LOT-X-O-26-04 Module 2

1. In a Google search, what does the * symbol do in a search query?

Searches for an exact phrase match

Excludes a specified term from the results

Acts as a wildcard, substituting for any word or phrase

Restricts results to a specific website or domain

None of the above

2. Many search engines provide a result filter that refines the time that information was published. For the OSINT practitioner which is the most useful time filter?

Last 24 hours

Last week

Last month

Last year

Custom time range

3. Which of the following search engines is focused on privacy?

a) Bing

b) Google

c) DuckDuckGo

d) Yandex

e) All of the above

4. When Google returns results dominated by a prominent person sharing the same name as your subject, it is because Google has made an error in its search algorithm.

True

False

5. With a search resource, how might you refine a query to search only x.com (formerly Twitter)?

Use the Boolean search parameter +x.com

Use the advanced search operand site:x.com

Use the advanced search operand link:x.com

Use the Boolean search parameter AND x.com

None of the above

6. Which of the following best describes the primary advantage of using an AI model to construct a Google Dork?

The AI model has direct access to Google's search index and retrieves results faster

The AI model removes the need to evaluate or log search results

The AI model constructs targeted dork queries from plain language investigative requirements, removing the need for the practitioner to know current operator syntax

The AI model guarantees that all operators used in the dork are supported by Google

The AI model replaces the need for the practitioner to define the investigative requirement

7. When directing an AI model to construct a Google Dork, which instruction is most important to include in the query?

Specify that the dork must use at least five operators

Instruct the AI to use only operators that are currently reliable in Google Search

Ask the AI to include the cache: operator for best results

Request that the AI formats the output as a JSON object

Instruct the AI to use the related: operator to find similar pages

8. Using Google to search Facebook for evidence of undeclared income, create a dork that includes site:facebook.com with both "signing on" and "cash work"; which Google dork structure is correctly constructed?

site:facebook.com "signing on cash work"

site:facebook.com signing on AND cash work

site:facebook.com "signing on" "cash work"

site:facebook.com +signing +on +cash +work

site:facebook.com (signing on cash work)

9. During an AI-assisted dork search for a subject described as an amateur pilot residing in the West Country, the initial dork returns no strong candidates. The practitioner decides to re-frame the attribute "amateur pilot" to "private pilot's licence." Which of the following statements best describes why this is a safe refinement?

It introduces new intelligence about the subject that improves the search

It expresses the same known intelligence differently without adding anything unsubstantiated

It narrows the search to exclude irrelevant results more effectively

It replaces an unreliable operator with a more reliable one

It changes the geographic scope of the search to surface more results

10. During an AI-assisted dork search, the available intelligence states the subject is a male Irish national in his late thirties suspected of drug supply in North Wales. Which of the following refinements is unsafe?

Re-framing "drug supply" to "drug dealing" to surface different indexed content

Searching counties, cities and towns in and near North Wales to narrow the geographic scope

Adding "Irish Traveller" to the dork as Irish nationals in North Wales drug cases are often from the Traveller community

Re-framing "late thirties" to include birth years 1986 to 1989 to improve date-based indexing

Adding "male" as an explicit search term to reduce results relating to female subjects