Forensic Science #7 Computer Forensics

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Why would a forensic computer examiner run such an algorithm?

Typically used to verify that an acquired image of suspect data was not altered during the process of imaging

What is the purpose of a Message Digest 5 (MD5)/Secure Hash Algorithm (SHA)?

Used to verify the integrity of data

List the two main types of evidentiary computer data.

Visible and latent data

Because RAM is not permanent, and its contents are for- ever lost once power is taken away from the computer, what is it also referred to as?

Volatile memory

Where were the BTK killer murders located?

Wichita, Kansas

Who did the BTK killer target?

Women who lived alone in neighborhoods

Name two situations in which an investigator would not immediately unplug a computer at an electronic crime scene.

1.) if encryption is being used and pulling the plug will encrypt the data, rendering it unreadable without a password or key 2.) if data exists in RAM that has not been saved to the HDD, and will thus be lost if power to the system is discontinued.

What year did the first BTK killer murder occur?

1974

What is the smallest unit of information on a computer?

A bit

What do eight bits constitute?

A byte

What machine takes a picture of the hard drive?

A duplicator

What is a FAT and what purpose does it serve?

A file allocation table. It tracks the location of files and folders on the hard disk drive

What is swap space?

A file or defined space on the HDD to which data is written, or swapped, to free RAM for applications that are in use

What two things did the BTK killer send to a TV station?

A poem and a letter

What carries data from one hardware device to another?

A system bus

What aspects of a computer should be photographed close up at an electronic crime scene?

Any running computer monitor, all the connections to the main system unit, such as peripheral devices (keyboard, monitor, speakers, mouse, and so on), equipment serial numbers

What is slack space?

Empty space on a hard disk drive created be- cause of the way the HDD stores files

What is firmware?

Programs stored on ROM chips used to start the boot process and configure a computer's components

What type of memory stores software programs and instructions while the computer is turned on?

Random Access Memory (RAM)

What is another name for firmware?

BIOS/basic input-output system

Why is firmware important to forensic computer investigation?

Because it allows investigators to control the boot process to some degree

What does BTK stand for?

Bind-Torture-Kill

What vehicle did the BTK killer drive?

Black Jeep Cherokee

How are clusters and sectors related to one another?

Clusters are groups of sectors

What was the sentence for the BTK killer?

Consecutive life sentences/ 105 years

What effect does fragmentation have on a hard disk drive (HDD)?

Degrade the perfor- mance of a HDD, causing the read/write heads to have to traverse the plat- ters to locate the data

What is the BTK killer's full name?

Dennis Radar

What are CDs, DVDs, and other containers for programs that are loaded into the memory of a computer referred to as?

External Computer Media

What does ransomware allow?

For hackers to access everything on your electronic devices

What is the primary storage device on most computers?

Hard Disk Drive

What is the difference between hardware and software?

Hardware: The physical components of a computer: case, keyboard, monitor, motherboard, RAM, HDD, mouse, and so on Software: A set of instructions compiled into a program that performs a particular task

What did the BTK killer do to fulfill his desires when he wasn't committing a murder?

He hung himself, took photos, and then masturbated to those photos

What slip up caused the police to reveal the name of the BTK killer?

He sent a floppy disk to the police, which revealed the name of the person and location where the floppy disk was used.

What was the BTK killer's daily job?

Installing locks and security in homes

Why are hackers techniques different?

It differs because of their location

What is the role of the computer's operating system (OS)?

It provides the user with a working environment and facilitates interaction with the system's components.

Who was the head of the BTK killer case?

Lieutenant Landwer

Was the BTK killer a secreter or non-secreter?

Non-secreter

What are sectors and clusters?

Sectors: The smallest unit of data addressable by a hard disk drive, generally consisting of 512 bytes. Clusters: A group of sectors in multiples of two; typically the minimum space allocated to a file.

In what condition were the corpses of the Otara family found?

Strangled and face down in bed Joesphine was hung

Who was the BTK killer's first kill?

The Otara Family

What part of a computer actually does the computing?

The central processing unit (CPU)

What is a computer's motherboard?

The main system board of a computer (and many other electronic devices) that delivers power, data, and instructions to the computer's components.

What is formatting?

The process of preparing a hard disk drive to store and retrieve data in its current form

Why must a hard disk drive be formatted?

To accept the data in it's current form

What is the primary goal in obtaining data from a HDD?

To do so without altering even one bit of data

Why would investigators want to copy blank or unused portions of the HDD?

To preserve latent data

What is malware?

software that is used for malicious intent


Kaugnay na mga set ng pag-aaral

Business Analytics Module #4 Exam (Ch. 13 & 14)

View Set

Ch 18 Nursing management of the newborn

View Set

SY-501 9-20-2018 Exam Questions FROM K:

View Set