Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.
Free, timed forensic mock tests for NFSU FACT, UGC-NET and university entrances. Instant scoring, per-question explanations and a topic breakdown after every attempt.
This test covers the practical craft of detecting, classifying, and containing security incidents before they escalate. Questions address the conceptual difference between indicators of compromise and indicators of attack, the log sources and tooling that feed detection pipelines, how SIEM and EDR platforms surface threats, and the frameworks used to assign severity. From there, the focus shifts to triage decision-making under uncertainty and to the dual-track approach of short-term versus long-term containment. The final cluster of questions addresses evidence preservation: the order of volatility that governs what to capture first on a live system, the procedural requirements for maintaining chain of custody, and the tension between keeping a system running for intelligence-gathering and pulling it offline for forensic integrity. All questions present applied scenarios drawn from internationally recognised practice.
This test challenges practitioners to apply advanced incident response concepts at the analysis level. Questions span mapping adversary behavior to the MITRE ATT&CK framework, constructing and evaluating hypothesis-driven threat hunting methodologies, and integrating memory and network forensic evidence into live IR workflows. Scenarios drawn from ransomware and APT campaign investigations require selecting appropriate playbook steps and understanding evidence-chain implications. Metric literacy covers MTTD and MTTR as operational and strategic levers. Legal and regulatory dimensions include breach-notification timelines, cross-jurisdictional obligations under GDPR, HIPAA, and comparable frameworks, and the role of legal hold in preserving forensic integrity. Candidates are expected to distinguish closely related techniques, apply principles to realistic fact patterns, and evaluate tradeoffs between investigative thoroughness and operational recovery pressures. Suitable for IR analysts, threat hunters, and digital forensics professionals operating in multi-jurisdictional or enterprise environments.