bettyallen's picture
From bettyallen rss RSS  subscribe Subscribe

GD0-100 Study material 

Troytec.com is a place where you can find various types of GD0-100 exam certifications preparation material. Troytec’s full range of study material for the GD0-100 exam helps you to be prepared for the GD0-100 exam fully and enter the exam centre with full confidence. We provide you easy, simple and updated study material. After preparing from the GD0-100 exam material prepared by us we guarantee you that you will be a certified professional. We guarantee that with Troytec GD0-100 study material, you will pass the Certification exam.

 

 
 
Tags:  GD0-100 Exams  GD0-100 Certification  GD0-100 Training  GD0-100 Practice Exams  GD0-100 Tests  GD0-100 Exam Materials  GD0-100 download 
Views:  137
Published:  March 10, 2010
 
0
download

Share plick with friends Share
save to favorite
Report Abuse Report Abuse
 
Related Plicks
642-542 Practice Tests & Exams

642-542 Practice Tests & Exams

From: carolsmith62
Views: 2654 Comments: 0
CertMagic.com is a place where you can find various types of 642-542 exam certifications preparation material. CertMagic’s full range of study material for the 642-542 exam helps you to be prepared for the 642-542 exam fully and enter the exam centr (more)

 
640-802 Practice Tests & Exams

640-802 Practice Tests & Exams

From: carolsmith62
Views: 2820 Comments: 0

CertMagic.com is a place where you can find various types of 640-802 exam certifications preparation material. CertMagic’s full range of study material for the 640-802 exam helps you to be prepared for the 640-802 exam full (more)

 
4h0-100 Exam

4h0-100 Exam

From: Seal.heart
Views: 509 Comments: 0
CertMagic.com is a place where you can find various types of 4h0-100 exam certifications preparation material. CertMagic’s full range of study material for the 4h0-100 exam helps you to be prepared for the 4h0-100 exam fully and enter the exam centr (more)

 
1T6-511 Exam

1T6-511 Exam

From: Seal.heart
Views: 483 Comments: 0
CertMagic.com is a place where you can find various types of 1T6-511 exam certifications preparation material. CertMagic’s full range of study material for the 1T6-511 exam helps you to be prepared for the 1T6-511 exam fully and enter the exam centr (more)

 
See all 
 
More from this user
TB0-107 Study material

TB0-107 Study material

From: bettyallen
Views: 1723
Comments: 0

199-01 Study material

199-01 Study material

From: bettyallen
Views: 1050
Comments: 0

9A0-062 Study material

9A0-062 Study material

From: bettyallen
Views: 796
Comments: 0

000-089Study material

000-089Study material

From: bettyallen
Views: 712
Comments: 0

310-091 Study material

310-091 Study material

From: bettyallen
Views: 899
Comments: 0

1T6-540 Study material

1T6-540 Study material

From: bettyallen
Views: 784
Comments: 0

See all 
 
 
 URL:          AddThis Social Bookmark Button
Embed Thin Player: (fits in most blogs)
Embed Full Player :
 
 

Name

Email (will NOT be shown to other users)

 

 
 
Comments: (watch)
 
 
Notes:
 
