On This Page

This set of Information Cyber Security (ICS) Multiple Choice Questions & Answers (MCQs) focuses on Information Cyber Security Set 3

Q1 | In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim.
  • 24-hour
  • 28-hour
  • 60-minute
  • 15-minute
Q2 | The type of report that is a preliminary summary of findings is known as:
  • sitrep
  • threshold assessment report
  • full investigative report
  • field notes
Q3 | Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction?
  • functional
  • intentional
  • relational
  • temporal
Q4 | Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______.
  • cybertrail
  • piece of physical evidence
  • statement
  • none of the above
Q5 | It is quite difficult to fabricate an alibi on a network successfully because:
  • an offender may not have the proper access.
  • an offender would need system administrator access level to make the necessary changes.
  • an individual rarely has the ability to falsify digital evidence on all the computers that are involved.
  • creating an alibi on a network could take months of work.
Q6 | Types of digital evidence that might corroborate an alibi include:
  • evidence of computer usage when the offense was supposed to occurred
  • computer records from credit cards, the telephone company, or subway ticket usage
  • gps information from mobile devices indicating the user’s location and time
  • all of the above
Q7 | To demonstrate that someone is lying about an alibi, it is necessary to:
  • find evidence that clearly demonstrates the lie
  • require the suspect to submit to a polygraph
  • interrogate the suspect using a number of methods
  • show that no evidence confirming the alibi is available
Q8 | In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should:
  • state that the alibi is considered unproven
  • search the internet for any pertinent information
  • recreate the events surrounding the alibi
  • contact other investigators and average their opinions
Q9 | Absence of evidence refutes an alibi.
  • TRUE
Q10 | An implication from studies indicating that many stalkers had prior acquaintance with their victims is that:
  • part of the blame can be assigned to the victim.
  • the offender is likely to be found in the same area as the victim
  • investigators should pay particular attention to acquaintances of the victim
  • investigators should always check the immediate family
Q11 | When a cyberstalking case is stalled, it is a good idea to interview the victim again, because:
  • the victim might have been withholding information during the first interview.
  • the information that investigators have gathered might help the victim recall additional details.
  • the time between the first and second interviews has given the victim time to seek counseling.
  • none of the above
Q12 | That part of cyberstalking where the offender is using the Internet to find a victim is known as:
  • profiling
  • trolling
  • surreptitious monitoring
  • none of the above.
Q13 | The _____________ documentation specifies who handled the evidence, when, where, and for what purpose.
  • evidence inventory
  • . chain of custody
  • evidence intake
  • preservation notes
Q14 | When you have developed a theory, what can you do to confirm that your hypothesis is correct?
  • predict, based on your hypothesis, where artifacts should be located
  • perform experiments to test results and rule out alternate explanations
  • conclude, based on your findings, whether the evidence supports the hypothesis
  • all of the above
Q15 | Of particular significance in the scientific method is the weight attached to finding evidence which supports a particular hypothesis
  • TRUE
Q16 | When reconstructing evidence surrounding a violent crime, it is generally helpful to:
  • lay out all the evidence so it can be viewed in its entirety
  • work with the crime scene technicians so that a better understanding of the crime is achieved
  • construct a timeline of events from digital evidence
  • begin the process of converting field notes to a final report
Q17 | Computers and mobile devices are treated as _________ crime scenes in violent crime investigations.
  • temporary
  • immediate
  • remote
  • secondary
Q18 | Given the scope and consequences of violent crimes, it is advisable to seek out and preserve all available digital evidence.
  • TRUE
Q19 | In the course of conducting forensic analysis, which of the following actions are carried out?
  • critical thinking
  • fusion
  • validation
  • all of the above
Q20 | Security Measures Needed to protect ________ during their transmission
  • file
  • data
  • packet
  • all of above
Q21 | __________ means knowledge obtained from investigation, study , intelligence new ,facts .
  • security
  • data
  • information
  • none of these
Q22 | Prevention of the unauthorised used of Resources refers too?
  • data integrity
  • data confidentiality
  • acess control
  • none of these
Q23 | Protection against Denial by one of these parties in a communication refers to?
  • non-repudiation
  • data integrity
  • authentication
  • none of these
Q24 | Which One of them is Passive attack?
  • denial of service
  • modify message intransit
  • replay previous message
  • obtain message contain
Q25 | What is lying of IP address called as?
  • ip spoofing
  • ip scamming
  • ip lying
  • none of theses