3601 Chapter 4 review

¡Supera tus tareas y exámenes ahora con Quizwiz!

____ records are data the system maintains, such as system log files and proxy server logs.

computer-generated

____ can be any information stored or transmitted in digital form.

digital evidence

Most federal courts have interpreted computer records as ____ evidence.

physical

Evidence is commonly lost or corrupted through ____, which involves police officers and other professionals who aren't part of the crime scene processing team.

professional curiosity

In forensic hashes, a collision occurs when ___

two files have the same hash value

Describe what should be sketched or videotaped at a digital crime scene

Computers, cables; anything that may be potentially be of interest to the investigation

The plain view doctrine in computer searches is well-established law

False

You have been called to the scene of a fatal car crash where a laptop computer is still running. What type of field kit should you take with you?

Initial-response field kit.

What are the three rules for a forensic hash?

It can't be predicted, no two files can have the same hash value, and if the file changes, the hash value changes.

What techniques may be used in covert surveillance?

Keylogging and data sniffing

List two hashing algorithms commonly used for forensic hashes

MD5 and SHA1

A(n) ____ is a unique hash number generated by a software tool, such as the Linux md5sum command.

Non-keyed hash set

____ is facts or circumstances that lead a reasonable person to believe a crime has been committed or is about to be committed.

Probable cause

Commingling evidence means what in a corporate setting?

Sensitive corporate information being mixed with data collected as evidence.

Corporate investigations are typically easier than law enforcement investigations for which of the following reasons

The investigator doesn't have to get a warrant

When you arrive at the scene, why should you extract only those items you need to acquire evidence?

To minimize how much you have to keep track of at the scene.

Computer peripherals or attachments can contain DNA evidence

True

As a corporate investigator, you can become an agent of law enforcement when what kind of event occurs?

You begin to take orders from a police detective without a warrant or subpoena.


Conjuntos de estudio relacionados

Chapter 40: Management of Patients with Gastric and Duodenal Disorders

View Set

Intro to business final exam practice test 2

View Set

Psychological Testing: Chapter 5

View Set

5 - Life Insurance Premiums, Proceeds, and Beneficiaries - Exam

View Set

EBIO Test #3 Homework Questions & Practice Quiz & Clickers

View Set

Intro To Database Systems - Test 1

View Set

Negotiations - The Who, Stakes, and Situation + Strategy Chart

View Set