Computer Forensics
List two organizations mentioned in Chapter 1 that provide computer forensics training.
CTIN, HTCIA
List two items that should appear on an internal warning banner.
Employee email is not personal and the organization has the right to monitor what users do
A corporate investigator must follow Fourth Amendment standards when conducting an investigation. T/F
False
Computer forensics and data recovery refer to the same activities. T/F
False
Three common types of digital crime.
Fraud, e-mail harassment, cyberstalking
Police in the United States must use procedures that adhere to what?
The Fourth Amendment
What is the purpose of an affidavit?
To provide facts in support of evidence of a crime to submit to a judge when requesting a search warrant.
Warning banners are often easier to present in court than policy manuals are. T/F
True
Policies can address:
When you can log on to a computer network from home The Internet sites you can or cannot access The amount of personal e-mail you can send
What are the necessary components of a search warrant?
Who, what, when and where
Under normal circumstances, a corporate investigator is considered an agent of _______.
law enforcement
Laws and procedures for PDAs are ______.
still being debated
Why should companies appoint an authorized requester for computer investigations?
to reduce conflicts from competing interests among other organizations or departments and to avoid starting investigations based on innuendo or jealousy
The triad of computing security includes _______.
vulnerability assessment, intrusion response, and investigation
What is the purpose of maintaining a network of other computer forensics specialists?
you need to develop a list of colleagues who specialize in different areas than you in the event you need help on a case