the lie |
| B. | require the suspect to submit to a polygraph |
| C. | interrogate the suspect using a number of methods |
| D. | show that no evidence confirming the alibi is available |
| Answer» B. require the suspect to submit to a polygraph | |
| 104. |
Types of digital evidence that might corroborate an alibi include: |
| A. | evidence of computer usage when the offense was supposed to occurred |
| B. | computer records from credit cards, the telephone company, or subway ticket usage |
| C. | gps information from mobile devices indicating the user’s location and time |
| D. | all of the above |
| Answer» E. | |
| 105. |
It is quite difficult to fabricate an alibi on a network successfully because: |
| A. | an offender may not have the proper access. |
| B. | an offender would need system administrator access level to make the necessary changes. |
| C. | an individual rarely has the ability to falsify digital evidence on all the computers that are involved. |
| D. | creating an alibi on a network could take months of work. |
| Answer» D. creating an alibi on a network could take months of work. | |
| 106. |
Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______. |
| A. | cybertrail |
| B. | piece of physical evidence |
| C. | statement |
| D. | none of the above |
| Answer» B. piece of physical evidence | |
| 107. |
Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction? |
| A. | functional |
| B. | intentional |
| C. | relational |
| D. | temporal |
| Answer» E. | |
| 108. |
The type of report that is a preliminary summary of findings is known as: |
| A. | sitrep |
| B. | threshold assessment report |
| C. | full investigative report |
| D. | field notes |
| Answer» C. full investigative report | |
| 109. |
In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim. |
| A. | 24-hour |
| B. | 28-hour |
| C. | 60-minute |
| D. | 15-minute |
| Answer» B. 28-hour | |
| 110. |
Investigative reconstruction is composed of three different forms. Which of the following is NOT one of those three forms? |
| A. | functional |
| B. | intentional |
| C. | relational |
| D. | temporal |
| Answer» C. relational | |
| 111. |
A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection. |
| A. | vnp |
| B. | vpn |
| C. | vsn |
| D. | vspn |
| Answer» C. vsn | |
| 112. |
The crime scene preservation process includes all but which of the following: |
| A. | protecting against unauthorized alterations |
| B. | acquiring digital evidence |
| C. | confirming system date and time |
| D. | controlling access to the crime scene |
| Answer» D. controlling access to the crime scene | |
| 113. |
The process model whose goal is to completely describe the flow of information in a digital investigation is known as: |
| A. | the physical model |
| B. | the staircase model |
| C. | the evidence flow model |
| D. | the subphase model |
| Answer» D. the subphase model | |
| 114. |
The first step in applying the scientific method to a digital investigation is to: |
| A. | form a theory on what may have occurred |
| B. | experiment or test the available evidence to confirm or refute your prediction |
| C. | make one or more observations based on events that occurred |
| D. | form a conclusion based on the results of your findings |
| Answer» D. form a conclusion based on the results of your findings | |
| 115. |
Forensic analysis involves the following: |
| A. | assessment, experimentation, fusion, correlation, and validation |
| B. | seizure and preservation |
| C. | recovery, harvesting, filtering, organization, and search |
| D. | all of the above |
| Answer» B. seizure and preservation | |
| 116. |
An investigation can be hindered by the following: |
| A. | preconceived theories |
| B. | improperly handled evidence |
| C. | offender concealment behavior |
| D. | all of the above |
| Answer» E. | |
| 117. |
The fact that with modern technology, a photocopy of a document has become acceptable in place of the original is known as: |
| A. | best evidence rule |
| B. | due diligence |
| C. | quid pro quo |
| D. | voir dire |
| Answer» B. due diligence | |
| 118. |
When assessing the reliability of digital evidence, the investigator is concerned with whether the computer that generated the evidence was functioning normally, and: |
| A. | whether chain of custody was maintained |
| B. | whether there are indications that the actual digital evidence was tampered with |
| C. | whether the evidence was properly secured in transit |
| D. | whether the evidence media was compatible with forensic machines |
| Answer» C. whether the evidence was properly secured in transit | |
| 119. |
The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as: |
| A. | chain of custody |
| B. | field notes |
| C. | interim report |
| D. | none of the above |
| Answer» B. field notes | |
| 120. |
The following specializations exist in digital investigations: |
| A. | first responder (a.k.a. digital crime scene technician) |
| B. | forensic examiner |
| C. | digital investigator |
| D. | all of the above |
| Answer» E. | |
| 121. |
Computers can play the following roles in a crime: |
| A. | target, object, and subject |
| B. | evidence, instrumentality, contraband, or fruit of crime |
| C. | object, evidence, and tool |
| D. | symbol, instrumentality, and source of evidence |
| Answer» C. object, evidence, and tool | |
| 122. |
A digital Signature is |
| A. | a bit string giving identity of a correspondent |
| B. | a unique identification of a sender |
| C. | an authentication of an electronic record by trying it uniquely to a key only a sender knows |
| D. | an encrypted signature of sender |
| Answer» D. an encrypted signature of sender | |
| 123. |
Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology. |
| A. | criminal investigation |
| B. | prosecution |
| C. | defense work |
| D. | all of the above |
| Answer» E. | |
| 124. |
Cybertrails are advantageous because: |
| A. | they are not connected to the physical world. |
| B. | nobody can be harmed by crime on the internet. |
| C. | they are easy to follow. |
| D. | offenders who are unaware of them leave behind more clues than they otherwise would have. |
