The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯
Today's Deal

Certified Cyber Forensics Professional (CCFP) Practice Quiz 1

Cyber foresnics detectiveThis free practice test contains 12 questions and answer explanations  covering a variety of cyber forenscs concepts, including terms and definitions, law enforcement questions, and more.

Note: Your browser must permit multiple dialog boxes per page in order to complete this quiz.

These practice questions are excerpted from the CCFP Certified Cyber Forensics Professional All-in-One Exam Guide (McGraw-Hill Osborne Media, 2014) with permission from McGraw-Hill.

Question 1:

If a police officer locks a door so that a suspect cannot access his (the suspect’s) own computer, without a warrant, what would be the most likely outcome?

A. The evidence will be excluded because the officer seized it without a warrant.
B. The evidence will be excluded because it does not meet the Daubert standard.
C. The evidence will be admitted; this is not a warrantless seizure.
D. The evidence will be admitted; the officer acted in good faith.

Question 2:

What U.S. federal agency is most responsible for cybercrime investigation?

A. The FBI
B. Homeland Security
D. Secret Service

Question 3:

Which of the following are the two types of write protection?

A. Fast and slow
B. Windows and Linux
C. Hardware and software
D. Forensic and non-forensic

Question 4:

What best describes metadata?

A. Data that is important to the investigation
B. Data about data
C. Data that is hidden
D. Operating system data

Question 5:

What does it mean to validate your findings?

A. To ensure they meet Daubert standards
B. To ask a colleague if they agree with your findings
C. To repeat the test
D. To re-read your notes to see if you followed SOP

Question 6:

What happens when a file is sent to the recycle bin in NFTS?

A. The file is deleted.
B. The file is removed from the file allocation table.
C. The cluster is marked as deleted in MFT.
D. The cluster is marked as available.

Question 7:

What type of encryption uses a different key to encrypt the message than it uses to decrypt the message?

A. private key
B. asymmetric
C. symmetric
D. secure

Question 8:

What does a 500 HTTP response indicate?

A. Client error
C. Redirect
D. Server error

Question 9:

What part of a cloud implementation provides the virtual servers with access to resources?

A. Hypervisor
B. Resource monitor
C. Resource auditor
D. Virtual Manager

Question 10:

Where is the data for roaming phones stored?


Question 11:

If you copy a file between two folders on different partitions, what permissions with the file have after being copied?

A. The source folder
B. Neither folder
C. The destination folder
D. The source partition

Question 12:

A virus that changes as it spreads is called what?

A. Multipartite
B. Armored
C. Changeling
D. Polymorphic


  var vglnk = { key: "f0db412a706878ad798e5edf80a05a44" }; (function(d, t) { var s = d.createElement(t); s.type = "text/j-avascript"; s.async = true; s.src = "//"; var r = d.getElementsByTagName(t)[0]; r.parentNode.insertBefore(s, r); }(document, "script"));