【2023美亚杯】团队赛赛题（无解析版）

容器密码

团队赛容器密码

#Zfa2w^t88vDk%VSi2CxT5*nBmbWN3W2gosfqFR#4@gj48Gfc$4bCME$mu5$G8foubAy6zFgs5KzMLX9mt^&UoNdBxDnFjV6wz@Fv#oWu#ZQVgB9F%oh57vYiSEGEkbv

附加資料容器密码

RSTq3p%#vxQ6Ckq^LmYS$%RRj8xv#HDR97ofE#LMp2KimG*5bgE5cYpbvZBLEM4%cA8i#^5$^NFEcjpW!YeQQrWsHckKvCoGkm!7kyY$#x3%x#!*q2R4h$4r3B%ewe@X

---

“美亚杯”第九届全国电子数据取证竞赛团体赛（线下）

本次比赛共1 个段落, 139 个小题, 总共241分

团体赛 (139个小题, 共241分)

1. [填空题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者手机中的一个智能家居应用程序中的帐号是什么？ What is the user ID of the Deceased’s account in a smart home app? 提示:请以阿拉伯数字填写答案 Tips: Please answer in arabic number (1分)

2. [单选题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者手机中的智能家居应用程序内的智能门铃发送的最后一次通知消息的本地时间？ ｗhat is the local time of the last notification message sent by a smart doorbell in this smart home app? (1分)

A. 2023-09-25 07:51:18

B. 2023-09-26 07:51:18

C. 2023-09-26 15:51:18

D. 2023-09-26 23:51:18

E. 2023-09-28 01:11:11

3. [单选题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者在「Carousell」应用程序中首先接触的卖家是售卖什么类型产品的？ What is the type of product the Deceased first to approach the seller in the App of “Carousell”? (2分)

A. 无人机 (Drones)

B. 运动鞋 (Sneakers)

C. 电子游戏 (Video Games)

D. 桌上计算机 (Desktops)

E. 饮料 (Beverages)

4. [填空题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者在「Facebook Messenger」应用程序中最后联系人的使用者的名字？ What is the user name of someone whom the Deceased last contacted in the app of “Facebook Messenger”? 提示:请用简体中文填写答案。 Please anser the question in Chinese (2分)

5. [单选题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者曾经用「Fitbit」应用程序记录一次跑步的数据，该次跑步是由何时开始？ What time of the Deceased started a run which recorded by the app of “Fitbit”? (1分)

A. 2023-09-13 12:36

B. 2023-09-13 12:37

C. 2023-09-13 12:38

D. 2023-09-13 12:39

E. 2023-09-13 12:40

6. [单选题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者除曾经用「Fitbit」应用程序记录一次跑步的数据外，他也用哪一个应用程序记录同一次跑步？ Which of the following APPs used to record the same run? (1分)

A. My Run Tracker

B. FITAPP

C. Fitnesskeeper

D. Nike Run Club

E. Runkeeper

7. [单选题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 死者跑步起点的经纬度是多少？ What is the longitude and latitude of the starting point of the run? (1分)

A. 114.16869, 22.282452

B. 114.16851, 22.281998

C. 114.16847, 22.28182

D. 114.16773, 22.280827

E. 114.16867, 22.280434

8. [填空题]

参考 ’ blk0_sda.bin ’ 回答以下题目 With reference to ’ blk0_sda’ to answer below question 无人机卖家的电话号码是多少？ What is the telephone number of the drone seller? 提示: 答案包括没有任何空格的国际电话代码，例如0085261231234 Tips: The answer should include the International Calling Code without any space, i.e. 0085261231234) (2分)

9. [填空题]

参考李佩妍的手机镜像回答以下题目 With reference to Peggy’s mobile phone image to answer below question 李佩妍在Facebook 建立了一个群组, 该群组的名称是什么? Peggy created a group on Facebook. What is the name of the group? 提示:请用大写英文作答, 不用留空白 Tips: Please answer the question in capital letters, leave no spaces (1分)

10. [单选题]

参考李佩妍的手机镜像回答以下题目 With reference to Peggy’s mobile phone image to answer below question 李佩妍第一次用计算机登入Facebook帐户的日期和时间? What day and time did Peggy first log in to her Facebook account using a computer? (2分)

A.2023-07-26 14:37:40

B. 2023-09-06 18:32:07

C. 2023-07-26 06:34:40

D. 2023-09-06 18:34:09

11. [填空题]

题目内容请看题目描述。（11） (2分)

参考李佩妍的手机镜像回答以下题目
With reference to Peggy’s mobile phone image to answer below question

李佩妍在2023年9月3日曾经操作航拍机,请问起飞地点的经纬度是多少?
On September 3, 2023, Li Peiyan operated a drone. What are the latitude and longitude coordinates of the takeoff location?

提示: 以经纬度坐标回答有关答案，答案如 Lat: 22.2846135, Lon: 114.1739116，请用以下格式作答，22.2846135,114.1739116。
For example: Lat: 22.2846135, Lon: 114.1739116, please answer 22.2846135,114.1739116.

12. [多选题]

参考李哲图的手机镜像回答以下题目 With reference to Chris’ mobile phone image to answer below question 李哲图手机内安装了什么恶意软件? What malicious program packages are installed on Chris’s mobile phone? (1分)

A. com.instagram.android

B. com.whatsapp

C. org.telegram.messenger

D. com.xiaomi.smarthome

E. com.metasploit.stage

F. com.taobao.taobao

G. com.cad_epuas_reactnative

13. [填空题]

参考李哲图的手机镜像回答以下题目 With reference to Chris’ mobile phone image to answer below question 李哲图手机内package “com.cad_epuas_reactnative”的app 名是什么? What is the app name of the the package “com.cad_epuas_reactnative” installed on Chris’s mobile phone in Hong Kong. 提示: 请以中文和全英文大写填写答案 Tips: Please answer in Chinese and English (1分)

14. [单选题]

参考李哲图的手机镜像回答以下题目 With reference to Chris’ mobile phone image to answer below question “com.cad_epuas_reactnative”拆包后, 内有哪一个“类(class)”能找到黑客IP有关的线索? After decompiling “com.cad_epuas_reactnative”, which class can find clues related to hacker IP? (2分)

A. Nhnov

B. Olyg

C. Ywnvt

D. MainActivity

15. [填空题]

参考李佩妍的计算机镜像回答以下题目 With reference to Peggy’s computer image to answer below question 李哲图计算机的外部IP是多少? What is the external IP of Chris’s computer? 提示: 用IPV4格式回答 Hint: Combine the IP address into a single answer. For example, if the IP address is 123.123.123.123, the answer should be 123123123123. (1分)

16. [填空题]

参考李佩妍的计算机镜像回答以下题目 With reference to Peggy’s computer image to answer below question 李佩妍计算机内的Kali虚拟机时区是多少? What is the time zone of the Kali virtual machine on Peggy’s computer? 提示: 不要输入符号及空白，以全大写英文回答 Tips: Answer in uppercase English without symbols or spaces (1分)

17. [填空题]

参考李哲图的计算机镜像回答以下题目 With reference to Chirs’s computer image to answer below question 在李哲图的计算机上，有一个文件内藏有木马病毒，请问该文件的名称是什么？ On Chris’s computer, there is a file containing a Trojan virus. What is the name of the file? 提示: 以全大写英文字母回答，不包含符号或空格，例如， “ABC.TXT” Tips: Answer in uppercase English without symbols or spaces. For example ABC.TXT (1分)

18. [填空题]

题目内容请看题目描述。（18） (1分)

参考李佩妍的计算机镜像回答以下题目
With reference to Peggy’s computer image to answer below question

在2023-09-26 10:00 (UTC+8)至 2023-09-26 11:00 (UTC+8)时间内, 李佩妍在李哲图的计算机下载了一个文件,请问文件名是什么?
From 2023-09-26 10:00 (UTC+8) to 2023-09-26 11:00 (UTC+8), Peggy downloaded a file on Chris’s computer. What is the name of the file?

