Computer Forensics Review Questions

¡Supera tus tareas y exámenes ahora con Quizwiz!

What do you call a list of people who have had physical possession of the evidence?

Chain of custody

List two types of digital investigations conducted in a business

Embezzlement and fraud

Data collected before an attorney issues a memo for an attorney-client privilege case is protected under the confidential work product rule. True or false?

False

Under normal circumstance, a private-sector investigator is considered an agent of law enforcement. True or False?

False

You should always prove the allegations made by the person who hired you. True or False?

False

Digital forensics and data recovery refer to the same activities. True or False?

False, digital forensics is analyzing and documenting data found on a computer in order to aid a criminal investigation

What are the necessary components of a search warrant?

Probable cause, what you're searching for, who is involved, when the search is taking place and where the evidence will be

List two items that should appear on warning banner

The computer may be subjected to surveillance and the fine that comes with breaking the law

Why should you critique your case after it's finished?

To improve your work and fix your mistakes

For digital evidence, an evidence bag is typically made out of antistatic material. True or False?

True

What are some ways to determine the resources needed for an investigation?

Determine the operating system of the suspect computer and list the necessary software to use for the examination

List three items that should be on an evidence custody form

Name of the investigator, case number and description of the evidence

What is the purpose of maintaining a network of digital forensics specialists?

To develop a list of colleagues who specialize in areas different from your own specialization in case help is needed in an investigation

Why should evidence media be write-protected?

To ensure that data isn't altered in any way - you can use a right blocker to prevent any changes

What is the purpose of an affidavit

To justify issuing a warrant

Professional conduct. Why is it important?

To make sure everyone is comfortable and acting professionally

Why should you do a standard risk assessment to prepare for an investigation?

To make sure you don't accidentally lose the data/evidence

The triad of computing security involves which of the following?

Vulnerability/threat assessment and risk management, network intrusion detecting and incident response, and digital investigation

List three items that should be in your case report

What you found, where you found it, and how you found it

What are some the rules that policies can address?

When you can log on to a company network from home, the internet sites you can or can't access, and the amount of personal email you can send

Police in the United States must use procedures that adhere to...

the fourth amendment


Conjuntos de estudio relacionados

Sherpath: Developmental Disability

View Set

Exam 2 Labor & Delivery & Postpartum

View Set

Leading indicators & final review

View Set

Personal Financial Planning Exam 1

View Set

History Midterm Chronology Group #2

View Set

STOCK, TRADICIONAL, Nomenclatura IUPAC

View Set