.png){kind=logo}
D 431 / D431 Objective Assessment (Latest Update 2025 / 2026) Digital Forensics in Cybersecurity | Questions and Verified Answers | Grade A | 100% Correct - WGU
Question:
A forensic examiner reviews a laptop running OS X which has been compromised. The examiner wants to know if there were any mounted volumes created from USB drives.
Which digital evidence should be reviewed?
Answer:
/var/log
Question:
Which log or folder contains information about printed documents on a computer running Mac OS X?
Answer:
/var/spool/cups 1 / 3
Question:
Which Windows event log should be checked for evidence of invalid logon attempts?
Answer:
Security
Question:
A cyber security organization has issued a warning about a cybercriminal who is using a known vulnerability to attack unpatched corporate Macintosh systems. A network administrator decides to examine the software updates logs on a Macintosh system to ensure the system has been patched.
Which folder contains the software updates logs?
Answer:
/Library/Receipts
Question:
A forensic investigator wants to image an older BlackBerry smartphone running OS 7.0.
Which tool should the investigator use?
Answer:
BlackBerry Desktop Manager 2 / 3
Question:
An investigator wants to extract information from a mobile device by connecting it to a computer.
What should the investigator take great care to ensure?
Answer:
That the mobile device does not synchronize with the computer
Question:
Which state is a device in if it is powered on, performing tasks, and able to be manipulated by the user?
Answer:
Active
Question:
What is one purpose of steganography?
Answer:
To deliver information secretly
- / 3
.png)