提示: 不要输入符号及空白，以大写英文回答。如，ABC.TXT
Tips: Answer in uppercase English without symbols or spaces. For example,ABC.TXT

19. [填空题]

题目内容请看题目描述。（19） (1分)

参考李佩妍的计算机镜像回答以下题目
With reference to Peggy’s computer image to answer below question

在2023-09-26 11:22 (UTC+8)时间, 李哲图当时所在地方的经纬度是多少?
On 2023-09-26 at 11:22 (UTC+8), where was Chris located?

提示: 将经纬度合并回答。如 22.2846135(Latitude) 114.1739116(Longitude)，需回答 22.2846135,114.1739116
Tips: Combine the latitude and longitude coordinates. For example, if the latitude is 22.2846135 and the longitude is 114.1739116, the answer should be 22.2846135,114.1739116.

20. [填空题]

参考陈好计算机的镜像回答以下题 With reference to Leo’s computer to answer below question 从目标服务器窃取数据要执行哪一个文件？（包括文件名的扩展名） What is the file to be executed for stealing the data from a targeted server? (Including the file extension)） 提示: 以大写英文字母回答，如，ABC.TXT Tips: Answer in uppercase English For example,ABC.TXT (1分)

21. [填空题]

参考陈好计算机的镜像回答以下题目 With reference to Leo’s computer to answer below question 用在执行「从目标服务器窃取数据要执行的文件」的软件是什么？（包括文件扩展名）" What is the software used to execute the file? (including the file extension) 提示: 以大写英文字母回答， ABC.TXT Tips: Answer in uppercase English. For example, ABC.TXT (1分)

22. [填空题]

参考陈好计算机的镜像回答以下题目 With reference to Leo’s computer to answer below question 存储该「从目标服务器窃取数据要执行的文件」的原始路径是什么？ What is the original path of the file stored? 提示:以大写英文字母与以下格式填写答案 Please answer in uppercase English and answer as below format (例如: \USERS\HO328\APPDATA\LOCAL\PROGRAMS\TESTING.TXT) (2分)

23. [多选题]

参考陈好计算机的镜像回答以下题目 With reference to Leo’s computer to answer below question 执行该「从目标服务器窃取数据要执行的文件」后将创建哪些文件？（包括文件扩展名） What file(s) will be created after the execution of the file? (including the file extension) (1分)

A. extracted_customer_data.txt

B. data.txt

C. pair_device_result.txt

D. driver-signature.txt

24. [填空题]

参考陈好计算机的镜像回答以下题目 With reference to Leo’s computer to answer below question 目标服务器的IP地址及服务器的端口是多少？ what is the IP address and the port number of the target server? 提示: 将IP地址及服务器的端口合并回答。如 123.123.123.123:80。 Tips: Combine the IP address and the port number into a single answer. For example, 123.123.123.123:80. (1分)

25. [单选题]

参考陈好计算机的镜像回答以下题目 With reference to Chan Ho’s computer to answer below question 通过执行"李佩妍在李哲图的计算机下载的文件"成功窃取了以下哪些数据？ Which following data were successfully stolen by executing the above file? i) current_ui_customer_description ii) email iii) token iv) customer_stage (1分)

A. i, ii, iii

B. ii,iii,iv

C. i, ii, iv

D. i, iii, iv

E. i, ii, iii, iv

26. [填空题]

参考陈好计算机的镜像回答以下题目 With reference to Chan Ho’s computer to answer below question 有多少条客户信息被盗取？(包括首尾项目) How many entries of the customer information have been stolen? (included both numbers) 提示:请以阿拉伯数字作答 Tips:Please answer in arabic number (1分)

27. [填空题]

参考’TeslaCam.e01’回答以下题目 With reference to TeslaCam.e01 to answer below question 当哨兵模式运作时，共有多少个镜头将会进行记录?(第三方安装的电子狗不计在内) How many cameras on the car will be operated during the sentry mode enabled? (3rd party camera not included) 提示:请以阿拉伯数字作答 Tips:Please answer in arabic number (1分)

28. [填空题]

参考"https://www.tesla.com/support/videos/watch/live-camera"回答以下题目 With reference to https://www.tesla.com/support/videos/watch/live-camera to answer below question 当车主利用手机查阅车辆实时影像时共有多少个镜头正在运作以供查阅? How many cameras will be on when we are browsing the Live camera? 提示:请以阿拉伯数字作答 Tips:Please answer in arabic number (1分)

29. [单选题]

参考’TeslaCam.e01’回答以下题目 With reference to TeslaCam.e01 to answer below question 当哨兵模式运作时,系统会自动记录多长时间的影像? How long will the video be taken when suspicious activity was found around the vehicle under the sentry mode enabled? (2分)

A. 5 分钟

B. 7 分钟

C. 10分钟

D. 15分钟

E. 20分钟

30. [填空题]

参考’TeslaCam.e01’回答以下题目 With reference to TeslaCam.e01 to answer below question 在2023年10月2日上午11时51分，到底发出了什么事件令哨兵模式被触发? At around 1151 hrs on 2023-10-02, the sentry mode of the car was alerted. What is the reason to explain the alarm enabled? 请用小写英文字母与以下格式作答 xxx_xxx_xxx_xxx (2分)

31. [单选题]

参考’TeslaCam.e01’回答以下题目 With reference to TeslaCam.e01 to answer below question 男死者李哲图死在9月末，但是其车辆的哨兵模式在2023年10月02日的上午被启动，从Sentry Clips Folder内找出有关片段，确认有什么事件引发录制。 At late Septeber, the deceased was dead. However, the alarm was enabled at the morning on 2023-10-02. Please find out the cause in the clip at Sentry Clips Folder. (3分)

A. 有车辆从前方驶过

B. 有动物从前方走过

C. 有人从前方走过

D. 有人从后方走过

E. 有车辆从后方驶过

32. [填空题]

题目内容请看题目描述。（32） (3分)

参考’TeslaCam.e01’回答以下题目
With reference to TeslaCam.e01 to answer below question

按照Sentry Clips 内 '2023-10-02_11-51-40’的活页夹，请找出男死者李哲图私家车当日的停泊位置。
Based on the sentry clips on the folder “2023-10-02_11-51-40”, Can you tell me the location of the car parking?

提示: 以经纬度坐标回答有关答案，答案如 Lat: 22.2846135, Lon: 114.1739116，请用以下格式作答，22.2846135,114.1739116。
For example: Lat: 22.2846135, Lon: 114.1739116, please answer 22.2846135,114.1739116.

33. [单选题]

参考’TeslaCam.e01’回答以下题目 With reference to TeslaCam.e01 to answer below question 在’event.json’文件,我们发现有一栏显示为"Camera:6"，这是什么意思? When we take a look on the event.json file from the TeslaCam.e01, we can see the row “camera:6”. What is the meaning of 6? 提示: 请浏览特斯拉有关的网站或讨论区。 Tips: Please conduct an online chechking from Tesla’s website or Tesla Forum. (3分)

A. 前镜头

B. 后镜头

C. 右边镜头

D. 左边镜头

34. [填空题]

题目内容请看题目描述。（34） (3分)

参考’TeslaCam.e01’回答以下题目
With reference to TeslaCam.e01 to answer below question

有人曾驾驶男死者李哲图的车辆前往香港迪斯尼乐园，期间有车辆从男死者的车辆后方驶走，请找出在"2023-09-30_alerted"照片中有关车牌号码?
In between 1518 hrs and 1528 hrs on 2023-09-30, the car was parked at Disneyland and a car was driving out from the parking park. Please find out the photos “2023-09-30_alerted” and tried to find out the Car Plate Number of the car.

