CISSP Question #1296: Real Exam Question with Answer & Explanation

Question

If traveling abroad and a customs official demands to examine a personal computer, which of the following should be assumed?

Options

• AThe hard drive has been stolen.
• BThe Internet Protocol (IP) address has been copied.
• CThe hard drive has been copied.
• DThe Media Access Control (MAC) address was stolen

Explanation

If traveling abroad and a customs official demands to examine a personal computer, the most reasonable assumption is that the hard drive has been copied. The hard drive is the component of the computer that stores the data and the operating system, and it can be easily copied or cloned by using a device or a software. The customs official may copy the hard drive to inspect its contents, to search for illegal or suspicious data, or to obtain sensitive or valuable data. The hard drive may not be stolen, as the customs official may return the computer to the owner after the examination. The Internet Protocol (IP) address may not be copied, as the IP address is not a fixed or permanent attribute of the computer, but rather a dynamic and temporary identifier that is assigned by the network. The Media Access Control (MAC) address may not be stolen, as the MAC address is a unique and permanent identifier that is embedded in the network interface card (NIC) of the computer, and it cannot be easily changed or modified.

No community discussion yet for this question.