GAQM Certified Forensic Analyst CFA-001 CFA Exam Questions

Consistency in the investigative report is more important than the exact format in the report to eliminate uncertainty and confusion.

First response to an incident may involve three different groups of people, and each will have differing skills and need to carry out differing tasks based on the incident. Who is responsible for collecting, preserving, and packaging electronic evidence?

What is the first step that needs to be carried out to investigate wireless attacks?

The IIS log file format is a fixed (cannot be customized) ASCII text-based format. The IIS format includes basic items, such as client IP address, user name, date and time, service and instance, server name and IP address, request type, target of operation, etc. Identify the service status code from the following IIS log.

192.168.100.150, -, 03/6/11, 8:45:30, W3SVC2, SERVER, 172.15.10.30, 4210, 125, 3524, 100, 0, GET, /dollerlogo.gif,

Which of the following approaches checks and compares all the fields systematically and intentionally for positive and negative correlation with each other to determine the correlation across one or multiple fields?

During the seizure of digital evidence, the suspect can be allowed touch the computer system.

In an echo data hiding technique, the secret message is embedded into a __________as an echo.