312-49v9 Free Practice Test

- (Topic 2)
An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and digital video discs (DVDs) by using a large magnet. You inform him that this method will not be effective in wiping out the data because CDs and DVDs are ____ media used to store large amounts of data and are not affected by the magnet.

1. A. Magnetic
2. B. Optical
3. C. Anti-Magnetic
4. D. Logical

Correct Answer: B

- (Topic 3)
Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM file on a computer. Where should Harold navigate on the computer to find the file?

1. A. %systemroot%\LSA
2. B. %systemroot%\system32\drivers\etc
3. C. %systemroot%\repair
4. D. %systemroot%\system32\LSA

Correct Answer: C

- (Topic 3)
When using Windows acquisitions tools to acquire digital evidence, it is important to use a well-tested hardware write- blocking device to ___

1. A. Automate collection from image files
2. B. Avoiding copying data from the boot partition
3. C. Acquire data from the host-protected area on a disk
4. D. Prevent contamination to the evidence drive

Correct Answer: D

- (Topic 1)
Centralized logging is defined as gathering the computer system logs for a group of systems in a centralized location. It is used to efficiently monitor computer system logs with the frequency required to detect security violations and unusual activity.

1. A. True
2. B. False

Correct Answer: A

- (Topic 1)
An expert witness is a witness, who by virtue of education, profession, or experience, is believed to have special knowledge of his/her subject beyond that of the average person, sufficient that others legally depend upon his/her opinion.

1. A. True
2. B. False

Correct Answer: A