McAfee Certified Cyber Intelligence Investigator CCII Exam Practice Test

Page: 1 / 14
Total 130 questions
Question 1

State and local law enforcement have held the primary responsibility for investigating and prosecuting organized retail crime.



Answer : A

State and local law enforcement agencies play aprimary rolein investigatingorganized retail crime (ORC)due to their jurisdiction overshoplifting rings, return fraud, and theft operations. Federal agencies assist when cases involvemulti-stateorcross-bordercrimes.


McAfee Institute Financial Crimes Guide

Organized Crime Investigative Framework

FBI & DHS Crime Reports

Question 2

You can often pull metadata from images on social media sites.



Answer : A

EXIF metadata embedded inimagescan revealtimestamps, GPS coordinates, and device information. Tools likeExifTool, FOCA, and OSINT Combine Metadata Extractorassist in analyzing this data.


McAfee Institute Image Forensics Guide

Federal Image Metadata Examination Manual

OSINT Advanced Digital Tracing

Question 3

What is informal discovery?



Answer : A

Informal discoveryrefers to gatheringopen-source intelligence (OSINT)or public recordswithout requiring legal proceduressuch as subpoenas or court orders. Examples include:

Searching public databases(e.g., business registrations, real estate records).

Analyzing social media profilesand publicly shared content.

Reviewing publicly available court records and news archives.

Investigators use informal discovery before proceeding toformal legal requests for restricted information.


Question 4

It is often better to use a screen recording software (e.g., Camtasia) instead of taking screenshots.



Answer : A

Screen recording software providescontinuous,timestamped, andunalteredrecordings of user interactions, ensuring the evidence retains context and authenticity. Screenshots can be edited or manipulated, reducing credibility in legal proceedings.


McAfee Institute Cyber Intelligence Training

OSINT Capture and Evidence Management Guides

Federal Rules of Digital Evidence

Question 5

Prevention involves gaining or developing information related to threats of crime or terrorism and using it to apprehend offenders, harden targets, and use strategies that will eliminate or mitigate the threats.



Answer : A

Prevention is acore function of intelligence and law enforcement operations. It involves:

Collecting intelligence on potential threatsbefore they materialize.

Identifying criminal or terrorist activitiesthrough surveillance and OSINT.

Hardened security measuresfor potential targets (e.g., increasing cybersecurity, bordersecurity).

Taking legal actionagainst identified offenders (e.g., arrests, asset seizures).Byusing proactive intelligence gathering, agencies candisrupt crime networks, prevent terrorist attacks, and reduce financial fraud.


Question 6

What is a proxy server?



Answer : A

Aproxy serveris a network intermediary that reroutes internet traffic, masking a user'strue IP address. This technique is widely used incyber intelligence, OSINT investigations, andanonymity-based operationsto enhance privacy and bypass geographical restrictions.


McAfee Institute Cyber Intelligence Investigator Training

Cybersecurity & Proxy Anonymity Reports

Ethical Hacking Guides

Question 7

When searching online for a common name, you might want to try:



Answer : B

Includinggeographic informationin searches helps narrow results, particularly for common names. Tools likePipl, Spokeo, and OSINT Frameworkenhance search precision when combined with location-based filtering.


McAfee Institute OSINT Framework

Google Advanced Search Techniques

Digital Investigative Methods

Page:    1 / 14   
Total 130 questions