Get personalized study reminders at intervals optimized for better retention. Track your progress on this set by creating a folder Or add to an existing folder false true The advantage of recording hash values is that you can determine whether data has changed. t/ftrue In private sector cases, like criminal and civil cases, the scope is always defined by a search warrant. t/ffalse Advanced hexadecimal editors offer many features not available in digital forensics tools, such as hashing specific files or sectors. t/ftrue What format below is used for VMware images? a. .vhd b. .vmdk c. .s01 d. .affb In which file system can you hide data by placing sensitive or incriminating data in free or slack space on disk partition clusters? a. NTFS b. FAT c. HFSX d. Ext3fsb Which password recovery method uses every possible letter, number, and character found on a keyboard? a. rainbow table b. dictionary attack c. hybrid attack d. brute-force attackd The goal of recovering as much information as possible can result in ________________, in which an investigation expands beyond the original description because of unexpected evidence found. a. litigation b. scope creep c. criminal charges d. violationsb Which of the following file systems can't be analyzed by OSForensics? a. FAT12 b. Ext2fs c. HFS+ d. XFSd In Windows, the ______________ command can be used to both hide and reveal partitions within Explorer. a. format b. fdisk c. grub d. diskpartd Select the tool below that does not use dictionary attacks or brute force attacks to crack passwords: a. Last Bit b. AccessData PRTK c. OSForensics d. Passwarec Within Windows Vista and later, partition gaps are _____________ bytes in length. a. 64 b. 128 c. 256 d. 512b Which option below is not a disk management tool? a. Partition Magic b. Partition Master c. GRUB d. HexEditd Typically, anti-virus tools run hashes on potential malware files, but some advanced malware uses ________________ as a way to hide its malicious code from antivirus tools. a. hashing b. bit-shifting c. registry edits d. slack spaceb A user with programming experience may use an assembler program (also called a __________ ) on a file to scramble bits, in order to secure the information contained inside. a. compiler b. shifter c. macro d. scriptc What letter should be typed into DiskEdit in order to mark a good sector as bad? a. M b. B c. T d. Db Many commercial encryption programs use a technology called _____________, which is designed to recover encrypted data if users forget their passphrases or if the user key is corrupted after a system failure. a. key vault b. key escrow c. bump key d. master keyb What technique is designed to reduce or eliminate the possibility of a rainbow table being used to discover passwords? a. salted passwords b. scrambled passwords c. indexed passwords d. master passwordsa When performing a static acquisition, what should be done after the hardware on a suspect's computer has been inventoried and documented? a. Inventory and documentation information should be stored on a drive and then the drive should be reformatted. b. Start the suspect's computer and begin collecting evidence. c. The hard drive should be removed, if practical, and the system's date and time values should be recorded from the system's CMOS. d. Connect the suspect's computer to the local network so that up to date forensics utilities can be utilized.c In order to aid a forensics investigation, a hardware or software ______________ can be utilized to capture keystrokes remotely. a. keygrabber b. keylogger c. packet capture d. protocol analyzerb The AccessData program has a hashing database, ________________, which is available only with FTK, and can be used to filter known program files from view and contains the hash values of known illegal files. a. DeepScan Filter b. Unknown File Filter (UFF) c. Known File Filter (KFF) d. FTK Hash Imagerc The term for detecting and analyzing steganography files is _________________. a. carving b. steganology c. steganalysis d. steganomicsc A ____________ image file containing software is intended to be bit-stream copied to floppy disks or other external media. a. fdisk b. format c. dd d. DiskEditc The _______________________ maintains a national database of updated file hash values for a variety of OSs, applications, and images, but does not list hash values of known illegal files. a. Open Hash Database b. HashKeeper Online c. National Hashed Software Referenced. d. National Software Reference Libraryd Please allow access to your computer’s microphone to use Voice Recording. We can’t access your microphone!Click the icon above to update your browser permissions above and try againExample: Reload the page to try again!Reload Press Cmd-0 to reset your zoomPress Ctrl-0 to reset your zoomIt looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.Please upgrade Flash or install Chrometo use Voice Recording.For more help, see our troubleshooting page. Your microphone is mutedFor help fixing this issue, see this FAQ.Which password attacks use every possible letter number and character found on a keyboard?Brute-force attacks are carried out by hackers who try to crack a password by simply trying out different combinations of characters in quick succession. The algorithm is very simple and is limited to trying out as many character combinations as possible, which is why it is also called "exhaustive search".
Which type of password recovery method uses every possible keyboard character combination until a match is found?In the brute force method of password attacking, the concept is to try every possible combination of characters until a password is found. It is the slowest method of attack, but given enough time and resources it will discover any password.
What type of file contains the hash values for every possible password that can be generated from a computer's keyboard?rainbow table — A file containing the hash values for every possible password that can be generated from a computer's keyboard. salting passwords — Adding bits to a password before it's hashed so that a rainbow table can't find a matching hash value to decipher the password.
Which of the following forensic tools can be used to analyze the Windows registry and crack passwords?Registry Recon is a computer forensics tool used to extract, recover, and analyze registry data from Windows OS.
|