McAfee Certified Cyber Intelligence Investigator CCII Exam Questions

Page: 1 / 14
Total 130 questions
Question 1

NSI may be defined as "the collection and analysis of information concerned with the relationship and homeostasis of the United States with foreign powers, organizations, and persons with regard to political and economic factors as well as the maintenance of the United States' sovereign principles."



Answer : A

National Security Intelligence (NSI) is a category of intelligence focusing on foreign and domestic threats, particularly those that may impact political stability, national economy, or defense strategies. It is critical for counterterrorism operations, diplomatic strategies, and geopolitical risk assessment.


Question 2

What is the best way to collect evidence from an online forum without alerting suspects?



Answer : A

Comprehensive and Detailed In-Depth

Covert evidence collection requires a low-profile approach to prevent alerting suspects.

Screenshots and web downloads preserve evidence without modifying website logs.

Avoid direct engagement (e.g., posting, commenting) to maintain anonymity.

Automation tools may violate Terms of Service and cause detection.

Investigators must use legally accepted methods and ensure the chain of custody for digital evidence.


Question 3

Which technique is used for profiling individuals during an investigation?



Answer : D

Investigatorsuse multiple techniquesto build profiles on suspects:

Social Media Analysis-- Reviewing posts, connections, and activities.

IP Tracking-- Identifying locations and internet usage patterns.

Facial Recognition-- Matching images to known identities in databases.

These techniques help incybercrime investigations, fraud detection, and counterterrorism. However, privacy laws govern theirethical and legal use.


Question 4

Those forced to travel and steal did so because they were too well known locally, but they normally returned to their local area in order to sell.



Answer : A

Many thieves and organized retail crime rings operateacross multiple jurisdictionsto avoid law enforcement detection. However, they often return to theirhome territory to sell goods, where they havetrusted contacts, fences, or buyers.


Question 5

When evidence of a threat is identified, the Intelligence Process must assess where the threat lies on a multivariate continuum of probability.



Answer : A

Threat assessment involves evaluating probability, severity, and impact using statistical models and intelligence analysis techniques. This ensures effective risk mitigation.


Question 6

Which of the following is the most effective method for verifying a suspect's online identity?



Answer : A

Comprehensive and Detailed In-Depth

Verifying an online identity requires cross-referencing multiple sources to establish consistency in:

Username patterns across different platforms.

Profile photos and metadata analysis.

Publicly available records and connections.

Using a single source or unverified third-party data can lead to false positives, making multiple-source verification a key practice in cyber investigations.


Question 7

Which one of the following methods best reflects how thieves stash their stolen goods?



Answer : B

Thieves commonly useback alleys, abandoned buildings, or hidden storage locationsto stash stolen goods temporarily before transport.Reasons include:

Avoiding immediate detectionafter committing theft.

Waiting for an opportunity to move goods to buyerswithout being tracked.

Using intermediaries to pick up and distribute goodsfrom hidden locations.


Page:    1 / 14   
Total 130 questions