IS381 Module 1 Quiz
A warning banner should never state that the organization has the right to monitor what users do. True False
False
Data collected before an attorney issues a memo for an attorney-client privilege case is protected under the confidential work product rule. True False
False
Under normal circumstances, a private-sector investigator is considered an agent of law enforcement. True False
False
Embezzlement is a type of digital investigation typically conducted in a business environment. True False
True
For digital evidence, an evidence bag is typically made of antistatic material. True False
True
One way to determine the resources needed for an investigation is based on the OS of the suspect computer, list the software needed for the examination. T/F
True
The purpose of maintaining a network of digital forensics specialists is to develop a list of colleagues who specialize in areas different from your own specialties in case you need help on an investigation. True False
True
Policies can address rules for which of the following? 1. he amount of personal e-mail you can send 2. The Internet sites you can or can't access 3. When you can log on to a company network from home Any of the above
Any of the above
Digital forensics and data recovery refer to the same activities. True False
False
You shouldn't include a narrative of what steps you took in your case report True False
False
What is one of the necessary components of a search warrant? 1. Professional codes 2. Standards of behavior 3. Professional ethics 4. Signature of an impartial judicial officer
Signature of an impartial judicial officer
Why should you critique your case after it's finished? 1. To maintain a professional conduct 2. To improve your work 3. To list problems that might happen when conducting an investigation 4. To maintain chain of custody
To improve your work
List three items that should be on an evidence custody form. 1. Description of the evidence, location of the evidence and search warrant 2. Affidavit, search warrant, and description of the evidence 3. Case number, name of the investigator and nature of the case 4. Name of the investigator, affidavit and name of the judge assigned to the case
Case number, name of the investigator and nature of the case
What do you call a list of people who have had physical possession of the evidence? 1. Evidence log 2. Evidence record 3. Chain of custody 4. Affidavit
Chain of custody
You should always prove the allegations made by the person who hired you. True False
False
Police in the United States must use procedures that adhere to which of the following? 1. Third Amendment 2. Fourth Amendment 3. First Amendment 4. None of the above
Fourth Amendment
Why is professional conduct important? 1. It helps with an investigation 2. It includes ethics, morals, and standards of behavior 3. It saves a company from using warning banners 4. All of the above
It includes ethics, morals, and standards of behavior
Why should you do a standard risk assessment to prepare for an investigation? 1. To obtain a search warrant 2. To obtain an affidavit 3. To list problems that might happen when conducting an investigation 4. To discuss the case with the opposing counsel
To list problems that might happen when conducting an investigation
Why should evidence media be write-protected? 1. To make sure data isn't altered 2. To make image files smaller in size 3. To comply with Industry standards 4. To speed up the imaging process
To make sure data isn't altered
What's the purpose of an affidavit? 1. To list problems that might happen when conducting an investigation 2. To determine the OS of the suspect computer and list the software needed for the examination 3. To specify who, what, when, and where—that is, specifics on place, time, items being searched for, and so forth 4. To provide facts in support of evidence of a crime to submit to a judge when requesting a search warrant
To provide facts in support of evidence of a crime to submit to a judge when requesting a search warrant
The triad of computing security includes which of the following? 1. Detection, response, and monitoring 2. Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation 3. Vulnerability assessment, intrusion response, and monitoring 4. Vulnerability assessment, detection, and monitoring
Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation