Question 1

__________________ help offset hardware costs for companies and are handy when you want to run legacy or uncommon OSs and software along with the other software on your computer.​

Accepted Answer

The answer of __________________ help offset hardware costs for companies...

Question 2

What file type below, associated with VMWare, stores VM paging files that are used as RAM for a virtual machine?​

Accepted Answer

A)  ​.nvram
B)  ​.vmem
C)   .​vmpage
D)  .vmxE) None of the above
F) A) and B)

Question 3

?Match the following terms with the correct definitions below:?
-A computer or network set up to lure an attacker.?

Accepted Answer

A)  ?defense in depth (Di
D)  
B)  distributed denial-of-service (DDoS)  attacks
C)  ?honeypot
D)  honeywalls?
E)  ?layered network defense strategyF) network forensics?G) ?type 1 hypervisorH) type 2 hypervisor?I) ?zero day attacksJ) zombiesK) D) and J)
L) F) and H)

Question 4

The ________________ software lists all open network sockets, including those hidden by rootkits, and also works on both 32-bit and 64-bit systems.​

Accepted Answer

The answer of The ________________ software lists all open network...

Question 5

What processor instruction set is required in order to utilize virtualization software?​

Accepted Answer

A)  ​AMD-VT
B)  ​Intel VirtualBit
C)  Virtual Machine Extensions (VMX) 
D)  Virtual Hardware Extensions (VHX) E) A) and D)
F) B) and C)

Question 6

The NSA's defense in depth (DiD)  strategy contains three modes of protection. Which option below is not one of the three modes?​

Accepted Answer

A)  ​People
B)  ​Technology
C)  Operations
D)  ManagementE) A) and D)
F) B) and C)

Question 7

?Match the following terms with the correct definitions below:?
-Computers used without the owners' knowledge in a DDoS attack.?

Accepted Answer

A)  ?defense in depth (Di
D)  
B)  distributed denial-of-service (DDoS)  attacks
C)  ?honeypot
D)  honeywalls?
E)  ?layered network defense strategyF) network forensics?G) ?type 1 hypervisorH) type 2 hypervisor?I) ?zero day attacksJ) zombiesK) I) and J)
L) B) and G)

Question 8

Select the file below that is used in VirtualBox to create a virtual machine:​

Accepted Answer

A)  ​.vdi
B)  ​.vbox
C)  .r0
D)  .ovaE) C) and D)
F) B) and D)

Question 9

The ___________________ is a good tool for extracting information from large Libpcap files; you simply specify the time frame you want to examine.

Accepted Answer

A)  ​Tcpdstat
B)  ​Tcpslice
C)  Ngrep
D)  tcpdumpE) A) and D)
F) None of the above

Question 10

The capability of type 1 hypervisors is limited only by the amount of available RAM, storage, and throughput.​

Accepted Answer

A) True 
 B)False

Question 11

The Honeynet Project was developed to make information widely available in an attempt to thwart Internet and network attackers.​

Accepted Answer

A) True 
 B)False

Question 12

?Match the following terms with the correct definitions below:?
-A virtual machine interface that's loaded on top of an existing OS.?

Accepted Answer

A)  ?defense in depth (Di
D)  
B)  distributed denial-of-service (DDoS)  attacks
C)  ?honeypot
D)  honeywalls?
E)  ?layered network defense strategyF) network forensics?G) ?type 1 hypervisorH) type 2 hypervisor?I) ?zero day attacksJ) zombiesK) H) and I)
L) B) and I)

Question 13

The Sysinternals Handle utility shows only file system activity, but does not show what processes are using files on the file system.

Accepted Answer

A) True 
 B)False

Question 14

What Windows Registry key contains associations for file extensions?​

Accepted Answer

A)  ​HKEY_CLASSES_ROOT
B)  ​HKEY_USERS
C)  HKEY_LOCAL_MACHINE
D)  HKEY_CURRENT_CONFIGE) A) and B)
F) A) and C)

Question 15

Forensics tools can't directly mount VMs as external drives.​

Accepted Answer

A) True 
 B)False

Question 16

The __________ disk image file format is associated with the VirtualBox hypervisor.​

Accepted Answer

A)  .​vmdk
B)  ​.hda
C)  .vhd
D)  .vdiE) A) and B)
F) All of the above

Question 17

Select below the program within the PsTools suite that allows you to run processes remotely:​

Accepted Answer

A)  ​PsService
B)  ​PsPasswd
C)  PsRemote
D)  PsExecE) A) and D)
F) B) and C)

Question 18

Describe a zero day attack.​

Accepted Answer

In a typical zero day attack, attackers ...