请以大写英文与以下格式作答XX_XXX
Please answer in below format XX_XX，如：AB_123

35. [单选题]

参考’dji.go.v5’回答以下题目 With reference to dji.go.v5 to answer below question 按照WhatsApp聊天记录，得知Chris曾与Peggy在2023年09月07日外出玩无人机。飞行记录"DJIFlightRecord_2023-09-07_[17-33-52]"的文件路径? Based on the WhatsApp Conversation Records, we known that Chris dated Peggy to go play drone on 2023-09-07. What is the file path of Flight Log Record “DJIFlightRecord_2023-09-07_[17-33-52]”? (1分)

A. DCIM\media\1\Android\data\dji.go.v5\files\FlightRecord

B. \media\0\Android\data\dji.go.v4\files\FlightRecord

C. \media\0\Android\data\dji.go.v5\files\FlightRecord

D. \media\0\Android\dji.go.v5\files\FlightRecord

36. [填空题]

参考’dji.go.v5’回答以下题目 With reference to dji.go.v5 to answer below question 在李哲图的LG手机内2023年9月7日内有多少次飞行记录? How manyt flight record you can find from Chris’s mobile phone on 2023-09-07? 提示:请用阿拉伯数字作答 Tips: Please answer in arabic number (2分)

37. [多选题]

参考’dji.go.v5’回答以下题目 With reference to dji.go.v5 to answer below question 尝试找出與原点最远的距离，并从日志文件中找出所有有关区域的经纬度坐标。 Try to find out the exact longest distance from Home point and named the location of this area. (3分)

A. 3,064.3 ft

B. 3,100.1 ft

C. 3,201.6 ft

D. Lat: 22.2855113649764, Lon: 114.111954829708

E. Lat: 22.2855161086729, Lon: 114.111957385297

F. Lat: 22.2855211183398, Lon: 114.111960153012

38. [填空题]

参考’dji.go.v5’回答以下题目 With reference to dji.go.v5 to answer below question 在2023年09月07日,Chirs和Peggy曾经外出玩无人机, 并用无人机拍摄一张照片"dji_fly_20230907_172136_63_1694078794485_photo_optimized.jpg", 请问拍摄照片时,无人机的高度值是多少? Chris dated Peggy to go play drone on 2023-09-07 and taken a photo “dji_fly_20230907_172136_63_1694078794485_photo_optimized.jpg”. What is the attitude of the drone when they take the photo? (2分)

39. [填空题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answer below question 陈好用了云端运算来构建钓鱼网站，这网站的IP 地址是多少? Chan Ho used the cloud computing to build a plishing website. What is the IP address of this website? 提示: 以IPV4 格式回答，如123.123.123.123 Answer: Please answer in IPV4 format. (1分)
10.0.0.75

40. [填空题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answer below question 陈好在云端运算建立了linux 的系统，请问这系统的使用者ID 是什么? Chan Ho used a Linux operating system on cloud computing. What is the user ID for this system? 提示：请全部用英文小写作答，例子:tommychan (1分)

41. [多选题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answer below question 在2023年8月25日至2023年9月05日期间，下列哪些IP地址成功登录云端运算? Between 25th August 2023 and 5th September 2023, which of the following IP addresses successfully logged into cloud computing? (2分)

A. 203.198.117.194

B. 203.181.6.82

C. 210.3.89.98

D. 61.92.200.176

E. 201.198.115.194

42. [填空题]

题目内容请看题目描述。（42） (2分)

参考 '陈好的计算机镜像 ’ 回答以下题目
With reference to Leo’s computer to answer below question

在2023年9月10日至2023年9月16日期间，哪个IP地址透过SSH 连接，不断密码攻击陈好所使用的云端计算的linux 系统? (只计最高值)
Between 10th September, 2023 and 16th September, 2023, which IP address continuously attempted SSH connections, launching password attacks against Chan Ho’s Linux system that built on the cloud computing? (Considering the highest frequency)

提示: 以 IPV4 格式回答
Answer: Please answer in IPV4 format.

43. [单选题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answer below question 陈好所用的云端运算，所用的linux系统，内有安装Mysql, 请问哪个是他的密码? There was MYSQL installed in the Linux system on the cloud computing. What is the password he is using? (2分)

A. qwert!@34

B. 4rfv%TGB6yhn

C. 3edc%TGB7ujm

D. 1qaz@WSX3edc

E. 2wsx$RFV6yhn

44. [单选题]

参考 ’ Meiya_StaffB_laptop.e01 ’ 回答以下题目 With reference to ‘Meiya_StaffB_laptop.e01’ to answer below question? 陈好所使用的手机中，用了云端运算来构建钓鱼网站，这网站的主题是什么? In Chan Ho’s mobile mobile phone, he used cloud computing to build a phishing website. What is the theme of this website? (1分)

A. 征友

B. 股票投资

C. 购物网

D. 求职网

E. 加密货币投资

45. [填空题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answr below question 陈好在云端运算上用的Linux系统， 请问这个镜像文件的主文件名? What is the forensic image name of the linux system used on cloud computing? 提示:请用大写字母与阿拉伯数字作答，并不需要扩展名 Tips: Please answer in capital letters and arabic numbers, and no need to fill in the file extension. (1分)46. [填空题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answr below question 陈好构建的钓鱼网站最终偷取了多少位客户的密码? How many customers’ password did Chan Ho phishing website steal? 请以阿拉数字作答 Tips: Please answer in arabic number (3分)

47. [单选题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to ‘Meiya_StaffB_laptop.e01’ to answer below question? 陈好用了"MAMP"的程序在本地主机测试构建的钓鱼网站，请问他测试时用了哪个网络服务器和用了什么通讯端口? Chan Ho used the “MAMP” program to test the phishing website that he built on his local host. What web server and port did he use for testing? (2分)

A. Nginx, 通讯端口是7888

B. Nginx, 通讯端口是8888

C. Apache, 通讯端口是7888

D. Apache, 通讯端口是8888

48. [填空题]

参考 ’ 陈好的计算机镜像 ’ 回答以下题目 With reference to Leo’s computer to answer below question 陈好构建的钓鱼网站，最终成功盗取了几张信用卡的资料? How many customers’ credit card data did Chan Ho phishing website steal? 提示:请用阿拉伯数字作答 Tips: Please answer in arabic number (3分)

49. [填空题]

题目内容请看题目描述。（49） (1分)

参考’ 陈好的计算机镜像 ’ 回答以下题目
With reference to Leo’s computer to answer below question

陈好所用的云端运算中，内装有Microsoft Azure Linux VM 代理程序，这个程序的功能包含配置，资源扩展，通信，安全性，诊断数据等等，请问个程序的名字是什么?
There is a program called the “Microsoft Azure Linux VM Agent.” in Chan Ho’s cloud computing. This program has various functions, like setting, expanding resources, communication, security, and diagnostic. What is the name of this program?

50. [单选题]

题目内容请看题目描述。（50） (2分)

参考 ’ 陈好的计算机镜像 ’ 回答以下题目
With reference to Leo’s computer to answer below question

陈好所用的云端运算，以下描述是正确的:
i) 订用账户标识符: 99b1a232-105e-4852-afds-54a74f75668
ii) 虚拟机的计算机名称: Netinvestment
iii) 资源组名: Netinvestmentmeiya_group
iv) 公钥: AAAAB3NzaC1yc2EAAAADAQABAAABgQDS/GbG00y/3DbUI0Q8MrrsvcGTKOad3hYRgApBWlALq48y9bHHmM3DaxM460cnAfz5aDMfVghyX+sevI7PP0UwhevgVUVJ5NZyc98Yi0XDEcPF9nxQOBp49yzwBpy/KwCbMJxBvLNuEtazw+TU6k6bXn62g42f1ljyWZP3vbMGmYnJUjpTE0uhXTqr8PYDKVZrEQWpB2v53IegCXI4La2rScJNKmAIo9pXvdyJkDda74k1vKPj7zUMCsUbpVN/CwZUAZazARyILbz7GK/PvsRp/jWmyo2gbhxk6SoyvRYT8uDK3ifeHcg89jlM6qXS4tGBu2JH+fY/G6WVUJFBjrU9/yyI+i9g9mr+zq5e4D1fWZ/TpLK3RK5JMFUf/L+qQRLoysY6APHZ+WrmM5dJsLgIC9PUmdM3arQGLM6KHQ0+R03phHaK+lo+5QDyVIktJ4wMMfhFSaR6ozHjCzzh8h0Ka+eV6aken1XVs0wIvHYokweRx3W//+N3ZvF9q7cmNuE= generated-by-azure

