NSCT – Digital Forensics MCQs 20 min Score: 0 Attempted: 0/20 Subscribe 1. . Digital Forensics is the process of: (A) Deleting files automatically (B) Increasing computer speed (C) Identifying, preserving, analyzing, and presenting digital evidence (D) Installing softwareShow All AnswersShow All Answers 2. . The first step in digital forensics is: (A) Data encryption (B) Identification of digital evidence (C) File deletion (D) Network monitoringShow All Answers 3. . Chain of custody ensures: (A) Proper handling and documentation of evidence from collection to presentation (B) Faster analysis of files (C) Automatic deletion of evidence (D) Compression of filesShow All Answers 4. . Which type of digital forensics deals with computers and storage devices? (A) Mobile Forensics (B) Network Forensics (C) Computer Forensics (D) Malware AnalysisShow All Answers 5. . Network Forensics focuses on: (A) Encrypting emails (B) Deleting old logs (C) Monitoring and analyzing network traffic to detect attacks (D) Compressing filesShow All Answers 6. . Mobile Forensics deals with: (A) Only desktop computers (B) Smartphones, tablets, and other mobile devices (C) Only network traffic (D) Only cloud dataShow All Answers 7. . Live forensics involves: (A) Analyzing only offline devices (B) Collecting data from a running system (C) Deleting temporary files (D) Encrypting storageShow All Answers 8. . Static forensics refers to: (A) Deleting old logs (B) Monitoring network traffic (C) Encrypting files (D) Analyzing data from powered-off systems or storage devicesShow All Answers 9. . File carving is: (A) Encrypting files (B) Recovering deleted files based on file signatures (C) Deleting malware (D) Compressing dataShow All Answers 10. . Imaging in digital forensics means: (A) Creating an exact bit-by-bit copy of a storage device (B) Taking a photograph of evidence (C) Compressing files (D) Encrypting dataShow All Answers 11. . Hashing is used in digital forensics to: (A) Delete data (B) Encrypt files automatically (C) Verify integrity of evidence using algorithms like MD5 or SHA-256 (D) Compress imagesShow All Answers 12. . Digital evidence should always be: (A) Preserved in original form to maintain authenticity (B) Modified for analysis (C) Deleted after collection (D) Compressed immediatelyShow All Answers 13. . Volatile data includes: (A) USB storage files (B) Hard disk files (C) Data stored in RAM that is lost when system is powered off (D) Cloud backupsShow All Answers 14. . Forensic tools like EnCase, FTK, and Autopsy are used for: (A) Increasing system speed (B) Encrypting files (C) Compressing backups (D) Analyzing and recovering digital evidenceShow All Answers 15. . Email forensics focuses on: (A) Encrypting emails (B) Investigating emails to detect fraud, phishing, or evidence (C) Deleting spam only (D) Compressing attachmentsShow All Answers 16. . Cloud forensics involves: (A) Deleting old files (B) Only local devices (C) Investigating cloud-hosted data and applications (D) Increasing storageShow All Answers 17. . Malware analysis in digital forensics helps to: (A) Encrypt files (B) Understand behavior of malicious software for investigation (C) Delete malware automatically (D) Compress logsShow All Answers 18. . The main goal of digital forensics is to: (A) Increase system speed (B) Delete unnecessary files (C) Compress data (D) Identify, preserve, analyze, and present evidence in a legally acceptable wayShow All Answers 19. . Anti-forensics techniques are used to: (A) Encrypt sensitive files (B) Protect digital devices (C) Obstruct forensic investigations by hiding or destroying evidence (D) Backup dataShow All Answers 20. . Legal compliance in digital forensics ensures: (A) Files are deleted (B) Evidence is collected, preserved, and presented according to laws and regulations (C) Data is compressed (D) Network speed is increasedShow All Answers