NO.65 NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which of the following is not a part of DDF?

NO.66 You have used a newly released forensic investigation tool, which doesn’t meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make to weaken your case?

NO.67 You are contracted to work as a computer forensics investigator for a regional bank that has four 30 TB storage area networks that store customer data.
What method would be most efficient for you to acquire digital evidence from this network?

NO.68 What does ICMP Type 3/Code 13 mean?

NO.69 Which of the following web browser uses the Extensible Storage Engine (ESE) database format to store browsing records, including history, cache, and cookies?

NO.70 While collecting Active Transaction Logs using SQL Server Management Studio, the query Select * from ::fn_dblog(NULL, NULL) displays the active portion of the transaction log file. Here, assigning NULL values implies?

NO.71 You should make at least how many bit-stream copies of a suspect drive?

NO.72 Which command can provide the investigators with details of all the loaded modules on a Linux-based system?

NO.73 An investigator wants to extract passwords from SAM and System Files. Which tool can the Investigator use to obtain a list of users, passwords, and their hashes In this case?

NO.74 How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?

NO.75 An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?

NO.76 Which OWASP loT vulnerability talks about security flaws such as lack of firmware validation, lack of secure delivery, and lack of anti-rollback mechanisms on loT devices?

NO.77 Which of the following statements is TRUE about SQL Server error logs?

NO.78 Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri’s duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company’s switches with ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?

NO.79 During an Investigation. Noel found a SIM card from the suspect’s mobile. The ICCID on the card is
8944245252001451548.
What does the first four digits (89 and 44) In the ICCID represent?