IISFA II0-001 CIFI Exam Practice Test Instant Access

Question 1

Challenges to the authenticity of computer records often take on one of three forms. Please select the statement that best describes one of the three challenges.

AParties may question the accountability of computer-generated records by challenging the authenticity of the computer program that generated the records.

BParties may challenge the authenticity of computer-stored records by questioning the authority of their author.

CParties may challenge the authenticity of both computer-generated and computerstored records by questioning whether the records were altered, manipulated, or damaged after they were created.

DParties may challenge the authenticity of both computer-generated and computerstored records by questioning whether the records were altered, manipulated, or damaged before they were created.

Answer : C

Question 2

When auditing log files for system discrepancies, why is NTP important?

ATo ensure that news protocols are not dumping into the log files

BTo ensure time synchronization on logs

CTo prevent future attacks of the same signature

DIt does not matter.

Answer : B

Question 3

The MBR typically starts at sector:

A009FF00

B0090FEA

D09G94:99

Answer : C

Question 4

What method can be used to detect the use of rogue servers providing services such as illegal software distribution, music files, pornography in an environment?

AA network protocol sniffer/analyzer

BKeymapping on all workstations in the environment

CPort 4090 listening

DPort 4099 listening

Answer : A

Question 5

An external audit of your systems provides:

AUninterested 3rd party review

BSeparation of duties

CDue diligence

DAll of the above

Answer : D

Question 6

Which is true regarding tracing Secure Socket Layer (SSL) and Transport Layer Security (TLS) connections?

ATLS is more difficult to trace due to the encryption of the message source routing

BThe connection source and destination can be traced in both cases because the message
header is unencrypted.

CThe connection recipient can be traced in both cases, but the source cannot.

DAn SSL connection can be traced, even with encrypted content, where the TLS connection
can not be traced due to header encryption.

Answer : B

Question 7

Which of the following is a challenge for performing a Trace back?

ADynamic IP Addresses

BSpoofing

CServer Hopping

DAll of the above

Answer : D

IISFA Certified Information Forensics Investigator II0-001 CIFI Exam Practice Test