- (Topic 2)
During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled. Where could the investigator search to find the message tracking log file on the Exchange server?
Correct Answer:
A
- (Topic 3)
Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?
Correct Answer:
A
- (Topic 2)
To preserve digital evidence, an investigator should _____
Correct Answer:
C
- (Topic 3)
What file structure database would you expect to find on floppy disks?
Correct Answer:
D
NTFS is not designed for removable media, although used on some removable media that is very large, never for floppy disks.
FAT32 has a minimum space requirement which is larger than floppy disks FAT16 would seem like a logical choice, but is not usually used on floppies FAT12 would be on floppy disks, and probably not seen on anything else. Since floppy disk media is small in size (less than 2 MB), a FAT12 file system has lower overhead and is more efficient.
- (Topic 1)
Which of the following would you consider an aspect of organizational security, especially focusing on IT security?
Correct Answer:
C
