Computer Forensics Chapter 1 Review Questions
List two items that should appear on a warning banner.
Access to this system and network is restricted. Use of this system and network is for official business only.
The triad of computing security includes which of the following?
Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation
What is professional conduct, and why is it important?
Behavior expected in a professional environment.
List three items that should be on an evidence custody form.
Case number. Name of investigator handling the case. Nature of the case.
What do you call a list of people who have had physical possession of the evidence?
Chain of custody
Digital forensics and data recovery refer to the activities. True or False?
False
Under normal circumstances, a private-sector investigator is considered an agent of law enforcement. True or False?
False
You should always prove the allegations made by the person who hired you. True or False?
False
Police in the United States must use procedures that adhere to which of the following?
Fourth Amendment
List two types of digital investigations typically conducted in a business environment.
Internet Abuse. Email Abuse.
Why should you critique your case after it's finished?
It will be an effort to improve your work in the future.
What's the purpose of an affidavit?
Justify issuing a warrant or to deal with abuse in a corporation.
List three items that should be in your case report.
Resources required. Creation of detailed checklist. Identification of risks.
What's the purpose of maintaining a network of digital forensics specialists?
So you have colleagues who specialize in area's other than yours.
Why should evidence media be write-protected?
To make sure data isn't altered
Data collected before an attorney issues a memo for an attorney-client privilege case is protected under the confidential work product rule. True or False?
True
Policies can address rules for which of the following?
When you can log on to a company network from home. The Internet sites you can or can't access. The amount of personal e-mail you can send. (Any of the above)