212-89 Free Practice Test

What command does a Digital Forensic Examiner use to display the list of all IP addresses and their associated MAC addresses on a victim computer to identify the machines that were communicating with it:

1. A. “arp” command
2. B. “netstat –an” command
3. C. “dd” command
4. D. “ifconfig” command

Correct Answer: A

According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a person’s “reasonable” or “legitimate” expectation of privacy then it is considered:

1. A. Constitutional/ Legitimate
2. B. Illegal/ illegitimate
3. C. Unethical
4. D. None of the above

Correct Answer: A

Which of the following incident recovery testing methods works by creating a mock disaster, like fire to identify the reaction of the procedures that are implemented to handle such situations?

1. A. Scenario testing
2. B. Facility testing
3. C. Live walk-through testing
4. D. Procedure testing

Correct Answer: D

Which is the incorrect statement about Anti-keyloggers scanners:

1. A. Detect already installed Keyloggers in victim machines
2. B. Run in stealthy mode to record victims online activity
3. C. Software tools

Correct Answer: B