Which descriptions are correct for the cloud computing used by Chan Ho :
i) Subscription ID: 99b1a232-105e-4852-afds-54a74f75668
ii) Virtual Machine Computer Name: Netinvestment
iii) Resource Group: Netinvestmentmeiya_group
iv) SSH RSA: AAAAB3NzaC1yc2EAAAADAQABAAABgQDS/GbG00y/3DbUI0Q8MrrsvcGTKOad3hYRgApBWlALq48y9bHHmM3DaxM460cnAfz5aDMfVghyX+sevI7PP0UwhevgVUVJ5NZyc98Yi0XDEcPF9nxQOBp49yzwBpy/KwCbMJxBvLNuEtazw+TU6k6bXn62g42f1ljyWZP3vbMGmYnJUjpTE0uhXTqr8PYDKVZrEQWpB2v53IegCXI4La2rScJNKmAIo9pXvdyJkDda74k1vKPj7zUMCsUbpVN/CwZUAZazARyILbz7GK/PvsRp/jWmyo2gbhxk6SoyvRYT8uDK3ifeHcg89jlM6qXS4tGBu2JH+fY/G6WVUJFBjrU9/yyI+i9g9mr+zq5e4D1fWZ/TpLK3RK5JMFUf/L+qQRLoysY6APHZ+WrmM5dJsLgIC9PUmdM3arQGLM6KHQ0+R03phHaK+lo+5QDyVIktJ4wMMfhFSaR6ozHjCzzh8h0Ka+eV6aken1XVs0wIvHYokweRx3W//+N3ZvF9q7cmNuE= generated-by-azure

A. i),ii),iii)

B. i),iii),iv)

C. ii),iii),iv)

D. i),ii),iv)

E. i),ii),iii),iv)

51. [单选题]

请参考陈大昆MacBook镜像文件回答以下题目: 这台MacBook创建了多少个访客账户？ (1分)

A. 0

B. 1

C. 2

D. 3

52. [填空题]

请参考陈大昆MacBook镜像文件回答以下题目: 这MacBook的用户名称是什么？ （名称包括所有英文字母、数字和符号，区分大小写，不需要空格） (1分)

53. [单选题]

请参考陈大昆MacBook镜像文件回答以下题目: 这台MacBook中曾连接了多少个WIFI(WIFI SSID)？ (1分)

A. 1

B. 2

C. 3

D. 4

54. [单选题]

参考 ’ 陈大昆的计算机镜像 ’ 回答以下题目 With reference to Ben’s computer to answer below question 在这个取证镜像文件中有多少用户配置文件具有浏览历史？ How many setup document in the website browser was found (1分)

A. 1

B. 2

C. 3

D. 4

55. [填空题]

请参考陈大昆MacBook镜像文件回答以下题目: 请提供以下文件的内容：“f.rtf”、“a.rtf”、“f1.txt” 和 “a1.txt”。 （填写文件内容所有英文字母、数字和符号，区分大小写，不需要空格） 请按照以下格式回答: xxx_xxx_xxx_xxx 例子:如(1)的内容是abc,(2)的内容是123,(3)的内容是DEF,(4)的内容是8.8 请填写: abc_123_DEF_8.8 (2分)

56. [填空题]

请参考陈大昆MacBook镜像文件回答以下题目: 有两个加密的 .dmg 文件在取证镜像文件内。按照.dmg 文件的创建时间先后，请填写下面的空白：文件名称包括扩展名(如adcd.dmg)第一个创建 .dmg 文件的名称是：_____，密码是：____ 第二个创建 .dmg 文件的名称是：_____，密码是：____ 请按照以下格式回答: xxx_xxx_xxx_xxx，例子: 如(1)的内容是abc、(2)的内容是123、(3)的内容是DEF、(4)的内容是8.8，答案为：abc_123_DEF_8.8 (2分)

57. [填空题]

请参考陈大昆MacBook镜像文件回答以下题目: 有一个应用程序托管在.dmg文件中，该程序需要一个密钥才能启用，请填写以下空格： （文件名称包括所有英文字母、数字和符号，区分大小写，不需要空格） 存有密钥的文件名称是：________ 密钥的值是：________ 请按照以下格式回答: xxx_xxx，例子: 密钥文件名称是：abc.def，密钥的值是：123，答案为：abc.def_123 (2分)

58. [填空题]

参考’陈大昆的计算机镜像’ 回答以下题目 With reference to Ben’s computer to answer below question 按照相关记录，该应用程序使用了哪个版本的引擎？ According to record, What enginee was used by the process? (2分)

59. [多选题]

参考 ’ 陈大昆的计算机镜像 ’ 回答以下题目 With reference to Ben’s computer to answer below question 按照您的检验，以下哪个陈述（或多个陈述）在描述路径“~/Desktop/.Spotlight-V100/”下的文件是正确的? Accordning to your examination,which of the following statement (or statements) correctly describe the documents under the path “~/Desktop/.Spotlight-V100/” (3分)

A. "coins1.jpg alias"是一个档案捷径(alias)

B. "coins.jpg alias"和"coins1.jpg alias"都是符号链接(Symlink)文件

C. "CryptoWallet-link1"是一个档案捷径(alias)

D. "CryptoWallet-link1"和"CryptoWallet-link2"链接相同的文件

E. "CryptoWallet-link2"是一个硬链接(Hard Link)

60. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 在换脸软件的“源视频转图片”程序中，不支持下列哪一类文件 ? In the face exchange software, what file was not supported in the “source video exchange”? (1分)

A. data_src.flv

B. data_src.mpeg

C. data_scr.mp4

D. 以上文件都可以支持

61. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 目标视频转换了多少张图片? How many picture was changed to the target video ? (1分)

A. 897

B. 316

C. 1794

D. 1580

62. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 已换脸的图片储存在哪个路径? What path stored the face-exchanged picture ? (1分)

A. (省略) \workspace\data_src\

B. (省略) \workspace\data_dst\merged_mask

C. (省略) \workspace\data_dst\merged

D. (省略) \workspace\data_dst\aligned

63. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 在这案件中，使用了哪个程序将图片换脸 ? In this case, what process was used to change the face? (1分)

A. train AMP.bat

B. train SAEHD.bat

C. train Quick96.bat

D. train AMP SRC-SRC.bat

64. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 实时换脸软件可使用多少个模型? How many models can the face exchange software use? (1分)

A. 14

B. 15

C. 16

D. 17

65. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 实时换脸软件用了哪一个模型 ? What model did the face exchange software use ? (1分)

A. Joker.dfm

B. Jackie_Chan.dfm

C. DianPian_SAEHD_model.dfm

D. 4live_SAEHD_model.dfm

66. [填空题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 在这案件中，换脸软件训练了哪些模型 ? (答案不用副文件名, 例如Jackie_Chan.dfm只需输入 Jackie_Chan) In this case, what model did the face exchange software train? (2分)

67. [填空题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 4live_SAEHD_model 训练了多少迭代次数 How many times did 4live_SAEHD_model train ? (1分)

68. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 换脸软件输出的文件名是什么？ What is the name of output of face exhange software (1分)

A. 录制_2023_09_19_16_55_20_786.mp4

B. result.mp4

C. data_src.mp4

D. data_dst.mp4

69. [多选题]

题目内容请看题目描述。（69） (2分)

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目
With reference to Peter’s computer image to answer below question

分析潘志辉计算机的镜像后，相信他曾使用不同的遥距控制软件控制3部设备。请选择他曾使用的遥距控制软件。

提示1: 软件1显示Samsung Galaxy S7的设备编号(Device ID): 1062919330 & 潘志辉的计算机设备编号: 228758166
Tips1: In software1, Samsung Galaxy S7 ID is 1062919330 & Peter’s computer ID is 228758166

