You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?

A.

70 years

B.

the life of the author

C.

the life of the author plus 70 years

D.

copyrights last forever

Kyle is performing the final testing of an application he developed for the accounting
department.
His last round of testing is to ensure that the program is as secure as possible. Kyle runs
the following command. What is he testing at this point?
#include #include int main(int argc, char
*argv[]) { char buffer[10]; if (argc < 2) { fprintf (stderr, "USAGE: %s string\n", argv[0]); return
1; }
strcpy(buffer, argv[1]); return 0; }

A.

Buffer overflow

B.

SQL injection

C.

Format string bug

D.

Kernal injection

You are assigned to work in the computer forensics lab of a state police agency. While working on a high profile criminal case, you have followed every applicable procedure, however your boss is still concerned that the defense attorney might question whether evidence has been changed while at the lab. What can you do to prove that the evidence is the same as it was when it first entered the lab?

A.

make an MD5 hash of the evidence and compare it with the original MD5 hash that was taken when the evidence first entered the lab

B.

make an MD5 hash of the evidence and compare it to the standard database developed by NIST

C.

there is no reason to worry about this possible claim because state labs are certified

D.

sign a statement attesting that the evidence is the same as it was when it entered the lab

Why should you note all cable connections for a computer you want to seize as evidence?

A.

to know what outside connections existed

B.

in case other devices were connected

C.

to know what peripheral devices exist

D.

to know what hardware existed

Jason is the security administrator of ACMA metal Corporation. One day he notices the
company's Oracle database server has been compromised and the customer information
along with financial data has been stolen. The financial loss will be in millions of dollars if
the database gets into the hands of the competitors. Jason wants to report this crime to the
law enforcement agencies immediately.
Which organization coordinates computer crimes investigations throughout the United
States?

A.

Internet Fraud Complaint Center

B.

Local or national office of the U.S. Secret Service

C.

National Infrastructure Protection Center

D.

CERT Coordination Center

An Expert witness give an opinion if:

A.

The Opinion, inferences or conclusions depend on special knowledge, skill or training not within the ordinary experience of lay jurors

B.

To define the issues of the case for determination by the finder of fact

C.

To stimulate discussion between the consulting expert and the expert witness

D.

To deter the witness form expanding the scope of his or her investigation beyond the requirements of the case

If you discover a criminal act while investigating a corporate policy abuse, it becomes a publicsector investigation and should be referred to law enforcement?

A.

true

B.

false

John and Hillary works at the same department in the company. John wants to find out
Hillary's network password so he can take a look at her documents on the file server. He
enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to
Error! Reference source not found. What information will he be able to gather from this?

A.

Hillary network username and password hash

B.

The SID of Hillary network account

C.

The SAM file from Hillary computer

D.

The network shares that Hillary has permissions

On Linux/Unix based Web servers, what privilege should the daemon service be run under?

A.

Guest

B.

Root

C.

You cannot determine what privilege runs the daemon service

D.

Something other than root

Which Intrusion Detection System (IDS) usually produces the most false alarms due to the unpredictable behaviors of users and networks?

A.

network-based IDS systems (NIDS)

B.

host-based IDS systems (HIDS)

C.

anomaly detection

D.

signature recognition

In a FAT32 system, a 123 KB file will use how many sectors?

A.

34

B.

25

C.

11

D.

56

An "idle" system is also referred to as what?

A.

PC not connected to the Internet

B.

Zombie

C.

PC not being used

D.

Bot