Question 19

The __________________ is the version of Pcap available for Linux based operating systems.​

Accepted Answer

A)  ​Winpcap
B)  ​Libpcap
C)  Tcpcap
D)  NetcapE) A) and D)
F) All of the above

Question 20

In Windows, what PowerShell cmdlet can be used in conjunction with Get-VM​ to display a virtual machine's network adapters?

Accepted Answer

A)  ​Show-NetworkAdapters
B)  ​Query-ipconfig
C)  Get-VMNetworkAdapter
D)  Dump-NetconfigE) A) and B)
F) A) and C)

Exam 10: Virtual Machine and Cloud Forensics

The __________________ is the version of Pcap available for Linux based operating systems.​

Correct AnswerverifiedShow Answer

What processor instruction set is required in order to utilize virtualization software?​

Correct AnswerverifiedShow Answer

The ________________ software lists all open network sockets, including those hidden by rootkits, and also works on both 32-bit and 64-bit systems.​

Correct AnswerverifiedShow Answer

?Match the following terms with the correct definitions below:? -A virtual machine interface that's loaded on top of an existing OS.?

Correct AnswerverifiedShow Answer

The Sysinternals Handle utility shows only file system activity, but does not show what processes are using files on the file system.

Correct AnswerverifiedShow Answer

Describe a zero day attack.​

Correct AnswerverifiedIn a typical zero day attack, attackers ...View AnswerShow Answer

?Match the following terms with the correct definitions below:? -Computers used without the owners' knowledge in a DDoS attack.?

Correct AnswerverifiedShow Answer

The ___________________ is a good tool for extracting information from large Libpcap files; you simply specify the time frame you want to examine.

Correct AnswerverifiedShow Answer

__________________ help offset hardware costs for companies and are handy when you want to run legacy or uncommon OSs and software along with the other software on your computer.​

Correct AnswerverifiedShow Answer

The __________ disk image file format is associated with the VirtualBox hypervisor.​

Correct AnswerverifiedShow Answer

Select the file below that is used in VirtualBox to create a virtual machine:​

Correct AnswerverifiedShow Answer

What Windows Registry key contains associations for file extensions?​

Correct AnswerverifiedShow Answer

The capability of type 1 hypervisors is limited only by the amount of available RAM, storage, and throughput.​

Correct AnswerverifiedShow Answer

Select below the program within the PsTools suite that allows you to run processes remotely:​

Correct AnswerverifiedShow Answer

?Match the following terms with the correct definitions below:? -A computer or network set up to lure an attacker.?

Correct AnswerverifiedShow Answer

Forensics tools can't directly mount VMs as external drives.​

Correct AnswerverifiedShow Answer

What file type below, associated with VMWare, stores VM paging files that are used as RAM for a virtual machine?​

Correct AnswerverifiedShow Answer

The NSA's defense in depth (DiD) strategy contains three modes of protection. Which option below is not one of the three modes?​

Correct AnswerverifiedShow Answer

In Windows, what PowerShell cmdlet can be used in conjunction with Get-VM​ to display a virtual machine's network adapters?

Correct AnswerverifiedShow Answer

The Honeynet Project was developed to make information widely available in an attempt to thwart Internet and network attackers.​

Correct AnswerverifiedShow Answer

The __________________ is the version of Pcap available for Linux based operating systems.

Correct Answer
verified

What processor instruction set is required in order to utilize virtualization software?

Correct Answer
verified

The ________________ software lists all open network sockets, including those hidden by rootkits, and also works on both 32-bit and 64-bit systems.

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Describe a zero day attack.

Correct Answer
verified
In a typical zero day attack, attackers ...
View Answer

Correct Answer
verified

Correct Answer
verified

__________________ help offset hardware costs for companies and are handy when you want to run legacy or uncommon OSs and software along with the other software on your computer.

Correct Answer
verified

The __________ disk image file format is associated with the VirtualBox hypervisor.

Correct Answer
verified

Select the file below that is used in VirtualBox to create a virtual machine:

Correct Answer
verified

What Windows Registry key contains associations for file extensions?

Correct Answer
verified

The capability of type 1 hypervisors is limited only by the amount of available RAM, storage, and throughput.

Correct Answer
verified

Select below the program within the PsTools suite that allows you to run processes remotely:

Correct Answer
verified

Correct Answer
verified

Forensics tools can't directly mount VMs as external drives.

Correct Answer
verified

What file type below, associated with VMWare, stores VM paging files that are used as RAM for a virtual machine?

Correct Answer
verified

The NSA's defense in depth (DiD) strategy contains three modes of protection. Which option below is not one of the three modes?

Correct Answer
verified

In Windows, what PowerShell cmdlet can be used in conjunction with Get-VM to display a virtual machine's network adapters?

Correct Answer
verified

The Honeynet Project was developed to make information widely available in an attempt to thwart Internet and network attackers.

Correct Answer
verified