提示2:软件2显示LM-G710EAW 5的ID: LM-G710EAW1f703895
Tips3: In software2, LM-G710EAW 5 ID is LM-G710EAW1f703895

提示3: 软件2显示LG-D855的ID: LGE- LG-D855
Tips4: In software2, LG-D855 ID is LGE- LG-D855

A. teamviewer

B. rustdesk

C. totalcontrol

D. Pushbullet

70. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，可推论潘志辉用哪一个软件作一站式管理所有涉及的电子设备 According toPeter’s computer,what software was used to control all involved devices by one platform (1分)

A. RustDesk

B. Total Control

C. Pushbullet

D. Teamviewer

71. [单选题]

参考 ’ 潘志辉的计算机与手机镜像 ’ 回答以下题目 With reference to Peter’s computer image and mobile phone images to answer below question 按照潘志辉的计算机与手机镜像可推论潘志辉正进行以下哪种犯罪 According to Peter’s computer and mobile phome images, what crime was being comitted (1分)

A. 网上求职骗案 (Online employment fraud)

B. 钓鱼攻击 (Phishing Attack)

C. 裸聊勒索 (Naked Chat Blackmail)

D. 信用卡盗用 (Credit Card Fraud)

72. [填空题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，总共有多少个电子设备登入Pushbullet? According to Peter’s computer image, how many devices logined into Pushbullet ? 提示:请用阿拉伯数目字作答 Tips: Please answer in arabic number (2分)

73. [填空题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，潘志辉只有一个电子邮件账户，哪一天是该账户第一次登入Pushbullet? According to Peter’s computer image,Peter only had one email account. When was the first login in time in the email account 提示:请用YYYY_MM_DD的格式作答。 Tips: Please answer in YYYY_MM_DD format (2分)

74. [填空题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，潘志辉发送大量SMS信息的文件名是甚么? According to Peter’s computer image, what is the name of file that Peter used to send abundant SMS? 提示: 需包括扩展名称如ABC_123.doc Tips: Please include file extension such as ABC_123.doc (2分)

75. [填空题]

题目内容请看题目描述。（75） (2分)

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目
With reference to Peter’s computer image to answer below question

按照Peter计算机.e01的文件，Pushbullet与 "发送大量SMS信息的文件"应用了哪一个技术交换信息
According to Peter’s computer image, what did Pushbullet and “the file that Peter used to send abundant SMS” use to communicate with each other

提示:请用小写英文全名并以下例子格式答题。例子:graphic_user_interface
Tips: Please use lowercase English full name and the example to answer the question.

76. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，哪一个设备曾经在Pushbullet内向Galaxy S7发送 “生财工具” 的信息? According to Peter’s computer image, what device sent the message of “Money making tool” to Galaxy in Pushbullet (1分)

A.手提电话Galaxy S7

B.计算机C59204

C.手提电话Galaxy S4

D.手提电话P30 Pro

77. [填空题]

题目内容请看题目描述。（77） (2分)

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目
With reference to Peter’s computer image to answer below question

按照Peter计算机.e01的文件，开启VMware内ubuntu 的密码是多少？
According to Peter’s computer image, what is the password to open the ubuntu VM

提示1(Tips 1):相关的Ubuntu文件在(Relevant file is situated at)Program Files(x86)\Vmware\VM Player
Ubuntu的路径为(Ubuntu path is) C:\Program Files (x86)\Vmware\Vmware Player\Ubuntu VM

提示2(Tips 2): 请以小写英文与附号作答
Please answer in lowercase enligsh and symbol

提示3(Tips): 可考虑使用Kali Linux 、网上平台与ubuntupassword.txt内所有的数据协助找出密码
You can consider to use all content of Kali Linux, online platform and ubuntupassword.txt to find the password

78. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question 按照Peter计算机.e01的文件，潘志辉应用了哪一个技术把true-ubuntupassword.txt隐藏在ubuntupassword.txt中。 According to Peter’s computer image,ｗhat technique did Peter use to hide the true password (1分)

A.日志记录 (Log record)

B.数据压缩 (Data Compression)

C.数据加密 (Data Encryption)

D.备用数据流 (Alternate data stream)

79. [单选题]

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目 With reference to Peter’s computer image to answer below question true-ubuntupassword.txt内有一组哈希值，该哈希值是下列哪一种? What is the type of hash of true-ubuntupassword.txt (2分)

A.MD5

B.SHA1

C.SHA256

D.SHA512

80. [单选题]

题目内容请看题目描述。（80） (2分)

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目
With reference to Peter’s computer image to answer below question

按照Peter计算机.e01的文件，在Ubuntu VM在内执行Tor Browser时，在命令提示字符(Command Prompt)执行netstat指令输出网络数据，以下为部份内容。

According to Peter’s computer image,Tor Browser was executed under Ubuntu VM. A netstat command was executed in the command prompt to output network information. A part of the output is listed below.

i: 192.168.145.128:47312
ii: 127.0.0.1:9150
iii: 192.168.145.128:60994
iv: 127.0.0.1:9151

上述哪一个数据可以推论潘志辉曾经使用Tor Browser
What information in above content can be used to infer the use of TorBrowser

A.i&ii

B.iii&iv

C.i&iii

D.ii&iv

81. [填空题]

题目内容请看题目描述。（81） (3分)

参考 ’ 潘志辉的计算机镜像 ’ 回答以下题目
With reference to Peter’s computer image to answer below question

按照Peter计算机.e01的档案，潘志辉想把Tor Browser的entry 与 exit node 修改为澳洲进入，美国离开，但以下A-D 项的空白位置潘志辉不懂如何填上内容。
According to Peter’s computer image,Peter wanted to change the entry node as Australia and exit node as USA. However, he didn’t know how to file A-D area

EntryNodes {A} Strictnodes B
ExitNodes {C} Strictnodes D
请把A-D的资料填上 Please fill information in A-D

提示: 请以以下格式作答
Tips: Please answer like below format，例子(example): A:us,B:1,C:uk,D:0

EntryNodes {us} Strictnodes 1
ExitNodes {uk} Strictnodes 0

82. [填空题]

参考 ’ 潘志辉的手机镜像HUAWEI P30 pro ’ 回答以下题目 With reference to Peter’s HUAWEI P30 Pro image to answer below question 在潘志辉手机华为P30 Pro 的WhatsApp与华为NOVA 5T 的WhatsApp的对话中，曾被修改过的对话，请找出修改前的内容。 In the whatsapp conversation between P30 Pro and NOVA 5T, what is the original content of the modified conversations? 提示:请用中文与小写字母作答 Tips:Please answer in Chinese and lower letter (2分)

83. [填空题]

参考 ’ 潘志辉的手机镜像HUAWEI NOVA 5T ’ 回答以下题目 With reference to Peter’s HUAWEI NOVA 5T image to answer below question 潘志辉的手机华为 Nova 5T中曾使用哪一个文件以一部激光雕刻机打印了一个QR code，这个文件名称的扩展名是什么? Peter used HUAWEI Nova 5T and connected the laser printer to print a QR code. What is the file name and file extension. (1分)

84. [多选题]

参考 ’ 陈好的手机镜像 ’ 回答以下题目 With reference to Leo’s mobile phone image to answer below question 陈好手机的相片20230821_144459在安卓的其中一个数据库中，显示该相片可包含哪个主体?(多选) Leo’s mobile phone contained a photo 20230821_144459 in one of the Android database. How many item did the photo contain (1分)

A.食物(Food)

B.饮品(Drink)

C.拉面(Ramen)

D.桌子(Table)

85. [填空题]

参考 ’ 陈大昆的手机镜像 ’ 回答以下题 With reference to Ben’s mobile phone image to answer below question 陈大昆的手机被一个itune backup密码加密保护，这个密码是什么? What is the itune backup password that Ben used to protect his home 提示:请用阿拉伯数字作答 Tips: Please answer in arabic number (1分)

