GD0-100 Online Practice Questions and Answers
When an EnCase user double-clicks on a file within EnCase what determines the action that will result? Select all that apply
A. The settings in the case file.
B. The settings in the FileTypes.ini file.
C. The setting in the evidence file.
If cluster #3552 entry in the FAT table contains a value of ?? this would mean:
A. The cluster is unallocated
B. The cluster is the end of a file
C. The cluster is allocated
D. The cluster is marked bad
Select the appropriate name for the highlighted area of the binary numbers.
A. Word
B. Byte
C. Bit
D. Nibble
E. Dword
During the power-up sequence, which of the following happens first?
A. The boot sector is located on the hard drive.
B. Theower On Self-Test.? 7KH ? RZHU2Q6HOI7HVW
C. The floppy drive is checked for a diskette.
D. The BIOS on an add-in card is executed.
Assume that MyNote.txt has been deleted. The FAT file system directory entry for that file has been overwritten. The data for MyNote.txt is now:
A. Overwritten
B. Allocated
C. Cross-linked
D. Unallocated
Which of the following would most likely be an add-in card?
A. A video card that is connected to the motherboard in the AGP slot
B. Anything plugged into socket 7
C. A motherboard
D. The board that connects to the power supply
For an EnCase evidence file acquired with a hash value to pass verification, which of the following must be true?
A. The MD5 hash value must verify.
B. The CRC values must verify.
C. The CRC values and the MD5 hash value both must verify.
D. Either the CRC or MD5 hash values must verify.
RAM is used by the computer to:
A. Execute the POST during start-up.
B. Temporarily store electronic data that is being processed.
C. Permanently store electronic data.
D. Establish a connection with external devices.
How does EnCase verify that the case information (Case Number, Evidence Number, Investigator Name, etc) in an evidence file has not been damaged or changed, after the evidence file has been written?
A. EnCase writes a CRC value of the case information and verifies the CRC value when the evidence is added to a case.
B. EnCase does not verify the case information and case information can be changed by the user as it becomes necessary.
C. The .case file writes a CRC value for the case information and verifies it when the case is opened.
D. EnCase writes an MD5 hash value for the entire evidence file, which includes the case information, and verifies the MD5 hash when the evidence is added to a case.
The first sector on a hard drive is called the:
A. Master file table
B. Master boot record
C. Volume boot record
D. Volume boot sector
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2024 leads4pass.com.