Computer Crime Study Guide 1
sworn statement of support of facts about or evidence of a crime that is submitted to a judge to request a search warrant before seizing evidence
Affidavit
allows legal counsel to use previous cases similar to the current one because the laws don't yet exist
Case law
investigates data that can be retrieved from a computer's hard disk or other storage media
Computer forensics
Computer investigations and forensics fall into the same category: public investigations.
False
The law of search and seizure protects the rights of all people, excluding people suspected of crimes.
False
organization that exchanges information about techniques related to computer investigations and security
HTCIA
involves selling sensitive or confidential company information to a competitor
Industrial espionage
specifies who has the legal right to initiate an investigation, who can take possession of evidence, and who can have access to evidence
Line of authority
the legal process of proving guilt or innocence in court
Litigation
yields information about how a perpetrator or an attacker gained access to a network
Network forensics
After a judge approves and signs a search warrant, it's ready to be executed, meaning you can collect evidence as defined by the warrant.
True
By the 1970s, electronic crimes were increasing, especially in the financial sector.
True
To be a successful computer forensics investigator, you must be familiar with more than one computing platform.
True
recognizes file types and retrieves lost or deleted files
Xtree Gold
____ involves recovering information from a computer that was deleted by mistake or lost during a power surge or server crash, for example. a. Data recovery c. Computer forensics b. Network forensics d. Disaster recovery
a. Data recovery
By the early 1990s, the ____ introduced training on software for forensics investigations. a. IACIS c. CERT b. FLETC d. DDBIA
a. IACIS
In addition to warning banners that state a company's rights of computer ownership, businesses should specify a(n) ____ who has the power to conduct investigations. a. authorized requester c. line of right b. authority of line d. authority of right
a. authorized requester
The affidavit must be ____ under sworn oath to verify that the information in the affidavit is true. a. notarized c. recorded b. examined d. challenged
a. notarized
A ____ usually appears when a computer starts or connects to the company intranet, network, or virtual private network (VPN) and informs end users that the organization reserves the right to inspect computer systems and network traffic at will. a. warning banner c. line of authority b. right of privacy d. right banner
a. warning banner
In the Pacific Northwest, ____ meets monthly to discuss problems that law enforcement and corporations face. a. IACIS c. FTK b. CTIN d. FLETC
b. CTIN
Based on the incident or crime, the complainant makes a(n) ____, an accusation or supposition of fact that a crime has been committed. a. litigation c. blotter b. allegation d. prosecution
b. allegation
The ____ group manages investigations and conducts forensic analysis of systems suspected of containing evidence related to an incident or a crime. a. network intrusion detection c. incident response b. computer investigations d. litigation
b. computer investigations
Most computer investigations in the private sector involve ____. a. e-mail abuse c. Internet abuse b. misuse of computing assets d. VPN abuse
b. misuse of computing assets
Maintaining ____ means you must form and sustain unbiased opinions of your cases. a. confidentiality c. integrity b. objectivity d. credibility
b. objectivity
Without a warning banner, employees might have an assumed ____ when using a company's computer systems and network accesses. a. line of authority c. line of privacy b. right of privacy d. line of right
b. right of privacy
____ involves preventing data loss by using backups, uninterruptible power supply (UPS) devices, and off-site monitoring. a. Computer forensics c. Disaster recovery b. Data recovery d. Network forensics
c. Disaster recovery
In a ____ case, a suspect is tried for a criminal offense, such as burglary, murder, or molestation. a. corporate c. criminal b. civil d. fourth amendment
c. criminal
A(n) ____ is a person using a computer to perform routine tasks other than systems administration. a. complainant c. end user b. user banner d. investigator
c. end user
It's the investigator's responsibility to write the affidavit, which must include ____ (evidence) that support the allegation to justify the warrant. a. litigation c. exhibits b. prosecution d. reports
c. exhibits
Corporations often follow the ____ doctrine, which is what happens when a civilian or corporate investigative agent delivers evidence to a law enforcement officer. a. silver-tree c. silver-platter b. gold-tree d. gold-platter
c. silver-platter
The FBI ____ was formed in 1984 to handle the increasing number of cases involving digital evidence. a. Federal Rules of Evidence (FRE) b. Department of Defense Computer Forensics Laboratory (DCFL) c. DIBS d. Computer Analysis and Response Team (CART)
d. Computer Analysis and Response Team (CART)
In a criminal or public case, if you have enough information to support a search warrant, the prosecuting attorney might direct you to submit a(n) ____. a. blotter c. litigation report b. exhibit report d. affidavit
d. affidavit
Published company policies provide a(n) ____ for a business to conduct internal investigations. a. litigation path c. line of allegation b. allegation resource d. line of authority
d. line of authority
Your ____ as a computer investigation and forensics analyst is critical because it determines your credibility. a. professional policy c. line of authority b. oath d. professional conduct
d. professional conduct
In general, a criminal case follows three stages: the complaint, the investigation, and the ____. a. litigation c. blotter b. allegation d. prosecution
d. prosecution