carolsmith62's picture
From carolsmith62 rss RSS  subscribe Subscribe

II0-001 Practice Tests & Exams 

CertMagic.com is a place where you can find various types of II0-001 exam certifications preparation material. CertMagic’s full range of study material for the II0-001 exam helps you to be prepared for the II0-001 exam fully and enter the exam centre with full confidence.We provide you easy, simple and updated study material. After preparing from the II0-001 exam material prepared by us we guarantee you that you will be a certified professional. We guarantee that with CertMagic II0-001 study material, you will pass the Certification exam.

 
 
 
Tags:  II0-001 Exams  II0-001 Certification  II0-001 Training  II0-001 Practice Exams  II0-001 Tests  II0-001 Exam Materials  II0-001 download 
Views:  186
Published:  November 19, 2009
 
0
download

Share plick with friends Share
save to favorite
Report Abuse Report Abuse
 
Related Plicks
No related plicks found
 
More from this user
MB7-221 Practice Tests & Exam

MB7-221 Practice Tests & Exam

From: carolsmith62
Views: 1121
Comments: 0
000-301 Practice Tests & Exams

000-301 Practice Tests & Exams

From: carolsmith62
Views: 992
Comments: 0
4H0-100 Practice Tests & Exams

4H0-100 Practice Tests & Exams

From: carolsmith62
Views: 823
Comments: 0
650-175 Practice Tests & Exams

650-175 Practice Tests & Exams

From: carolsmith62
Views: 872
Comments: 0
000-743 Practice Tests & Exams

000-743 Practice Tests & Exams

From: carolsmith62
Views: 858
Comments: 0
HP0-763 Practice Tests & Exams

HP0-763 Practice Tests & Exams

From: carolsmith62
Views: 805
Comments: 0
See all 
 
 
 URL:          AddThis Social Bookmark Button
Embed Thin Player: (fits in most blogs)
Embed Full Player :
 
 

Name

Email (will NOT be shown to other users)

 
 
 
Comments: (watch)
 
 
Notes:
 
Slide 1: II0-001 Exam Code: II0-001 Certified Information Forensics Investigator (CIFI) Demo Version To Access Full Version, Please go to www.certmagic.com -1- http://www.certmagic.com
Slide 2: II0-001 1. Firewalls are an excellent source of: A. Details of system usage B. Details of protocal usage C. Forensic Evidence for malicious attacks D. Port/service mappings Answer: C 2. What technique of layered security design will allow for both investigation and recovery after an incident? A. RI Technology B. Highly available systems C. Overlap design approach D. Honeypot placement Answer: B 3. If a CIFI violates the ISFA code of Ethics, her CIFI certification can be immediately revoked. A. True B. False Answer: B 4. The 1st ammendment allows hackers to exercise free speech by altering content on websites to express opposing viewpoints. A. True B. False Answer: B 5. The term "Browser Artifacts" refer to: A. Web browser cache, cookies, favorites, history, autocomplete information B. Older web browser applications that have little or no security and allow for unchecked use C. Older web browser applications that can be used as a survelliance tool for investigators due to their lack of security D. Web browser cookies Answer: A 6. All of the following are methods of auditing except: A. Internal audit B. External audit C. Thorough audit D. 3rd party audit Answer: C 7. In selecting Forensic tools for collecting evidence in the investigation of a crime the standard for authenticating computer records is: A. The same for authenticating other records. The degree of authentication does not vary simply because a record happens to be (or has been at one point) in electronic form. B. Much more complex, and requires an expert to be present at each step of the process. C. To convert the technical terms & definitions into a basic understandable language to be presented as evidence. D. To ensure the tools are equipped with logging to document the steps of evidence collection. Answer: C 8. "Interesting data" is: A. Data relevant to your investigation B. Pornography C. Documents, spreadsheets, and databases D. Schematics or other economic based information Answer: A 9. Social engineer is legal in the United States, Great Britian, Canada, and Australia as long as the social engineer does not: A. Attempt to extract corporate secrets B. Lie C. Apply the Frye Scenario D. Live outside those countries Answer: A -2- http://www.certmagic.com
Slide 3: II0-001 10. Drive geometry refers to A. The algorythms used to computer a specific location of a particular segment. B. The functional dimensions of a drive in terms of the number of heads, cylinders, and sectors per track. C. Physical dimensions of the drive platters. D. The depth of the pits on optical media or magnetic field charge on magnetic media Answer: B 11. Which of the following are characteristics of electronic Evidence? A. Cannot be easily altered B. Is not time sensitive C. Should follow proper chain of custody D. Must be decrypted Answer: C 12. Embedding a serial number or watermark into a data file is known as: A. Hashing B. Steganography C. Message Digest D. Imprinting Answer: B 13. What is the difference between a zombie host and a reflector host? A. Unlike a zombie, a reflector is a laundering host that fundamentally transforms and/or delays the attacker’s communications before they continue down the attack path. (Zombie technique) B. Unlike a zombie, a Traceback through the stepping stone host requires determining if two communications streams, viewed at different points in the network, have the same origin and are essentially the same stream. (stepping stone Traceback technique) C. Unlike a zombie host, the reflector is an uncompromised host that cooperates with the attack in an innocent manner consistent with its normal function. D. A zombie is a version of a reflector host. Answer: C 14. The major disadvantage to techniques that attempt to mark IP packets as they move through the internet is: A. A decrease in network efficiency B. An increase in the packet load C. An increase in bandwidth consumption D. All of the above Answer: C 15. In normal operation, a host receiving packets can determine their source by direct examination of the source address field in the: A. The IP packet header B. Source code C. Audit logs D. Intrusion Detection System Answer: A 16. One caution an investigator should take when examining the source of a network attack is: A. an occurrence of Social Engineering B. relaxed physical security C. the source IP address may have been spoofed D. a sniffer could be on the network Answer: C 17. Stream comparison used as a Traceback technique focuses on what two factors? A. the IP address and victim port B. the packet contents and audit logs C. inter-packet timing and the victim port D. the packet contents and inter-packet timing Answer: D -3- http://www.certmagic.com
Slide 4: II0-001 18. To perform a successful traceback, the two most prominent problems that need to be solved are locating the source of IP packets and: A. the timestamp of the event B. determining the first node of a connection chain C. the reflector host D. the victim port Answer: B 19. The most important network information that should be observed from the logs during a Traceback is the intruder IP address, the victim IP address, the victim port, protocol information and the: A. source port B. operating system C. MAC address D. timestamp Answer: D 20. A new protocol that is designed to aid in intrusion protection and IP tracebacks is known as: A. Intruder Detection and Isolation Protocol (IDIP) B. Intrusion Detection and Traceback Protocol (IDTP) C. Facilitating Traceback Protocol (FTP) D. Intruder Detection and Internet Protocol (IDIP) Answer: A -4- http://www.certmagic.com

   
Time on Slide Time on Plick
Slides per Visit Slide Views Views by Location