Digital Forensics

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Of the two neural networks that make up a GAN, which of the two uses a probability-based algorithm to judge whether an image that it is presented is fake or real?

Discriminator

The PDF file in the suspect's documents list is what kind of document?

Documentation for a vulnerability scanner

What does FUD stand for?

Fully Undetectable

What does "GAN" stand for?

Generative Adversarial Network

Of the two neural networks that make up a GAN, which one has the sole task of creating fake images?

Generator

When antivirus products refer to "updating signatures," the 'signatures' refer to......

Hash values of the malware

Which of the following is true about IoT devices and forensic evidence?

Heart rate data was used from a Fitbit device as evidence in a murder trial.

During an investigation that involves electronic evidence, when applying for a search warrant, three items must be fully detailed in the warrant:

How an electronic device fits into a case.

Which of the following does NOT describe Incident Response?

Incident Response focuses on E-Discovery

The process where a forensic platform like Autopsy takes a forensic image like a .dd and sorts all of the different types of files is referred to as......

Ingestion

Based on your examination of the hacker .dd file in Autopsy, what kind of browser did the suspect use when he navigated the internet?

Internet Explorer

What does the "IRC" in mIRC stand for?

Internet Relay Chat

What is the URL extension that is on all sites on the dark web?

.onion

Android phones that have OS version _________ or later will all have full chip encryption, so they can't be "chipped off."

6.0.1

Who wrote the book "File System Forensic Analysis?

Brian Carrier

What does BGA stand for with regard to damaged device forensics?

Ball Grid Array

You have successfully removed an embedded chip from a badly damaged Android phone. When you image the chip for forensic analysis, there are two options for saving the phone's contents: as a .dd (raw) file or as a _____________ file.

Binary

The term "deepfake" is a composite of which two phrases?

Deep Learning + Fake

Which of the following highlighted installed programs listed in Autopsy is specifically used for hacking purposes?

Cain & Abel

A detective is investigating a homicide where the only piece of evidence is the victim's Android smartphone. There are no leads with regard to photos, videos, or other documents. The detective decides to make a social network graph of the victim's texting contacts to visualize his relationships. In the resulting graph, some of the nodes are scaled larger than other nodes to indicate their importance or influence within this network. In social network analysis, what is this metric of influence or importance called?

Centrality

Which statement is true about cyberbullying and cyberharassment?

Cyberbullying is between minors.

In order to get data from a chip removed chip, only two connections are required. These are the clock (CLK) and.......

D0

What is the name given to a specialized search filter used in the Google Hacking Database (GHDB) that is focused on vulnerabilities and exploits?

Dork

What is the name for the metadata that is found in the first several lines of hex code of an image file?

EXIF

What is the term used to describe a vulnerability that has been weaponized to leverage entry into a computer?

Exploit

In mobile forensics, what is term used to describe the forensic copy that is made of a device that is used during an investigation?

Extraction

What was the name given to the threat actor who broke into the Democratic National Committee in 2016 and stole thousands of E-mails that were given to Wikileaks?

Fancy Bear

n which country is Cellebrite's headquarters located?

Israel

Which US Supreme Court Case decided that police require a warrant when requesting social media account records during an investigation?

Katz v. United States

Which one of the following is a reason why certain malicious payloads show up in malware scanning repository websites?

Malicious code released into the wild is identified as malware, then becomes known to all malware repositories.

Which of the following is NOT true about malware forensics?

Malware must be analyzed on a machine that is actively connected to the internet so that the analysis tools can find the latest countermeasures for the malicious code.

Which of the following is NOT a reason why IoT devices are good for recovering forensic information?

Many IoT devices come with Apple operating systems native to them.

What is one generally good reason why IoT devices are good candidates for recovering forensic information?

Many IoT devices have no encryption.

What is the name of the Cellebrite tool that can forensically analyze a binary file that was created from a damaged mobile phone?

Physical Analyzer

What is the name of a specialized shell used in the Metasploit Framework that comes with additional exploitation tools such as a keystroke logger and a webcam pirating function?

Meterpreter

What is the name of the older flash-based technology where a controller chip is separated from the memory chip?

NAND Flash

Which of the following is true about IoT devices and forensic evidence?

Number of steps from a Fitbit has been used as evidence in murder trials.

What is the term used to describe a packaged program containing malicious code that is delivered to a victim machine following an unauthorized network entry?

Payload

What is the term used to describe the ability for malware to remain active even after the victim computer has been rebooted?

Persistence

What types of files are these?

Prefetch Files

What element of law covers the authentication of E-Mails and text messages through identifiable patterns that can be attributed to a specific person?

Reply Letter Doctrine

What is the name of a method of obfuscating malware that hides malicious shellcode inside of normal programs?

Shell Injection

This image taken from the Autopsy digital forensic platform is an example of what kind of forensic artifact?

Shellbags

What is the name of the pre-trained GAN that is used by the website www.thispersondoesnotexist.com to generate deepfake faces?

StyleGAN2

What is the technical term for the removal of a chip from a damaged device?

Subtraction

Which of the following is NOT one of the standard features that comes with most APTs (advanced persistent threats)?

Switch on the victim's computer microphone.

Under which set of laws does the "Reply Letter Doctrine" fall?

The Federal Rules of Evidence

Autopsy is a graphical front end for which command line forensics application?

The Sleuth Kit

One of the most frequent crimes involving social media is the selling and purchase of illegal items on the dark web. What is the name of the browser that is used to navigate dark web sites?

The Tor Browser

Which of the following is NOT a reason to perform a chip-off procedure on a mobile phone?

The mobile device is an iPhone

Which social media crime involves making physical threats to another person?

There is no such crime on the books.

What is the name for the smaller representation of an image that is embedded with the image file?

Thumbnail

Which of the following is NOT a reason to study and familiarize yourself with different network attack methodologies?

To demonstrate your "kung fu" (hacker forum slang) as a hacker to hacker groups on the dark web.

What is the flash-based technology where the controller chip is integrated onto the memory chip so they function as a single unit?

eMMC

What is the name of a polymorphic encoder in the Metasploit Framework that is used to make malware fully undetectable?

shikata_ga_nai

What is the name of a website that will scan files for malicious code?

virustotal.com


Kaugnay na mga set ng pag-aaral

Mergers True and False Ch 17, 18, 19, 20, 21

View Set

Med-surg Ch. 48 (acute inflammatory intestinal disorders):

View Set