GD0-100 Online Practice Questions and Answers

An evidence file can be moved to another directory without changing the file verification.

A. False

B. True

Select the appropriate name for the highlighted area of the binary numbers.

A. Byte

B. Dword

C. Word

D. Bit

E. Nibble

Calls to the C:\ volume of the hard drive are not made by DOS when a computer is booted with a standard DOS 6.22 boot disk.

A. False

B. True

The Windows 98 Start Menu has a selection called documents which displays a list of recently used files. Which of the following The Windows 98 Start Menu has a selection called documents which displays a list of recently used files. Which of the following folders contain those files?

A. C:\Windows\History

B. C:\Windows\Start menu\Documents

C. C:\Windows\Documents

D. C:\Windows\Recent

The spool files that are created during a print job are __________ after the print job is completed.

A. moved

B. wiped

C. deleted and wiped

D. deleted

The end of a logical file to the end of the cluster that the file ends in is called:

A. Allocated space

B. Slack

C. Unallocated space

D. Available space

The boot partition table found at the beginning of a hard drive is located in what sector?

A. Volume boot sector

B. Master boot record

C. Master file table

D. Volume boot record

Which of the following directories contain the information that is found on a Windows 98 Desktop?

A. C:\Program files\Programs\Desktop

B. C:\Desktop

C. C:\Startup\Desktop\Items

D. C:\Windows\Desktop

A sector on a hard drive contains how many bytes?

A. 2048

B. 4096

C. 1024

D. 512

Within EnCase for Windows, the search process is:

A. None of the above

B. both a and b

C. a search of the physical disk in unallocated clusters and other unused disk areas

D. a search of the logical files