Computer Forensics ch13
0x90
In a prefetch file, the application's last access date and time are at offset ____.
sync_log.log
The Google drive file ____ contains a detailed list of a user's cloud transactions
filecache.dbx
The ____ Dropbox file stores information on shared directories associated with a Dropbox user account and file transfers between Dropbox and the client's system.
search warrant
To get a ____, a government entity must show that there's probable cause to believe the contents of a wire communication, an electronic communication, or other records are relevant to an ongoing criminal investigation.
A+ Security
Which of the following is not a valid source for cloud forensics training?
snapshots
With cloud systems running in a virtual environment, ____ can give you valuable information before, during, and after an incident
management plane
A ____ is a tool with application programming interfaces (APIs) that allow reconfiguring a cloud on the fly; it's accessed through the application's Web interface.
court order
A ____ is written by a judge to compel someone to do or not do something, such as a CSP producing user logon activities
0x80
At what offset is a prefetch file's create date & time located?
MAC
Metadata in a prefetch file contains an application's ____ times in UTC format and a counter of how many times the application has run since the prefect file was created
One Drive
Microsoft created SkyDrive as a cloud service that later became?
C:\Users\username\Dropbox
Select the folder below that is most likely to contain Dropbox files for a specific user:
cloud security alliance
The ____ is an organization that has developed resource documentation for CSPs and their staff. It provides guidance for privacy agreements, security measures, questionnaires, and more.
FROST
The ____ tool can be used to bypass a virtual machine's hypervisor, and can be used with OpenStack.
prefetch
To reduce the time it takes to start applications, Microsoft has created ____ files, which contain the DLL pathnames and metadata used by applications.
salesforce
What cloud application offers a variety of cloud services, including automation and CRM, cloud application development, and Web site marketing
XenServer and XenCenter Windows Management Console
What cloud service listed below provides a freeware type 1 hypervisor used for public and private clouds?
C:\Users\username\AppData\Local\Google\Drive\user_default
Where is the snapshot database created by Google Drive located in Windows?
virtualization as a service
Which of the following is NOT a service level for the cloud?
seizure order
Which of the following is not one of the five mechanisms the government can use to get electronic information from a provider?
