Digital Forensicsmedium Premium
Digital Forensics: Computer Hardware and File Systems Applied Scenarios
Published:
Questions
30
Duration
30 min
Faculty-reviewed
0
Updated
20 May 2026
Practice with national-level exam (FACT, FACT Plus, NET, CUET, etc.) mocks, learn from structured notes, and get your doubts solved in one place.
Published:
Questions
30
Duration
30 min
Faculty-reviewed
0
Updated
20 May 2026
Applied-scenario drill on computer hardware and file systems for the FACT digital forensics paper, pitched at the medium difficulty band where the question describes a real-world seizure or lab situation and the candidate must pick the technique, structure, or statute that fits. Coverage spans long-mode x86-64 instruction execution, DDR4 ECC behaviour, virtual memory and page-table translation during RAM acquisition, HDD zoned bit recording and LBA, SSD flash translation layer (FTL) and TRIM with garbage collection, MBR extended partitions and hybrid MBR alongside GPT, GPT backup-header recovery, NTFS resident versus non-resident $DATA, ext4 extents versus ext3 indirect blocks, ext4 journal modes (writeback, ordered, journal), APFS clones, $STANDARD_INFORMATION versus $FILE_NAME timestomp detection, NTFS $LogFile versus USN journal, exFAT versus FAT32 for large files, HFS+ versus APFS macOS timeline, pagefile.sys and hiberfil.sys as RAM residue, UEFI Secure Boot with EFI System Partition, the POST boot stage, NIC checksum offload artefacts in PCAP, PMTUD black holes from MTU mismatch, NVMe-direct-to-CPU versus SATA-through-PCH topology, ECC scrubbing in cold-boot key recovery, and 4Kn versus 512e imaging offset issues.
The pack is meant for FACT aspirants who have cleared an easy-band hardware mock and now want scenario-style questions that force them to choose between near-neighbour techniques and adjacent structures, the same calibration the FACT digital forensics paper applies. It is also useful for NFSU MSc cyber forensics entrance candidates, CDAC PG-DCSF students, and SI-to-Inspector cyber-cell promotion aspirants in state CIDs.
Topics covered:
Use this mock after the easy-band hardware pack and before attempting the digital-forensics mixed full-length.
Allow 30 minutes.
Questions are written and edited by the ForensicSpot team and cited from peer-reviewed forensic textbooks, official syllabi and primary case law. Each one is verified before publishing. Detailed explanations show after you submit, so the test stays a real test. See a mistake? Tell us.