ISCS377: Chapter 2
NTFS
Windows hard disks can now use a variety of file systems, including FAT16, FAT32, __________, and Resilient File System
Uniform Crime Report (UCR)
__________ are generated at the federal, state, and local levels to show the types and frequency of crimes committed
Norton Ghost
__________ can be used to restore backup files directly to a workstation
Computer Forensics Lab
a __________ is where you conduct your investigations, store evidence, and do most of your work
Digital Forensics Lab
a __________ is where you conduct your investigations, store evidence, and do most of your work
Disaster Recovery
a __________ plan also specifies how to rebuild a forensic workstation after it has been severely contaminated by a virus from a drive you're analyzing
True
a good working practice is to use less powerful workstations for mundane tasks and multipurpose workstations for the higher-end analysis tasks
TEMPEST
a term referring to facilities that have been hardened so that electrical signals from computers, the computer network, and telephone systems can't be monitored or accessed easily by someone outside the facility
Secure Facility
a(n) __________ acts as an evidence locker or safe to preserve the integrity of evidence
Business Case
a(n) __________ is a plan that can be used to sell your services to management or clients, in which a justification is made for acquiring newer and better resources to investigate digital forensics cases
Disaster Recovery Plan
addresses how to restore a workstation you reconfigured for a specific investigation
Lab Manager
creates and monitors lab policies for staff and provides a safe and secure workplace for staff and evidence
Uniform Crime Report (UCR)
identifies the number of hard disk types, such as SATA or SCSI, and the OS used to commit crimes
False
if damage occurs to the floor, walls, ceilings, or furniture on your computer forensics lab, it does not need to be repaired immediately
Forums and Blogs
one way to investigate older and unusual computing systems is to keep track of __________ that you can find through an online search
Risk Management
the process of determining how much risk is acceptable or any process or operation, such as replacing equipment
Configuration Management
the process of keeping track of all upgrades and patches you apply to your computer's OS and applications
True
the recording of all updates made to a workstation or machine is referred to as configuration management
Norton Ghost
tool for directly restoring files
Certified Cyber Forensics Professional
what certification program, sponsored by ISC², requires knowledge of digital forensics, malware analysis, incident response, e-discovery, and other disciplines related to cyber investigations?
Special wood molding for all doors.
which of the following DOES NOT apply to a TEMPEST-qualified lab?
The people authorized to open the evidence container should be limited to supervisors.
which of the following is NOT a recommendation for securing storage containers?
Take training to update his technical skills.
which of the following is NOT a responsibility of a lab manager?
Off-Site
you should have at least one copy of your backups on site and a duplicate copy or a previous copy of your backups stored in a safe __________ facility
