Cyber Crime
Four traditional justifications for terrorism
"No Choice", Emphasis of Weakness Justifications, Peaceful nonviolient/Rhetorical justifications, Demonizing and Delegitimization justification
It is estimated that more than half of business spend this percentage of their info technolgy on security
5% or less
Permanant mass storage device, not typically viewed as portable until USB became availiable
Hard Disk Drive
What are 2 reasons dont business report cyber crime problems
1.Didnt think anyone would be caught 2.Did not want the general public to know that their data might be comprimised.
According to the general checklist of evidence preservation. Min and Max temps of computer related evidences should be exposed to
90/60 degrees
A legal element that should be establish while conducting a forensic examination of a computer are
Ownership
Why is hasing important when dealing with computer forensics
Allows files to be compared to confirm they are identical or look for specific files based on hash value
THe first rule of the three cardinal rules of computer investigation is
Always work from an image of the suspects media, never the original
to compose a email as a draft so that someone else can log in and read the draft message
An Electronic Dead Drop
According to Electronic Comm Act of 1986, the acquistion of the contents of any communication through the use of electronic, mechanical, or other devices is
An Intercept
Weeks v United State established the exclusionary rule, which stated
Any results of an illegal government search cannot be used in subsequent prosecutions
Type of bus ( connection type) used for adding expansion cards to computers
PCI Express Bus
Magic Latern does
Bypass firewall settings
A text based method of issuing instructions to computer (DOS as an example)
CLI (Command-Line Interface)
If you notice child porn on a computer during a search warrant but initially you werent looking for child porn what should be your next step
Call and obtain a warrant
In 2006 daniel j. lin was the first person who convicted of this violent act. He was convicted of sending fraud emails with fake headers this act is
Can-Spam Act of 2003
Gleaning the info off credit cards using a magnetic reader
Card Skimming
The integrated circuit that interprets program instructions
Central Processing Unit
Things that must be done at a crime scene regardless
Collect date/time/location of the search recorded Crime scene log listiong everyone processing the scene Note presence of any network connections A detailed chain of custody report
ONe of the FBIs controversial claims under this act is that the interception of a conference call may continue even if the target of the intercept leaves the conference call.
Communication Assistance of Law Enforcement Act
According to the book author this is the most important aspect of scene processing
Complete Documentation
Available originally in 5.25 inchand 3.5 inch varieties-"PORTABLE storage device, limited in size.
Floppy Disk Drive
A text based method of issuing instructions tocomputers (DOSas an example)
GUI
Ascraft v Free Speech Coalition was a difficult to prosecuting Child Porn cases because it
Created a " Virtual pornography" defense that would require the identification of a real victim to counteract
This is the color of the hat if the hacker is inbetween good and bad.
Grey
This is the comprehensive analysis of large data sets specifically to uncover patterns and relationships
Data Mining
Use or distribution of software without the permission or authoriztion of the copyright holder is
Data Piracy
The book author says that photographs should be taken of the suspect computer screen because
Data stored in RAM will be lost when computer is powered down
Forensic computer examination revealed that this killer met 13 year old girl on an Online Chat room
David Fuller
Man ID as the BTK killer of Wichita, KS
Dennis Rader
Software like Access Data Password Recovery Tool Kit primarily uses variations of this method to crack
Dictionary Attack
The method a browser uses to convert an internet address is called
Domain Name System (DNS)
Carnivor is a portion of a larger software suite that allows FBI to rebuild browsing history ,email and ect known as
DragonWare Suite
Carnivore is a software tool used by FBI that collects
Email traffic on Network
Encryption relies on preventing outside observer from knowing where hidden data lies
False
steganography does not hide data from view it only prevents it from being accessed without proper decryption key
False
The process that scans a hard disk for deleted or other files that may not be accounted for by the operating system
File Carving
This Act is the first to make possession of anothers ID info a crime punishable up to twenty years
ID Theft Assumption Deterrence Act of 1998
This is commonly seen as the least destructive type of hackers
Informational Voyeur Hackers
Program capable of monitoring network traffic and capturing specific data
Packet Sniffing
Arrested in 1995 for cyber crime. was the most famous hacker
Kevin Mitnick
Program or device that captures all keystrokes, mostly used for capturing passwords
Keyloggers
Using forensic sofware to look for the terms "fire"and "burn" on a computer associated with an arson case are examples of
Keyword searches
Backdoors, Trojans, Denial of service attacks, and worms are part of a larger family code which is
Malware
This is located in the cylinder 0, head 0 and sector 1 of the bootable peice of media
Master Boot Record
Device used to connect a computer to a network or other computer using a telephone line
Modem
Six patterns of Nigerian fraud include
Money from wills, Fraudulent oil sales, Contract Fraud (COD of goods or services), Currency Exchange, Real Estated Deals, Over Invoiced Contracts.