86. [单选题]

参考 ’ 潘志辉的手机镜像HUAWEI P30 pro ’ 回答以下题目 With reference to Peter’s HUAWEI P30 pro mobile phone image to answer below question 潘志辉手机华为P30 pro的WhatsApp 社群” 香港商品交易群组 Hong Kong Trading”，是什么时候建立的 (UTC+8)? When was the WhatsApp group 香港商品交易群组 Hong Kong Trading in P30 pro was created (2分)

A.2023-02-22 06:16:50

B.2023-02-22 14:16:50

C.2023-02-16 10:06:50

D.2023-02-16 18:06:50

87. [单选题]

参考 ’ 潘志辉的手机镜像HUAWEI P30 pro ’ 回答以下题目 With reference to Peter’s HUAWEI P30 pro mobile phone image to answer below question 潘志辉手机华为P30 Pro的 WhatsApp 的有多少个对话群组包含对话讯息记录(系统自行发出的不作计算)? How many WhatsApp group in P30 Pro contain message (excluding system message group) (2分)

A.1

B.2

C.3

D.4

88. [多选题]

参考李哲图的计算机镜像回答以下题目 With reference to Chris computer to answer below question 在李哲图传送给Ben的电邮中有2个附加文件，文件的名称是? Chris sent 2 attachments to Ben. What are the names of the files? (1分)

A.New Target.rar

B.Key.jpg

C.use_this.png

D.name.txt

89. [填空题]

参考陈大昆的计算机镜像回答以下题目 With reference to Ben computer to answer below question 在陈大昆电脑中，他收到李哲图的电邮，当中有一个加密的压缩文件，该文件的开启密码是? Ben’s computer, he received an email from Chi To that included an encrypted compressed file. What is the password to open that file? (Capital Letter) 提示: 请用全大写字母作答 Tips: Please answer in capital letter (2分)

90. [填空题]

题目内容请看题目描述。（90） (2分)

参考陈大昆的计算机镜像回答以下题目
With reference to Ben computer to answer below question

在陈大昆的电脑中，加密的压缩文件New Target.rar中有2个文件，一个是加密的Word文件，另一个是图片文件。已知Chi To曾处理图片以隐藏一段文字，那段文字是?
On Ben’s computer, within the encrypted compressed file “New Target.rar,” there are 2 files. One is an encrypted Word document, and the other is an image file. It is known that Chi To has manipulated images to hide a piece of text. What is that piece of text?

提示: 请用英文与标点符号作答
Please answer in english and symbols

91. [单选题]

参考李哲图的计算机镜像回答以下题目 With reference to Chris computer to answer below question 李哲图曾执行一个程序在"key.bmp"的图片文件中隐藏一段文字，請問他是用哪一个程序? Which program did Chris use to hide the data from the file “key.bmp”? (1分)

A.Steganography Studio

B.OpenStego

C.Steghide

D.S-Tools

92. [单选题]

题目内容请看题目描述。（92） (3分)

参考陈大昆的计算机镜像回答以下题目
With reference to Ben computer to answer below question

在陈大昆的电脑中，加密的压缩文件New Target.rar中有2个文件，一个是加密的Word文件，另一个是图片文件。已知图片的隐藏文字为加密的Word文件的Salt(为一个AES 256 加密)。在加密的Word文件中，李美玲的年龄为?
In Ben’s computer, there are 2 files in the encrypted compressed file “New Target.rar.” One is an encrypted Word file, and the other is an image file. It is known that the hidden text in the image is the salt (AES 256 encryption) for the encrypted Word file. In the encrypted Word file, what is the age of 李美玲 ?

A.26

B.25

C.24

D.23

93. [单选题]

题目内容请看题目描述。（93） (3分)

参考陈大昆的计算机镜像回答以下题目
With reference to Ben computer to answer below question

在陈大昆的电脑中，加密的压缩文件New Target.rar中有2个文件，一个是加密的Word文件，另一个是图片文件。已知图片的隐藏文字为加密的Word文件的Salt (为一个AES 256 加密)。在加密的Word文件中，钟翠华的电邮为?
In Ben’s computer, there are 2 files in the encrypted compressed file “New Target.rar.” One is an encrypted Word file, and the other is an image file. It is known that the hidden text in the image is the salt (AES 256 encryption) for the encrypted Word file. In the encrypted Word file, what is the email of 钟翠华 ?

[email protected]

[email protected]

[email protected]

[email protected]

94. [多选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 在Ben电脑中，他在Opensea.io中使用了哪些区块链制造NFT? On Ben’s computer, which blockchain(s) did he use to create NFTs on Opensea.io? (2分)

Polygon (MATIC)

A.Ethereum

B.Polygon PoS Chain

C.Arbitrum

D.Base

95. [填空题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 在Ben电脑在Opensea.io中所创建的NFT(s)的Collection ID是？ The Collection ID of the NFT(s) created by Ben’s computer in Opensea.io is? 需以下例子的格式作答:Collection ID/Number of NFT(s) sold，例: 4561313456 Pplease answer as the format of below example:Collection ID/Number of NFT(s) sold (e.g.: 例: 4561313456) (2分)

96. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 这个Opensea.io中的Collection ID一共卖出了多少个NFT(s)? How many NFTs were sold in total for the Collection ID on Opensea.io? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.0

B.1

C.2

D.3

97. [填空题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 购买上述在Opensea.io中NFT(s)的加密货币地址是? What is the cryptocurrency address used to purchase the NFT(s) on Opensea.io mentioned above? 提示:请参阅附加资料與请用大写字母作答 Tips: Please refer to additional information and answer in capital letters. 例子: 0X1234567ABCDEF (1分)

98. [多选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 哪些是购买上述Collection ID内的NFT(s)的交易哈希(Transaction Hash)? Which of the following are the Transaction Hashes for the purchase of the above-mentioned NFT(s) from the Collection ID? 提示:请参阅附加资料 Tips: Please refer to additional information (2分)

A.0x1c0ab817c6dcd48b065ba66affd5b9fa827a11fee9ae0fb865d3aecd60b7aae1

B.0xcbf3523d199efd2f61fdbc3d7debf706f8eb42c0dbe4a07d0d9472ab7e04c566

C.0xdc7f2e5362faf3b5ddc9ae0be83d3da7222b34f06e86862b9c0af1cc14e3c3e3

D.0xaaa011a6b6af54b11f97217d63dfa5f13aef160ebf672b1476de0460ef5b043f

99. [填空题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 在Opensea.io中铸造上述NFT(s)的加密货币地址是? What is the cryptocurrency address used to mint the above-mentioned NFT(s) on Opensea.io? 提示:请参阅附加资料与请用大写字母作答 Tips: Please refer to additional information and answer in capital letters. 例子(example): 0X1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ0123 (1分)

100. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 在Opensea.io中，由上述加密货币地址所铸造没有Collection ID的NFT找到什么资讯? On Opensea.io, what information can be found about the NFT(s) without a Collection ID that were minted by the above-mentioned cryptocurrency address? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.Uniswap V3 BHB-WETH pool

B.0xa071e23fdbdfc23011a28977e102038747373575

C.Token ID: 561068

D.以上皆是 $

101. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 合约地址(Contract Address):0xa071e23fdbdfc23011a28977e102038747373575所使用的是哪一个区块链? The contract address 0xa071e23fdbdfc23011a28977e102038747373575 is associated with which blockchain? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.Ethereum

B.BNB Smart Chain

C.Polygon PoS Chain

D.Shibarium

102. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 合约地址(Contract Address):0xa071e23fdbdfc23011a28977e102038747373575的加密货币名称(Name)及简写(Symbol)是? What is the cryptocurrency name and symbol for the contract address 0xa071e23fdbdfc23011a28977e102038747373575? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.Binance (BNB)

B.Bihaibi (BHB)

C.BHB(BHB)

D.Binince (BHB)

103. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575在区块链的创建日期时间是? The creation date and time of the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575 on the blockchain is? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.2023-09-06 16:58:11时

B.2023-09-07 14:50:35时

C.2023-09-15 12:18:47时

D.2023-09-19 10:22:11时

104. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 加密货币合约址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575的总铸造数量是? The total supply of the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575 is? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.10,000

B.100,000,000

C.300,000,000

D.500,000,000

105. [填空题]

题目内容请看题目描述。（105） (1分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

第一个储存加密货币合约(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575的地址是?
What is the first address to store cryptocurrency contract address (Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575?
0XEB3C02F1BF7A6E700950F39E4876762F8A44426F
提示:请参阅附加资料與请用大写字母作答
Tips: Please refer to additional information and answer in capital letters.

