.png){kind=logo}
D 431 / D431 Final Exam Review (Latest Update 2025 / 2026) Digital Forensics in Cybersecurity | Questions with Verified Answers | Grade A | 100% Correct - WGU
Question:
What is the role of Application log?
Answer:
Contains various events logged by applications or programs.
Question:
What is the role of System Log?
Answer:
Contains events logged by Windows system components. This includes events like driver failures.
- / 3
Question:
What is the role The ForwardedEvents log?
Answer:
Used to store events collected from remote computers. This has data in it only if event forwarding has been configured.
Question:
What are the supportin files of HKEY_LOCAL_MACHINE\SAM?
Answer:
Sam, Sam.log, Sam.sav
Question:
What command prompt does MAC use?
Answer:
A bash shell so you can execute Linux commands
Question:
What are GUID Partion Tables?
Answer:
Used primarily with computers that have an Intelbased processor. It requires OS X v10.4 or later 2 / 3
Question:
What is one of the first steps in any forensic examination and why are logs important when examining a Windows, Linux or Apple computer?
Answer:
One of the first steps in any forensic examination should be to check the logs.Remember that logs are very important when examining a Windows or a Linux computer. They are just as important when examining an Apple computer. This section examines the Mac OS logs and what is contained in them.
Question:
What does the The /Users//.bash_history Log do?
Answer:
Show you a variety of commands. You might look for commands such as rm, which would be removing or deleting something, or commands like dd, indicating the user might have tried to make an image of the drive
Question:
What is in The /etc Directory
Answer:
This is where configuration files are located.
- / 3
.png)