GAQM CFA-001 CFA Exam Practice Test Instant Access

Question 1

Digital evidence validation involves using a hashing algorithm utility to create a binary or hexadecimal number that represents the uniqueness of a data set, such as a disk drive or file.

Which of the following hash algorithms produces a message digest that is 128 bits long?

ACRC-32

BMD5

CSHA-1

DSHA-512

Answer : B

Question 2

What document does the screenshot represent?

AChain of custody form

BSearch warrant form

CEvidence collection form

DExpert witness form

Answer : A

Question 3

A forensic investigator is a person who handles the complete Investigation process, that is, the preservation, identification, extraction, and documentation of the evidence. The investigator has many roles and responsibilities relating to the cybercrime analysis. The role of the forensic investigator is to:

ATake permission from all employees of the organization for investigation

BHarden organization network security

CCreate an image backup of the original evidence without tampering with potential evidence

DKeep the evidence a highly confidential and hide the evidence from law enforcement agencies

Answer : C

Question 4

Which of the following is not a part of disk imaging tool requirements?

AThe tool should not change the original content

BThe tool should log I/O errors in an accessible and readable form, including the type and location of the error

CThe tool must have the ability to be held up to scientific and peer review

DThe tool should not compute a hash value for the complete bit stream copy generated from an image file of the source

Answer : D

Question 5

What is the first step that needs to be carried out to crack the password?

AA word list is created using a dictionary generator program or dictionaries

BThe list of dictionary words is hashed or encrypted

CThe hashed wordlist is compared against the target hashed password, generally one word at a time

DIf it matches, that password has been cracked and the password cracker displays the unencrypted version of the password

Answer : A

Question 6

What is the first step that needs to be carried out to investigate wireless attacks?

AObtain a search warrant

BIdentify wireless devices at crime scene

CDocument the scene and maintain a chain of custody

DDetect the wireless connections

Answer : A

Question 7

All the Information about the user activity on the network, like details about login and logoff attempts, is collected in the security log of the computer. When a user's login is successful, successful audits generate an entry whereas unsuccessful audits generate an entry for failed login attempts in the logon event ID table.

In the logon event ID table, which event ID entry (number) represents a successful logging on to a computer?

A528

B529

C530

D531

Answer : A

GAQM CFA-001 Certified Forensic Analyst CFA Exam Practice Test