Question 1

Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?&#10;A)recovery site&#10;B)recovery point&#10;C)single point of failure&#10;D)cascade point of failure

Accepted Answer

A single point of failure is a component or entity in a system that, if it fails, will cause the entire system to fail. The other choices are not applicable to this definition.

Question 2

Multiple sectors on a disk, when combined, are referred to as a:&#10;A)cluster&#10;B)track&#10;C)slice&#10;D)platter

Accepted Answer

Sectors on a disk are grouped together into clusters. Tracks refer to concentric circles on a disk where data is stored, slices is not a commonly used term in relation to disks, and platter refers to the actual spinning disk inside a hard drive or other disk-based storage device.

Question 3

Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:

A)symmetric network
B)symmetric server
C)asymmetric network
D)asymmetric server

D

Accepted Answer

D

Question 4

The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:&#10;A)Business continuity planning and testing&#10;B)Disaster planning&#10;C)Business management planning and testing&#10;D)Enterprise disaster planning

Accepted Answer

This process is known as business continuity planning and testing, which involves identifying potential threats to a business or organization, developing preventive and recovery procedures, and testing them to ensure they are effective. Disaster planning and enterprise disaster planning are similar but refer specifically to preparing for natural disasters and other large-scale events, while business management planning and testing is a more general term that does not necessarily focus on disaster recovery.

Question 5

What kind of data can be lost when a computer is turned off?&#10;A)Volatile&#10;B)Static&#10;C)Non-volatile&#10;D)Persistent

Accepted Answer

Volatile data is stored in the computer's RAM, which requires power to maintain. This data is lost when the computer is turned off.

Question 6

RAID level 0 is known as disk mirroring, because it involves connecting multiple drives in the server to the same disk controller card.

Accepted Answer

RAID level 0 is actually known as disk striping, which involves splitting data across multiple drives to improve performance but offers no redundancy or fault tolerance. Disk mirroring or RAID level 1, on the other hand, involves creating an exact copy of the data on two separate drives for redundancy and fault tolerance.

Question 7

Most metadata about a file is generated and recorded automatically without the user's knowledge.

Accepted Answer

Most metadata about a file, such as the date it was created, modified, or accessed, is generated and recorded automatically by the system without the user actively inputting this information. Some metadata, such as tags or descriptions, may be added by the user, but this is not the case for most metadata.

Question 8

&#8203;What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?&#10;A)&#8203;RAID 0&#10;B)&#8203;RAID 1&#10;C)&#8203;RAID 2&#10;D)&#8203;RAID 5

Accepted Answer

RAID 5 utilizes distributed parity across all drives to protect against data loss in case of a drive failure. This allows for both data redundancy and improved performance, making it a popular choice for many enterprise-level systems. RAID 0 offers improved performance, but no redundancy or data protection, while RAID 1 provides full redundancy but at the cost of storage efficiency. RAID 2, on the other hand, is an outdated RAID type that is rarely used today.

Question 9

A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning.

Accepted Answer

The answer of A subset of business continuity planning and...

Question 10

Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene.

Accepted Answer

Duplicate image backups are not considered a primary key for uncovering evidence; they are used to preserve data integrity and ensure that the original data remains unaltered during analysis.

Question 11

What type of plans include procedures to address redundancy and fault tolerance as well as data backups?&#10;A)Enterprise recovery&#10;B)Disaster recovery&#10;C)Business recovery&#10;D)Emergency recovery

Accepted Answer

The answer of What type of plans include procedures to...

Question 12

Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:

A)Computer forensics
B)Penetration testing
C)Vulnerability testing
D)Risk management

Accepted Answer

The answer of Using technology to search for computer evidence...

Question 13

According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?&#10;A)65&#10;B)75&#10;C)85&#10;D)95

Accepted Answer

The answer of According to the Federal Bureau of Investigation...

Question 14

In what type of server cluster can services fail over from downed servers to functional servers?&#10;A)symmetric network&#10;B)asymmetric network&#10;C)symmetric server&#10;D)symmetric network

Accepted Answer

The answer of In what type of server cluster can...

Question 15

A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:&#10;A)service level agreement&#10;B)recovery point objective&#10;C)recovery time objective&#10;D)service point agreement

Accepted Answer

The answer of A service contract between a vendor and...

Question 16

How can an administrator keep devices powered when power is interrupted?&#10;A)uninterruptible power supply&#10;B)redundant power supply&#10;C)uninterruptible system supply&#10;D)replica power supply

Accepted Answer

The answer of How can an administrator keep devices powered...

