Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. Guidance Software
  5. GD0-100

Free Guidance Software GD0-100 Exam Questions (page: 8)

Page 8 of 45
PDF with 176 Questions

How does EnCase verify that the evidence file contains an exact copy of the suspect hard drive? How does
EnCase verify that the evidence file contains an exact copy of the suspect's hard drive?

  1. By means of a CRC value of the suspect hard drive compared to a CRC value of the data stored in the evidence file.By means of a CRC value of the suspect? hard drive compared to a CRC value of the data stored in the evidence file.
  2. By means of an MD5 hash of the suspect hard drive compared to an MD5 hash of the data stored in the evidence file.By means of an MD5 hash of the suspect? hard drive compared to an MD5 hash of the data stored in the evidence file.
  3. By means of a CRC value of the evidence file itself.
  4. By means of an MD5 hash value of the evidence file itself.

Answer(s): B



By default, EnCase will display the data from the end of a logical file, to the end of the cluster, in what color:

  1. Red
  2. Red on black
  3. Black on red
  4. Black

Answer(s): A



A SCSI drive is pinned as a master when it is:

  1. The only drive on the computer.
  2. The primary of two drives connected to one cable.
  3. Whenever another drive is on the same cable and is pinned as a slave.
  4. A SCSI drive is not pinned as a master.

Answer(s): D



The following GREP expression was typed in exactly as shown. Choose the answer(s) that would result. [^a-z] Tom[^a-z]

  1. Tomato
  2. om? ? RP
  3. Toms
  4. Stomp

Answer(s): B



Viewing page 8 of 45
Viewing questions 29 - 32 out of 176 questions



Post your Comments and Discuss Guidance Software GD0-100 exam prep with other Community members:

GD0-100 Exam Discussions & Posts