1. . Digital Forensics is the process of:
(A) Deleting files automatically
(B) Increasing computer speed
(C) Identifying, preserving, analyzing, and presenting digital evidence
(D) Installing software
2. . The first step in digital forensics is:
(A) Data encryption
(B) Identification of digital evidence
(C) File deletion
(D) Network monitoring
3. . Chain of custody ensures:
(A) Proper handling and documentation of evidence from collection to presentation
(B) Faster analysis of files
(C) Automatic deletion of evidence
(D) Compression of files
4. . Which type of digital forensics deals with computers and storage devices?
(A) Mobile Forensics
(B) Network Forensics
(C) Computer Forensics
(D) Malware Analysis
5. . Network Forensics focuses on:
(A) Encrypting emails
(B) Deleting old logs
(C) Monitoring and analyzing network traffic to detect attacks
(D) Compressing files
6. . Mobile Forensics deals with:
(A) Only desktop computers
(B) Smartphones, tablets, and other mobile devices
(C) Only network traffic
(D) Only cloud data
7. . Live forensics involves:
(A) Analyzing only offline devices
(B) Collecting data from a running system
(C) Deleting temporary files
(D) Encrypting storage
8. . Static forensics refers to:
(A) Deleting old logs
(B) Monitoring network traffic
(C) Encrypting files
(D) Analyzing data from powered-off systems or storage devices
9. . File carving is:
(A) Encrypting files
(B) Recovering deleted files based on file signatures
(C) Deleting malware
(D) Compressing data
10. . Imaging in digital forensics means:
(A) Creating an exact bit-by-bit copy of a storage device
(B) Taking a photograph of evidence
(C) Compressing files
(D) Encrypting data
11. . Hashing is used in digital forensics to:
(A) Delete data
(B) Encrypt files automatically
(C) Verify integrity of evidence using algorithms like MD5 or SHA-256
(D) Compress images
12. . Digital evidence should always be:
(A) Preserved in original form to maintain authenticity
(B) Modified for analysis
(C) Deleted after collection
(D) Compressed immediately
13. . Volatile data includes:
(A) USB storage files
(B) Hard disk files
(C) Data stored in RAM that is lost when system is powered off
(D) Cloud backups
14. . Forensic tools like EnCase, FTK, and Autopsy are used for:
(A) Increasing system speed
(B) Encrypting files
(C) Compressing backups
(D) Analyzing and recovering digital evidence
15. . Email forensics focuses on:
(A) Encrypting emails
(B) Investigating emails to detect fraud, phishing, or evidence
(C) Deleting spam only
(D) Compressing attachments
16. . Cloud forensics involves:
(A) Deleting old files
(B) Only local devices
(C) Investigating cloud-hosted data and applications
(D) Increasing storage
17. . Malware analysis in digital forensics helps to:
(A) Encrypt files
(B) Understand behavior of malicious software for investigation
(C) Delete malware automatically
(D) Compress logs
18. . The main goal of digital forensics is to:
(A) Increase system speed
(B) Delete unnecessary files
(C) Compress data
(D) Identify, preserve, analyze, and present evidence in a legally acceptable way
19. . Anti-forensics techniques are used to:
(A) Encrypt sensitive files
(B) Protect digital devices
(C) Obstruct forensic investigations by hiding or destroying evidence
(D) Backup data
20. . Legal compliance in digital forensics ensures:
(A) Files are deleted
(B) Evidence is collected, preserved, and presented according to laws and regulations
(C) Data is compressed
(D) Network speed is increased