Question 17

A snapshot of the current state of a computer that contains all current settings and data is known as what option below:&#10;A)system standard&#10;B)system view&#10;C)system image&#10;D)system baseline

Accepted Answer

The answer of A snapshot of the current state of...

Question 18

A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a:&#10;A)bollard&#10;B)mantrap&#10;C)Faraday cage&#10;D)Newton cage

Accepted Answer

The answer of A metallic enclosure that prevents the entry...

Question 19

What term is used to describe a documentation of control over evidence, which is used to ensure that no unauthorized person was given the opportunity to corrupt the evidence?&#10;A)chain of value&#10;B)chain of use&#10;C)chain of property&#10;D)chain of custody

Accepted Answer

The answer of What term is used to describe a...

Question 20

RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted.

Accepted Answer

The answer of RAM slack can contain any information that...

Question 21

The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?&#10;A)Disk slack&#10;B)RAM slack&#10;C)ROM slack&#10;D)Edge slack

Accepted Answer

The answer of The remaining cluster space of a partially...

Question 22

____________________ is data about data.

Accepted Answer

The answer of ____________________ is data about data....

Question 23

A system that can function for an extended period of time with little downtime is said to have ___________________.&#8203;

Accepted Answer

The answer of A system that can function for an...

Question 24

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;Combining two or more servers to appear as one single unit.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 25

A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:&#10;A)cold site&#10;B)hot site&#10;C)spare site&#10;D)warm site

Accepted Answer

The answer of A location that has all the equipment...

Question 26

Generally, ____________________ focuses on restoring computing and technology resources to their former state.&#10;&#8203;

Accepted Answer

The answer of Generally, ____________________ focuses on restoring computing and...

Question 27

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;A process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 28

What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?&#10;A)RAM slack&#10;B)Edge slack&#10;C)Drive file slack&#10;D)Sector slack

Accepted Answer

The answer of What kind of slack is created from...

Question 29

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;The ability of an organization to maintain its operations and services in the face of a disruptive event.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 30

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;&#8203;The process of identifying threats.

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 31

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;&#8203;The ability of a business to continue to function in the even of a disaster.

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 32

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 33

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;The maximum length of time that an organization can tolerate between backups.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 34

Windows stores files on a hard drive in 512-byte blocks called ____________________.

Accepted Answer

The answer of Windows stores files on a hard drive...

Question 35

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;Using technology to search for computer evidence of a crime.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 36

What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?&#10;A)baseline&#10;B)mirror image&#10;C)logical image&#10;D)thin image

Accepted Answer

The answer of What is the name for an image...

Question 37

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 38

RAID 0 technology is based on ____________________.

Accepted Answer

The answer of RAID 0 technology is based on ____________________....

Question 39

When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of its operational and financial position, what should be performed?

A)Business risk analysis
B)Business alert assessment
C)Business productivity analysis
D)Business impact analysis (BIA)

Accepted Answer

The answer of When a company needs to identify mission-critical...

Question 40

Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d. Computer forensics&#10;e. Continuity of operations f. Faraday cage&#10;g. Hot site&#10;h. Mean time between failures (MTBF)&#10;i. Recovery point objective j. Risk assessment&#10;A metallic enclosure that prevents the entry or escape of an electromagnetic field.&#8203;

Accepted Answer

The answer of Matching&#10;a. Business continuity&#10;b. Chain of custody&#10;c. Clustering&#10;d....

Question 41

What are the objectives of disaster exercises?

Accepted Answer

The answer of What are the objectives of disaster exercises?...

Question 42

Explain how to best capture volatile data.

Accepted Answer

The answer of Explain how to best capture volatile data....

Question 43

Identify two scenarios that could be used in a BIA.

Accepted Answer

The answer of Identify two scenarios that could be used...

Question 44

What does Windows do if a file being saved is not long enough to fill up the last sector on the disk?

Accepted Answer

The answer of What does Windows do if a file...

Question 45

Discuss the purpose and importance of the chain of custody.

Accepted Answer

The answer of Discuss the purpose and importance of the...

Question 46

Describe the purpose of a disaster recovery plan.

Accepted Answer

The answer of Describe the purpose of a disaster recovery...

Question 47

When creating a data backup plan or policy, what five basic questions should be answered?&#8203;

Accepted Answer

The answer of When creating a data backup plan or...

Question 48

What is required upon completion of an evidence examination?

Accepted Answer

The answer of What is required upon completion of an...

Question 49

Describe what happens when the response team arrives and secures the crime scene.

Accepted Answer

The answer of Describe what happens when the response team...

Question 50

What are the steps in damage control?

Accepted Answer

The answer of What are the steps in damage control?...

Deck 13: Business Continuity