GAQM CFA-001 CFA Exam Questions Instant Access

Question 1

Recovery of the deleted partition is the process by which the investigator evaluates and extracts the deleted partitions.

ATrue

BFalse

Answer : A

Question 2

Which of the following is not a part of disk imaging tool requirements?

AThe tool should not change the original content

BThe tool should log I/O errors in an accessible and readable form, including the type and location of the error

CThe tool must have the ability to be held up to scientific and peer review

DThe tool should not compute a hash value for the complete bit stream copy generated from an image file of the source

Answer : D

Question 3

Which one of the following is not a consideration in a forensic readiness planning checklist?

ADefine the business states that need digital evidence

BIdentify the potential evidence available

CDecide the procedure for securely collecting the evidence that meets the requirement fn a forensically sound manner

DTake permission from all employees of the organization

Answer : D

Question 4

A mobile operating system manages communication between the mobile device and other compatible devices like computers, televisions, or printers.

Which mobile operating system architecture is represented here?

AwebOS System Architecture

BSymbian OS Architecture

CAndroid OS Architecture

DWindows Phone 7 Architecture

Answer : C

Question 5

You have been given the task to investigate web attacks on a Windows-based server.

Which of the following commands will you use to look at which sessions the machine has opened with other systems?

ANet sessions

BNet use

CNet config

DNet share

Answer : B

Question 6

The Recycle Bin is located on the Windows desktop. When you delete an item from the hard disk, Windows sends that deleted item to the Recycle Bin and the icon changes to full from empty, but items deleted from removable media, such as a floppy disk or network drive, are not stored in the Recycle Bin.

What is the size limit for Recycle Bin in Vista and later versions of the Windows?

ANo size limit

BMaximum of 3.99 GB

CMaximum of 4.99 GB

DMaximum of 5.99 GB

Answer : A

Question 7

Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media

ATrue

BFalse

Answer : A

GAQM Certified Forensic Analyst CFA-001 CFA Exam Questions