Information Cyber Security Set 3
On This Page
This set of Information Cyber Security (ICS) Multiple Choice Questions & Answers (MCQs) focuses on Information Cyber Security Set 3
Q1 | In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim.
- 24-hour
- 28-hour
- 60-minute
- 15-minute
Q2 | The type of report that is a preliminary summary of findings is known as:
- sitrep
- threshold assessment report
- full investigative report
- field notes
Q3 | Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction?
- functional
- intentional
- relational
- temporal
Q4 | Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______.
- cybertrail
- piece of physical evidence
- statement
- none of the above
Q5 | It is quite difficult to fabricate an alibi on a network successfully because:
- an offender may not have the proper access.
- an offender would need system administrator access level to make the necessary changes.
- an individual rarely has the ability to falsify digital evidence on all the computers that are involved.
- creating an alibi on a network could take months of work.
Q6 | Types of digital evidence that might corroborate an alibi include:
- evidence of computer usage when the offense was supposed to occurred
- computer records from credit cards, the telephone company, or subway ticket usage
- gps information from mobile devices indicating the user’s location and time
- all of the above
Q7 | To demonstrate that someone is lying about an alibi, it is necessary to:
- find evidence that clearly demonstrates the lie
- require the suspect to submit to a polygraph
- interrogate the suspect using a number of methods
- show that no evidence confirming the alibi is available
Q8 | In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should:
- state that the alibi is considered unproven
- search the internet for any pertinent information
- recreate the events surrounding the alibi
- contact other investigators and average their opinions
Q9 | Absence of evidence refutes an alibi.
- TRUE
- FALSE
Q10 | An implication from studies indicating that many stalkers had prior acquaintance with their victims is that:
- part of the blame can be assigned to the victim.
- the offender is likely to be found in the same area as the victim
- investigators should pay particular attention to acquaintances of the victim
- investigators should always check the immediate family
Q11 | When a cyberstalking case is stalled, it is a good idea to interview the victim again, because:
- the victim might have been withholding information during the first interview.
- the information that investigators have gathered might help the victim recall additional details.
- the time between the first and second interviews has given the victim time to seek counseling.
- none of the above
Q12 | That part of cyberstalking where the offender is using the Internet to find a victim is known as:
- profiling
- trolling
- surreptitious monitoring
- none of the above.
Q13 | The _____________ documentation specifies who handled the evidence, when, where, and for what purpose.
- evidence inventory
- . chain of custody
- evidence intake
- preservation notes
Q14 | When you have developed a theory, what can you do to confirm that your hypothesis is correct?
- predict, based on your hypothesis, where artifacts should be located
- perform experiments to test results and rule out alternate explanations
- conclude, based on your findings, whether the evidence supports the hypothesis
- all of the above
Q15 | Of particular significance in the scientific method is the weight attached to finding evidence which supports a particular hypothesis
- TRUE
- FALSE
Q16 | When reconstructing evidence surrounding a violent crime, it is generally helpful to:
- lay out all the evidence so it can be viewed in its entirety
- work with the crime scene technicians so that a better understanding of the crime is achieved
- construct a timeline of events from digital evidence
- begin the process of converting field notes to a final report
Q17 | Computers and mobile devices are treated as _________ crime scenes in violent crime investigations.
- temporary
- immediate
- remote
- secondary
Q18 | Given the scope and consequences of violent crimes, it is advisable to seek out and preserve all available digital evidence.
- TRUE
- FALSE
Q19 | In the course of conducting forensic analysis, which of the following actions are carried out?
- critical thinking
- fusion
- validation
- all of the above
Q20 | Security Measures Needed to protect ________ during their transmission
- file
- data
- packet
- all of above
Q21 | __________ means knowledge obtained from investigation, study , intelligence new ,facts .
- security
- data
- information
- none of these
Q22 | Prevention of the unauthorised used of Resources refers too?
- data integrity
- data confidentiality
- acess control
- none of these
Q23 | Protection against Denial by one of these parties in a communication refers to?
- non-repudiation
- data integrity
- authentication
- none of these
Q24 | Which One of them is Passive attack?
- denial of service
- modify message intransit
- replay previous message
- obtain message contain
Q25 | What is lying of IP address called as?
- ip spoofing
- ip scamming
- ip lying
- none of theses