例子(example): 0X1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ0123

106. [填空题]

题目内容请看题目描述。（106） (1分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

铸造加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575的交易哈希(Transaction Hash)是?
The transaction hash for minting the tokens of the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575 is?

提示:请参阅附加资料與请用大写字母作答
Tips: Please refer to additional information and answer in capital letters.

例子(example): 0X1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ0123

107. [填空题]

题目内容请看题目描述。（107） (3分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

承上題，请根据铸造加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575的交易哈希(Transaction Hash)，在Ben电脑中，找出比在以太坊 (Ethereum)上确认验证的日期时间早的文件名?
Please find the file name on Ben’s computer that is earlier than the confirmed verification date and time on Ethereum blockchain based on the transaction hash for minting the tokens of the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575.

提示:请参阅附加资料与请用大写字母作答
Tips: Please refer to additional information and answer in capital letters.

108. [多选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 承上題，按照在以太坊 (Ethereum)上确认验证的日期时间的文件的创建日期时间、路径及数据，下列哪些推论是正确的? Based on the creation date and time, path, and data of the file, which of the following inferences are correct? (2分)

A.Ben电脑内发现的交易哈希，比写上以太坊 (Ethereum)被确认验证的交易哈希早出现

B.此档案与Firefox浏览器有关

C.此档案与Chrome浏览器有关

D.此档案是由陈大昆电脑的用户benck168创建的

109. [单选题]

题目内容请看题目描述。（109） (1分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

以下哪个去中心化交易中心(Dex) 能够成功兑换加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575?
Which decentralized exchange (Dex) is capable of successfully exchanging the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575?

提示:请参阅附加资料
Tips: Please refer to additional information

A.Pancake Swap

B.Uniswap

C.Shibaswap

D.1inch.io

110. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 截至2023-09-07 1511时，加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575对美元(USD)的市场价格是? The market price of the cryptocurrency contract address 0xa071e23fdbdfc23011a28977e102038747373575 in USD as of September 7, 2023, 15:11 is? 提示:请参阅附加资料 Tips: Please refer to additional information (1分)

A.0.01636

B.0.01638

C.0.000009995

D.0.00001019

111. [填空题]

题目内容请看题目描述。（111） (1分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

截至2023-09-20，持有50,000,000个加密货币合约地址(Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575的加密货币地址是?
As of 2023-09-20, what is the cryptocurrency address holding 50,000,000 cryptocurrency contract addresses (Contract Address): 0xa071e23fdbdfc23011a28977e102038747373575?

提示:请参阅附加资料與请用大写字母作答
Tips: Please refer to additional information and answer in capital letters.

0X08B57D2531AC4CD18BC785B9DEB688FFE61A4E8E

112. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 按照时间线分析Ben电脑活动，在2023-09-06 16:58:10时及2023-09-06 16:58:21时，在”Access-Control-Allow-Origin”中显示了哪一个网站? Analyzing Ben’s computer activities according to the timeline, which website was displayed in “Access-Control-Allow-Origin” at 2023-09-06 16:58:10 and 2023-09-06 16:58:21 ? (2分)

A.https://www.google.com

B.https://remix.ethereum.org

C.https://ethereumfoundation.matomo.cloud

D.https://www.etherscan.io

113. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 承上題，在2023-09-06 16:58:10时及2023-09-06 16:58:21时，在”Access-Control-Allow-Origin”中显示的网站有什么功能? What are the functions of the above website? (1分)

A. 太坊区块链上的交易、地址、合约、代币等信息查询

B.太坊基金会的网站分析工具，用于跟踪和分析网站访问者的行为和活动

C.以太坊官方的在线IDE（集成开发环境），可用于编写、测试和部署智能合约

D.网上搜索引擎

114. [单选题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 哪一个扩展名与创建加密货币有关? Which file extension is related to creating a cryptocurrency? (1分)

A.png

B.sol

C.mp4

D.jpeg

115. [多选题]

题目内容请看题目描述。（115） (3分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

陈大昆被捕后拒绝提供虚疑货币钱包密码及恢复种子，并以挑战口吻响应：「重要信息已经放好在桌面上，难道你没看见吗?」。在Ben电脑内与恢复种子有关的两个文件的扩展名是?
After being arrested, Ben Chen refused to provide the password and recovery seed of the cryptocurrency wallet, and responded in a challenging tone: “The important information has been placed on the desktop, didn’t you see it?”. What are the file extensions of the two files related to the recovery seed in Ben’s computer?

A. png

B.txt

C.mp4

D.jpeg

116. [填空题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 承上題，在陈大昆电脑内恢复种子的第八个英文单字是? What is the eighth word for the above-mentioned recovery seed? (Answer in all capital letters) 提示:请用大写字母作答 Tips: Please answer in capital letter (3分)

117. [填空题]

题目内容请看题目描述。（117） (3分)

参考 ’ benckwindow10.e01 ’ 回答以下题目
With reference to ‘benckwindow10.e01’ to answer below question

按照上述恢复种子,请计算出在以太坊(Ethereum)其BIP-44 derivation address = m/44’/60’/0’/0/0的公钥?
Based on the above recovery seed, please calculate the public key of its BIP-44 derivation address = m/44’/60’/0’/0/0 in Ethereum?

提示:请用大写字母作答
Tips: Please answer in capital letters.

例子: 0X1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ0123

118. [填空题]

参考 ’ benckwindow10.e01 ’ 回答以下题目 With reference to ‘benckwindow10.e01’ to answer below question 按照上述恢复种子,请计算出在波场网络(Tron Network)其BIP-44 derivation address = m/44’/195’/0’/0/2的私钥? Based on the above recovery seed, please calculate the private key of its BIP-44 derivation address = m/44’/195’/0’/0/2 on Tron Network? 提示:请用大写字母与阿拉伯数字作答 Tips: Please answer in capital letters and arabic number (3分)

119. [填空题]

参考 ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ 回答以下题目 With reference to ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ to answer below question 案中所使用的 NAS 是哪个品牌? What brand of NAS was used in the case? 提示:请用小写字母作答 Tips: Please answr in lower letter. (2分)

120. [填空题]

参考 ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ 回答以下题目 With reference to ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ to answer below question NAS 所使用的是哪个容错式磁盘阵列的层级(RAID LEVEL) ? What RAID Level does the NAS use ? 提示:请用阿拉伯数字作答 Please answer in arabic number (1分)

121. [填空题]

参考 ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ 回答以下题目 With reference to ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ to answer below question NAS 所使用的容错式磁盘阵列是那种数据分布方式(Layout) ? What is the layout of NAS? 提示:请用小写字母作答，如: abc-def Please answer in lower case (2分)

122. [填空题]

参考 ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ 回答以下题目 With reference to ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ to answer below question 试列出 NAS 容错式磁盘阵列里面的所有逻辑巻名称(Logical Volume Name) Please list out all logicalvolume name 提示:请用小写英文以及在空格或标点符号位置用以_作答 Please answer in lowercase english and use _ to expres the blank area.例子(example) :abcd_efgh_123 (3分)

123. [填空题]