Difference between Cyber Crime and Organized Crime
Most of their crimes are Internet based
Primary Circuit board that all components of the computer are plug into.
Motherboard
Stereotype term used by law enforcement "Computer Criminals" are
Non-Threatning Nerds
Characterized as a scale that weighs the individual employees expectation of against governmental interest
Ortega Doctrine
An email or document that tries to trick a user into revealing a password or other info
Phising
The precursor of hacking, this involves finding ways to steal services from telecomm companies
Phreaking
This is considered the precursor of modern hacking
Phreaking
Which extraction imaging technique covers everyting on a hard disk, from the first to the last sector instead of just the contents of a partition?
Physical image/extraction
Driving around a neighborhood targeting mailboxes with flags up in order to steal mail is called
Popcorning
Four traits of cyberterrorism
Premeditated, Methodical, Inteded to do real finanical physical or psych harm, targets civilian targets or audiences
The act created the Amber Alert coordinatior in exposing penalties
Protect Act
Katz v US was important because it established that 4th amend
Protect people, not places
Short term (temporary) memory used by operating system/programs- erased when computers reboot
Random Access Memory
This type of malware encrypts portions of a users hard drive and will not allow the user to access their own data until the user pays to have the data encrypted
Ransomware
Insiders are often the most overlooked danger to a company when it comes to hacking. The typical motivation to a insider is
Revenge
Created first Computer "worm" in 1988
Robert Morris
A compilation of tools criminals use to maintain access, build backdoors, and collect info
Rootkit
1957 the Supreme Court what supreme court case determined that obscene material was not constitutionally protected free speech
Roth v. United States
Device used to digitize images and documents for use on computers
Scanner
Short list of commands which can be copied, inserted, used to attack a local computer or network
Scripts
Software that is secretly bundled into legitimate software that collects data and then sends it to somewhere else
Spyware
the sixth item in the checklist - evironments should be
Static Free
The Electronic Comm Privacy act of 1986. Title two of the act provided protections for
Stored Electronic Communications
The set of protocols that allow the internet to function. Interenet address are based on these protocol specifications
TCP/IP
4-1-9 scams are called 4-1-9 scams because
That is the section of the Nigerian Penal Code that deals with fraud
What defined Miller v. California
The "Average Person" determines that the work is patently offensive..and it .. It lacks serious literary, artistic, political, or scientific value
In 2002, Supreme Court used this rationale in striking down the Child Porn Protection Act was that
The Prospect of crime...by itself does not justify laws suppressing free speech.
Internet web archives like "Wayback Machine" are useful to investigators because the suspect viewed a certain webpage on a certain date
The WaybackMachine lets investigators see the page as it appeared when the suspect viewed it
Convertly installed program designed to collect info,provide, control or distribute data
Trojans
A secondary warrant is needed to search the contents of the computer if the original warrant was only to recover the computer
True
Common connection type that is intedned to set a universal standard among peripheral manufacturers
Universal Serial Bus
Program or malicious code inteded to compromise computers
Virus
This is the color of hat that a hacker is said to wear if he is a good hacker.
White
Media that has been forensically sterilized means that it has been
Wiped Clean
Wolly contained viruses that propagate thru email or other means and attack networks
Worm
This web-based tool will query a database that includes domain names, IP addys, and points of contact on websites
whois