Chapter 14.pdf | bartleby

1 Testbank © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 Chapter 14 Digital Forensics Analysis MULTIPLE CHOICE QUESTIONS — CHAPTER 14 43. Forensic accountants must understand the Internet's protocols so that they: a. Can write code to collect courtroom evidence. b. Can hire a professional to handle the problem. c. Understand electronic courtroom procedures. d. Understand the nature of a cyber attack. e. All of the above. 44. If your client's website is breached, the best policy is to: a. Make sure no one finds out about the attack. b. Document the evidence about the attack. c. Call in law enforcement authorities as soon as possible. d. Call in a tiger team. e. None of the above. 45. Datagrams are: a. Unchanged as they move across the Internet. b. Another term used to describe e-mail messages. c. Packets of message verification data. d. Packets of data. e. None of the above. 46. Which is the top most layer in the OSI Model used in TCP/IP? a. Data link layer. b. Transportation layer. c. Network layer. d. Application layer. e. None of the above. 47. Message integrity in the OSI Model used in TCP/IP is performed by the:

2 Forensic and Investigative Accounting © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 a. Data link layer. b. Transportation layer. c. Network layer. d. Application layer. e. None of the above. 48. What protocol uses "send and forget" messages over the Internet? a. FTC. b. TCP/IP. c. UDP. d. SMTP. e. None of the above. 49. SMTP uses which of the following ports? a. 23. b. 25. c. 80. d. 1024. e. All of the above. 50. The number of ports on a web server are: a. Indefinite number. b. 1,024. c. 32,768. d. 65,535. e. All of the above. 51. If the data received by a web server is not the data that was expected which of the following flags is sent (keyed)? a. HLEN. b. FIN. c. RST.

3 Testbank © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 d. ACK. e. TCP. 52. The IP address is composed of a(n): a. 8-bit address. b. 1-bit address. c. 32-bit address. d. 64-bit address. e. None of the above. 53. Time to Live (TTL) in the IP header: a. Determines how long a source and destination server should continue to try to establish a connection. b. Determines whether the last packet in a message has arrived. c. There is no TTL field in a TCP/IP header. d. Determines how long a packet will continue to travel over the Internet. e. The source address in the header. 54. A network computer's MAC address is found in the: a. ARP table. b. URL address. c. Domain name system. d. Traceroute. e. Ping response. 55. A HTTP response code of "200" means the: a. Web page was incompletely transferred. b. Web page was successfully received. c. The wrong web page was received. d. The web page was successfully sent. e. None of the above.

4 Forensic and Investigative Accounting © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 56. TCPDUMP is a: a. Traceroute program. b. Virus program. c. Sniffer. d. Trojan horse. e. None of the above. 57. Linux program for searching website E-mail logs are best found in: a. FTP servers. b. HTTP servers. c. SMTP servers. d. TCP servers. e. None of the above. 58. The time information found in an e-mail header is based on: a. Eastern Standard Time. b. Greenwich Mean Time. c. International Time Standard. d. Internet Mean Time. e. None of the above. 59. To trace an IP address back to its source address, which of the following tools would be best to use? a. Remail. b. Traceroute. c. Ping. d. ARIN. e. TCP Dump.

5 Testbank © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 60. To determine if a port on a web server is alive and connected to the Internet, which of the following tools would be best to use? a. Whois. b. Traceroute. c. Ping. d. ARIN. e. All ports are close to traffic today. 61. Which of the following search engines is a metacrawler? a. Dogpile. b. Google. c. Lycos. d. Yahoo. e. Metacrawl Shodan. 62. The purpose of remailers is to: a. Send back e-mail to a sender so that the sender knows it did not go to the recipient. b. Let the sender know e-mail was received by the receipent. c. Send spam. d. Send anonymous e-mail. e. There are no remailers left the U.S. government has outlawed them. 63. The best method to search for a downloadable FTP file located on an Argentinean-based hacker group is to use: a. Google. b. Tile-net. c. XGoogle. d. L-soft. e. None of the above. 64. Currently, which of the following would be the most difficult to identify through an Internet search? a. An individual social security number.

6 Forensic and Investigative Accounting © 2021 CCH Incorporated and its affiliates. All rights reserved. Chapter 14 b. The path of a packet over the Internet. c. The birth date for a person. d. The individual who sent an e-mail message through two remailers. 65. The most pertinent federal law for prosecuting computer fraud is: a. Electronic Protection Privacy Act. b. Computer Fraud and Abuse Act. c. Title 18 USC 1030. d. Patriot Act. e. Sarbanes-Oxley Act 66. One way to hide my e-mail address is to: a. Use a different PC than normally used to send my e-mail message. b. Use a proxy server for sending e-mail. c. Use a remailer. d. Both b and c. e. All of the above. 67. Which of the following sites can be searched by a search engine? a. FTP sites. b. Listserv sites. c. IRC sites. d. All of the above. e. None of the above. 68. What is the port number for SMTP protocol? a. 25 b. 23 c. 70 d. 80 e. Some other answer.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help