| Answer» E. | |
| 125. |
In terms of digital evidence, the Internet is an example of: |
| A. | open computer systems |
| B. | communication systems |
| C. | embedded computer systems |
| D. | none of the above |
| Answer» C. embedded computer systems | |
| 126. |
What are the three general categories of computer systems that can contain digital evidence? |
| A. | desktop, laptop, server |
| B. | personal computer, internet, mobile telephone |
| C. | hardware, software, networks |
| D. | open computer systems, communication systems, embedded systems |
| Answer» E. | |
| 127. |
A valid definition of digital evidence is: |
| A. | none of the below |
| B. | data stored or transmitted using a computer |
| C. | digital data of probative value |
| D. | any digital evidence on a computer |
| Answer» D. any digital evidence on a computer | |
| 128. |
How does machine learning benefit IDSes/IPSes? |
| A. | by lowering the volume of attacks analyzed |
| B. | by adding heuristic anomaly detection capabilities |
| C. | by searching for similar patterns to known attacks |
| D. | by helping identify signatures more quickly |
| Answer» D. by helping identify signatures more quickly | |
| 129. |
The features of traditional IPSes are found in all of these modern systems, except: |
| A. | next-generation firewalls |
| B. | antimalware |
| C. | unified threat management appliances |
| D. | network behavior analysis systems |
| Answer» C. unified threat management appliances | |
| 130. |
A false positive can be defined as: |
| A. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior |
| B. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to truly be nefarious activity |
| C. | the lack of an alert for nefarious activity |
| D. | all of the above |
| Answer» B. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to truly be nefarious activity | |
| 131. |
Which is true of a signature-based IDS? |
| A. | it cannot work with an ips |
| B. | it only identifies on known signatures |
| C. | it detects never-before-seen anomalies |
| D. | it works best in large enterprises. |
| Answer» C. it detects never-before-seen anomalies | |
| 132. |
What port does Telnet use? |
| A. | 22 |
| B. | 80 |
| C. | 20 |
| D. | 23 |
| Answer» E. | |
| 133. |
A full domain name is sequence of lables seperated by____ |
| A. | semicolons |
| B. | dots |
| C. | colons |
| D. | none |
| Answer» C. colons | |
| 134. |
The root of DNS tree is____ |
| A. | a string of characters |
| B. | a string of 63 characters |
| C. | an empty string |
| D. | none |
| Answer» D. none | |
| 135. |
In the DNS the names are defined in _____ sturucture |
| A. | a linear list |
| B. | an invertred tree |
| C. | a graph |
| D. | none |
| Answer» C. a graph | |
| 136. |
DNS can use services of________using the well known port 53 |
| A. | udp |
| B. | tcp |
| C. | either (a) or (b) |
| D. | none of the above |
| Answer» D. none of the above | |
| 137. |
The _____domains define registered hosts according to their generic behaviour. |
| A. | generic |
| B. | country |
| C. | inverse |
| D. | none |
| Answer» B. country | |
| 138. |
The domain name space (tree) is devided into---------different sections |
| A. | 3 |
| B. | 2 |
| C. | 4 |
| D. | none |
| Answer» B. 2 | |
| 139. |
Why would HTTP Tunneling be used? |
| A. | to identify proxy servers |
| B. | web activity is not scanned |
| C. | to bypass a firewall |
| D. | http is a easy protocol to work with |
| Answer» D. http is a easy protocol to work with | |
| 140. |
What is the most important activity in system hacking? |
| A. | information gathering |
| B. | cracking passwords |
| C. | escalating privileges |
| D. | covering tracks |
| Answer» C. escalating privileges | |
| 141. |
SSL stands for? |
| A. | secured socket layer |
| B. | secured shell layer |
| C. | system socket layer |
| D. | system secured layer |
| Answer» B. secured shell layer | |
| 142. |
What is Firewall? |
| A. | firewalls are network based security measures that control the flow of incoming and outgoing traffic |
| B. | firewall is a program that encrypts all programs that access the internet |
| C. | a firewall is a program that keeps other programs from using the internet |
| D. | firewall are the interrupts that automatically disconnect from the internet when a threat appears. |
| Answer» B. firewall is a program that encrypts all programs that access the internet | |
| 143. |
An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL |
| A. | 40; 80 |
| B. | 60; 620 |
| C. | 80; 443 |
| D. | 620; 80 |
| Answer» D. 620; 80 | |
| 144. |
Which component is included in IP security? |
| A. | authentication header (ah) |
| B. | encapsulating security payload (esp) |
| C. | internet key exchange (ike) |
| D. | all of the mentioned |
| Answer» E. | |
| 145. |
IPSec is designed to provide security at the _________ |
| A. | transport layer |
| B. | network layer |
| C. | application layer |
| D. | session layer |
| Answer» C. application layer | |
| 146. |
Why would a hacker use a proxy server? |
| A. | to create a stronger connection with the target. |
| B. | to create a ghost server on the network. |
| C. | to obtain a remote access connection |
| D. | to hide malicious activity on the network. |
| Answer» E. | |
| 147. |
Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text. |
| A. | cross-site scripting |
| B. | sql injection |
| C. | packet sniffing |
| D. | a and b |
| Answer» E. | |
| 148. |
Section 79 of the Indian IT Act declares that any 3rd party information or personal data leakage in corporate firms or organizations will be a punishable offense. |
| A. | true |
| B. | false |
| Answer» B. false | |
| 149. |
Using spy cameras in malls and shops to capture private parts of any person comes under section 67 of IT Act, 2008 and is punished with a fine of Rs. 5 Lacs. |
| A. | true |
| B. | false |
| Answer» B. false | |
| 150. |
Stealing of digital files comes under __________ of the Indian IT Act. |
| A. | section 66-a |
| B. | section 66-b |
| C. | section 66-c |
| D. | section 66-d |
| Answer» D. section 66-d | |