CH.

3
1. Who proposed “extended model of cybercrime investigation”?
a) S. O. Ciardhuain b) G. Gunsh
c) J. Korn d) G. Palmar

2. EMCI stands for____________.

a) Extraction model of cybercrime investigation
b) Extended model of cybercrime investigation
c) Ethical model of cybercrime investigation
d) End model of cybercrime investigation

3. Who proposed “End to end digital investigation process”.

a) S. Ciardhuain b) Stephenson
c) G. Gunsh d) J. Korn

4. “Identifying the nature of incident” is involve in which phase

a) Preservation phase b) Collection phase
c) Examination phase d) Identification phase

5. Investigator should satisfy the following point:

a) Honesty towards the investigation
b) To avoid harm to others
c) Prudence means carefully handling the digital evidences
d) Compliance with law and professional norms

6. Which phase is included in EMCI

a) Collection b) Planning
c) Analysis d) Presentation

7. Which model is used in EMCI

a) V model b) Increment model
c) Waterfall model d) none of the above
8. Phases in UMDFPM are
a) Examine b) Collect
c) Analysis d) All of the above

9. Investigator should not

a) upload any relevant evidence b) To be honest
c) To honour confidentiality d) None of above

10. “Draw conclusion based on evidence found” is involve in which

phase
a) Reporting b) Examination
c) Analysis d) Collection

11. Identification, Preservation, Collection, Examination

Analysis and Presentation are the models of ______________
a) Road Map for Digital Forensic Research (RMDFR)
b) Abstract Digital Forensic Model (ADFM)
c) Integrated Digital Investigation Process (IDIP)
d) None of these
12. _________ is a forensic is a series of steps to uncover and
analyse electronic data through scientific method.
a) Digital Forensic
b) Digital Forensic Investigation
c) 1,2
d) None of these
13. Readiness phase and deployment phase, review phase,
physical crime investigation and digital crime investigation
phase are phases of
a) RMDER
b) ADEM
c) IDIP
 d) None of these
14. Phase of RMDER are
a) Seven
b) Five
c) Six
d) Eight
15. International Organization on computer fuidence (IOCE)
was formed in
a) 1998
b) 2000
c) 1995
d) 2003
16. FBI Regional computer forensic laboratory was recognized
in
a) 1985
b) 2002
c) 2003
d) 2000
17. How many FBI CART cases are there
a) 782
b) 500
c) 6500
d) 495

18. There are _____ rule of digital forensic

a) 7
b) 8
c) 6
d) 5
19. Abstract Digital Forensic Model in _____
a) 2002
b) 2001
 c) 2003
d) 2000
20. It is special type of investigation.
a) DFI
b) FFI
c) MFI
d) AFI
21. In which year, an associate Federal Bureau of
Investigation program was created?
a. 1977
b. 1984
c. 1990
d. 2000

22. Father of Computer Forensics

A) G. gunsh
B) S.Ciardhuain
C) M.Anderson
D) J.Korn

23. Full form of IOCE

A) International Organization on Computer Evidence
B) International Organization on Complete Evidence
C) Intermediate Organization on Complete Evidence
D) None of the above

IOCE was formed in _____

A) 1980
B) 1984
C)1995
D)2000

24.In which year the first FBI Regional Computer Forensic Laboratory
was recognized
A) 1980
B) 1984
C)1995
D)2000

25. Correct sequence of RMDFR model

I) Analysis
II) Collection
III) Presentation
IV) Identification
V) Preservation
VI) Examination
A) I,II,III,IV,V,VI
B) IV,V,II,VI,I,III
C) I,V,II,VI,IV,III
D)I,V,VI,III,II,IV
26. Investigators should not
A) Declare any confidential matters
B) Uphold any relevant evidence
C)Declare any confidential knowledge
D) All of the above

27. Examination stage consists unsystematic search of evidence

A)true
B)false

28.Palkar designed______ model

A) ADFM
B) RMDFR
C) IDIP
D) none

29. ______ model does well at illustrating the forensic process

A) ADFM
B) RMDFR
C) IDIP
D) none

30. ________ phase involves obtaining the digital evidence

A) Collection
B) Preservation
C) Examination
D) Analysis

31.The EMCI follows

A) V Model
B) Waterfall model
C) Sequential model
D)none

32. ______ phase involves summarizing the evidence

A) Collection
B) Presentation
C) Examination
D) Analysis

33. The preservation phase includes condensing the investigation

A) true
B)false
34. Investigator should satisfy
A) to avoid harm to others
B)to be honest and trustworthy
C)declare any confidential matters
D)both a and b

35. Set of normal principles that regulate the use of computers

A) General ethical in digital forensic
B)Unethical in digital forensic
C) Ethics in digital forensic
D) none

36. Different digital forensic models

A) RMDFR
B) ADFM
C) IDIP
D) All of the above

37.Identification recognizes an incident from indicators and

determine it's type
A) true
B) false

38. Who proposed ADFM

A) Reith
B) Carr
C) Gunsh
D) all of the above

39. How many groups are there in IDIP

A)5
B)6
C)7
D)4

40. Most comprehensive model is

A) RMDFR
B) ADFM
C) IDIP
D) EMCI

41. Who made use of UML and case diagram in UMDFPM

A) Kohn
B) Oliver
C) John
D) both a and b
42. In which year FBI program was created
A) 1984
B)1980
C)1975
D)1970

43.Field of pc forensic began in _____

A) 1980
B)1984
C)1975
D)1970

44. CART is:

A)Computer Analysis and Response Team
B)Computer Analysis and Request Team
C) Collection Analysis and Response Team
D)none

45. Rule 1 states

A) An examination should never be performed on the original media
B) A copy is made onto forensically sterile media
C) The copy of the evidence must be an exact
D) none

46. Special type of investigation

A)Digital Forensic Investigation
B) Analytical Forensic Investigation
C) Abstract Forensic Investigation
D) none

47. Digital Forensics includes

A) Identification
B) recovery
C) investigation
D) all

47. Rule 3 states

A) An examination should never be performed on the original media
B) A copy is made onto forensically sterile media
C) The copy of the evidence must be an exact
D) none

48. ADFM proposed in _____

A) 2002
B)1980
C)1975
D)1970

49. Physical and digital property returned to proper owner

A) Preservation
B) Analysis
C) Examination
D) none

50. The DFPM proposed by

A) S. Ciardhuain
B) J. korn
C) G.Gunsh
D) none