NO.54 Which of the following steps in the Computer Forensic Investigation process limits the extent and significance of an incident to ensure that it does not spread to other systems?

NO.55 Alana, an employee in an organization, took a short break after spending exhausting hours on a project. For relaxation, she went to a cafeteria with her laptop, where she connected to the public Internet. While browsing the web, she received a project modifications file on her mail and reverted with another file that contained the required changes.
Which of the following BYOD risks has emerged from the above scenario?

NO.56 Fill in the blank with the appropriate name of the attack.
________ takes best advantage of an existing authenticated connection

NO.57 Messy, a network defender, was hired to secure an organization’s internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.
Identify the type of IDS employed by Messy in the above scenario.

NO.58 Wesley, a professional hacker, deleted a confidential file in a compromised system using the “/bin/rm/ command to deny access to forensic specialists.
Identify the operating system on which Don has performed the file carving activity.

NO.59 Which of the following malicious software implements itself on the kernel level of any operating system and is hard to detect and delete?

NO.60 What is the major difference between a worm and a Trojan horse?

NO.61 Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?

NO.62 Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

NO.63 John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company’s phone bill has increased drastically. John suspects that the company’s phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?

NO.64 Burp Suite is a Java application for attacking web applications. This tool includes a proxy server, a spider, an intruder, and a repeater. Which of the following can be used to perform stress testing?

NO.65 Clark, a digital forensic expert, was assigned to investigate a malicious activity performed on an organization’s network. The organization provided Clark with all the information related to the incident. In this process, he assessed the impact of the incident on the organization, reasons for and source of the incident, steps required to tackle the incident, investigating team required to handle the case, investigative procedures, and possible outcome of the forensic process.
Identify the type of analysis performed by Clark in the above scenario.

NO.66 Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.
Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.

NO.67 Which of the following parameters are required to be followed on receiving a suspicious mail according to the Department of Justice?
Each correct answer represents a part of the solution. Choose all that apply.

NO.68 Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?

NO.69 Fill in the blank with the command to complete the statement below. Do not enter the full path of the command.
The __________ command is used to remove the print jobs that have been queued for printing by using a secure connection.