Slide 1: GD0-100 Certification Exam For ENCE North America Exam GD0-100 Demo Edition © 2005- 2006 Test Killer, LTD All Rights Reserved 1 http://www.testkiller.com http://www.troytec.com
Slide 2: GD0-100 QUESTION 1 When an EnCase user double-clicks on a file within EnCase what determines the action that will result? Select all that apply A. The settings in the case file. B. The settings in the FileTypes.ini file. C. The setting in the evidence file. Answer: B QUESTION 2 Search results are found in which of the following files? Select all that apply. A. The evidence file B. The configuration Searches.ini file C. The case file Answer: C QUESTION 3 If cluster #3552 entry in the FAT table contains a value of ?? this would mean: A. The cluster is unallocated B. The cluster is the end of a file C. The cluster is allocated D. The cluster is marked bad Answer: A QUESTION 4 The following GREP expression was typed in exactly as shown. Choose the answer(s) that would result. Bob@[a-z]+.com A. Bob@New zealand.com B. Bob@My-Email.com C. Bob@America.com D. Bob@a-z.com Answer: C QUESTION 5 You are an investigator and have encountered a computer that is running at the home of a suspect. The computer does not appear to be a part of a network. The operating system is Windows XP Home. No programs are visibly running. You should: 2 http://www.testkiller.com http://www.troytec.com
Slide 3: GD0-100 A. Pull the plug from the back of the computer. B. Turn it off with the power button. C. Pull the plug from the wall. D. Shut it down with the start menu. Answer: A QUESTION 6 A physical file size is: A. The total size in sectors of an allocated file. B. The total size of all the clusters used by the file measured in bytes. C. The total size in bytes of a logical file. D. The total size of the file including the ram slack in bytes. Answer: B QUESTION 7 In Unicode, one printed character is composed of ____ bytes of data. A. 8 B. 4 C. 2 D. 1 Answer: C QUESTION 8 If cluster number 10 in the FAT contains the number 55, this means: A. That cluster 10 is used and the file continues in cluster number 55. B. That the file starts in cluster number 55 and continues to cluster number 10. C. That there is a cross-linked file. D. The cluster number 55 is the end of an allocated file. Answer: A QUESTION 9 How are the results of a signature analysis examined? A. By sorting on the category column in the Table view. By sorting on the category column in the Table view. B. By sorting on the signature column in the Table view. By sorting on the signature column in the Table view. C. By sorting on the hash sets column in the Table view. By sorting on the hash sets column in the Table view. http://www.testkiller.com http://www.troytec.com 3
Slide 4: GD0-100 D. By sorting on the hash library column in the Table view. By sorting on the hash library column in the Table view. Answer: B QUESTION 10 The acronym ASCII stands for: A. American Standard Communication Information Index B. American Standard Code for Information Interchange C. Accepted Standard Code for Information Interchange D. Accepted Standard Communication Information Index Answer: B QUESTION 11 The default export folder remains the same for all cases. A. True B. False Answer: Pending. Please put your suggestions to gary@troytecsupport.com. QUESTION 12 The EnCase default export folder is: A. A case-specific setting that cannot be changed. B. A case-specific setting that can be changed. C. A global setting that can be changed. D. A global setting that cannot be changed. Answer: B QUESTION 13 Hash libraries are commonly used to: A. Compare a file header to a file extension. B. Identify files that are already known to the user. C. Compare one hash set with another hash set. D. Verify the evidence file. Answer: B QUESTION 14 Which is the proper formula for determining the size in bytes of a hard drive that uses cylinders (C), heads (H), and sectors (S) geometry? 4 http://www.testkiller.com http://www.troytec.com
Slide 5: GD0-100 A. C X H + S B. C X H X S + 512 C. C X H X S X 512 D. C X H X S Answer: C QUESTION 15 Within EnCase, clicking on Save on the toolbar affects what file(s)? A. All of the above B. The evidence files C. The open case file D. The configuration .ini files Answer: C QUESTION 16 EnCase uses the _________________ to conduct a signature analysis. A. Both a and b B. file signature table C. hash library D. file Viewers Answer: B QUESTION 17 EnCase is able to read and examine which of the following file systems? A. NTFS B. EXT3 C. FAT D. HFS Answer: A,B,C,D QUESTION 18 ROM is an acronym for: A. Read Open Memory B. Random Open Memory C. Read Only Memory D. Relative Open Memory 5 http://www.testkiller.com http://www.troytec.com
Slide 6: GD0-100 Answer: C QUESTION 19 If a floppy diskette is in the ?drive, the computer will always boot to that drive before any other device. If a floppy diskette is in the ??drive, the computer will always boot to that drive before any other device. A. False B. True Answer: Pending. Please put your suggestions to gary@troytecsupport.com. QUESTION 20 A standard Windows 98 boot disk is acceptable for booting a suspect drive. A. True B. False Answer: Pending. Please put your suggestions to gary@troytecsupport.com. 6 http://www.testkiller.com http://www.troytec.com

   
Time on Slide Time on Plick
Slides per Visit Slide Views Views by Location