参考 ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ 回答以下题目 With reference to ’ NAS-DISK1.e01, NAS-DISK2.e01, NAS-DISK3.e01 ’ to answer below question NAS 安装了哪个版本的 MariaDB ? What version of Maria DB did NAS use? 提示:请以以下格式作答 Please answer in below format，例子(example): 21.22.23 (3分)

124. [填空题]

参考 ’ DiskImage.e01 ’ 回答以下题目 With reference to DiskImage.e01 to answer below question 试列出数据库内所有表(Table)的名称 ? Please list out all tables in database 因为涉及多在1个项目，请把英文前缀较前的项目放先，并依以下例子的格式作答 正确例子:brand&serialnumber 错误例子:serialnumber&brand (3分)

125. [填空题]

参考 ’ DiskImage.e01 ’ 回答以下题目 With reference to DiskImage.e01 to answer below question 数据库是那一天被保存? When was the database preserved 提示:请用YYYY_MM_DD的格式作答 Please answer in below format YYYY_MM_DD 例子(example):1986_01_23 (1分)

126. [填空题]

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"档案回答以下题目: With reference to 0c1c.7z of Ben’s Macbook image to answer below question Can you find out what compiler was used to generate this binary? 你可以找出生成"0c1c.bin"这个二进制文件所使用的编译器吗？ (编译器名称包括所有英文字母、数字，符号，区分大小阶，不需要空格) (2分)

127. [填空题]

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"文件回答以下题目: With reference to 0c1c.7z of Ben’s Macbook image to answer below question How many initialization function entry points does the malware have? 这个恶意软件具有多少个初始化函数入口点？ (请以阿拉伯数字回答，例如：100) (2分)

128. [填空题]

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"档案回答以下题目: With reference to 0c1c.7z of Ben’s Macbook image to answer below question What is the entry point of the binary? 这个二进制文件"0c1c.bin"的入口点是什么？ (注意: 不同检验工具可能会以不同位移值开始，如: 0x00000000或0x00100000，但所有回答请以0x00000000开始) (请以16进制回答，"0x"后的英文字母需大阶，例如：0x0123ABEF) (2分)

129. [填空题]

参考 ‘陈大昆的MacBook映象档"中的"0c1c.7z"文件回答以下题目: With reference to 0c1c.7z of Ben’s Macbook image to answer below question The malware should contain a section named ‘.rodata’. What is the size of this section ? State the answer in decimal place. 恶意软件应该包含一个名为 ‘.rodata’ 的部分，请提供这个’.rodata’部分的文件大小(单位为byte)，以十进制方式回答您的问题。 (请以阿拉伯数字回答，例如：100) (2分)

130. [填空题]

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"档案回答以下题目: With reference to 0c1c.7z of Ben’s Macbook image to answer below question The malware contains two strings related to the name of two well-known crytocurrencies. What are they? 这个恶意软件包含两个与两种知名加密货币名称相关的字符串。它们是什么？ (如有英文字母需大阶，并以前缀英文字母由小至大次序回答) 请按照以下格式回答: 例子:如两种知名加密货币名称分分别是Cat及Apple 请填写: APPLE+CAT (2分)

131. [填空题]

题目内容请看题目描述。（131） (3分)

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"文件回答以下题目:
With reference to 0c1c.7z of Ben’s Macbook image to answer below question

Which function contained below instructuion which appear to be used for loading memoery addresses of instruction operandss related CPU binding.
–▶ [ lea rdx, str.cpubind.set_thisproc_cpubind ]

以下指令似乎用在加载与 CPU 绑定相关的指令操作数的内存地址，哪个函数包含了这些指令，请回答该函数的位移值。
–▶ [ lea rdx, str.cpubind.set_thisproc_cpubind ]

(注意: 不同检验工具可能会以不同位移值开始，如: 0x00000000或0x00100000，但所有回答请以0x00000000开始)
(请以16进制回答，"0x"后的英文字母需大阶，例如：0x0123ABEF)

132. [填空题]

题目内容请看题目描述。（132） (3分)

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"文件回答以下题目:
With reference to 0c1c.7z of Ben’s Macbook image to answer below question

Which function contained below instruction which could likely be used to react with mining server for cryptocurrency?
–▶ [ lea rsi, str.___p____passPASSWORD___________password_for_mining_server_n ]

以下指令可能用在与加密货币挖矿服务器进行交互。哪个函数包含了这些指令？
–▶ [ lea rsi, str.___p____passPASSWORD___________password_for_mining_server_n ]

(注意: 不同检验工具可能会以不同位移值开始，如: 0x00000000或0x00100000，但所有回答请以0x00000000开始)
(请以16进制回答，"0x"后的英文字母需大阶，例如：0x0123ABEF)

133. [填空题]

题目内容请看题目描述。（133） (3分)

参考 '陈大昆的MacBook映象档"中的"0c1c.7z"文件回答以下题目:
With reference to 0c1c.7z of Ben’s Macbook image to answer below question

Which type of cryptocurrency is associated with this binary? Please state its name and the version.
这个二进制文件中，有一个加密货币相关联的应用程序，请提供应用程序名称、版本和相关加密货币名称。
(如有英文字母需大阶，应用程序版本请以阿拉伯数字及符号作答)

应用程序名称: ___(1)___
应用程序版本: ___(2)___
加密货币名称: ___(3)___

请按照以下格式回答: (1)+(2)+(3)
例子:如(1)的内容是abc、(2)的内容是123、(3)的内容是DEF
请填写: ABC+123+DEF

134. [填空题]

参考 '陈大昆的MacBook映象档"中的"35ea.7z"文件回答以下题目: With reference to 35ea.7z of Ben’s Macbook image to answer below question Can you find out what compiler was used to generate this binary? 你可以找出生成"35ea.bin"这个二进制文件所使用的编译器吗？ (编译器名称包括所有英文字母、数字，符号，区分大小阶，不需要空格) (3分)

135. [填空题]

参考 '陈大昆的MacBook映象档"中的"35ea.7z"文件回答以下题目: With reference to 35ea.7z of Ben’s Macbook image to answer below question What is the entry point of the binary? 这个二进制文件的入口点是什么？ (注意: 不同检验工具可能会以不同位移值开始，如: 0x00000000或0x00100000，但所有回答请以0x00000000开始) (请以16进制回答，"0x"后的英文字母需大阶，例如：0x0123ABEF) (3分)

136. [填空题]

参考 '陈大昆的MacBook映象档"中的"35ea.7z"文件回答以下题目: With reference to 35ea.7z of Ben’s Macbook image to answer below question The binary contained a function called ‘killVM’. What is the size of this function? State he answer in decimal. 这个二进制文件中包含一个名为 ‘killVM’ 的函数。请提供这个函数的大小(单位为byte)并以十进制方式回答。 (请以阿拉伯数字回答，例如：100) (3分)

137. [填空题]

参考 '陈大昆的MacBook映象档"中的"35ea.7z"文件回答以下题目: With Refernce to Ben’s MacBook and 35ea.7z to answer below question 这个二进制文件应该包含一个名为 ‘EncrytFile’ 的函数。请提供这个函数的大小以十进制方式回答您的问题。 The binary should contain a function called ‘EncrytFile’. What is the size of this function? Give me the answer in decimal. 提示:请用阿拉伯数字作答 Tips: Please answer in arabic number (3分)

138. [填空题]

參考 '陳大昆的MacBook映象檔"中的"35ea.7z"檔案回答以下題目: How many functions in the binary are named with ‘ECRYPT’? 这个二进制文件中有多少个函数的名称包含 ‘ECRYPT’ 字串？ 提示:请用阿拉伯数字作答 Tips: Please answer in arabic number (3分)

139. [填空题]

参考 '陈大昆的MacBook映象档"中的"35ea.7z"文件回答以下题目: With Refernce to Ben’s MacBook and 35ea.7z to answer below question 这个二进制文件与哪种勒索软件相关联？请提供其名称。 What kind of Ransomeware is associated with this binary? Please state its name. 提示:请用大写字母回答 Please answer in capital letter (3分)

团体赛 (共139题)