week 11 chap 12 & 13

Explain what a service level agreement is.

?

Explain why digital forensics examiners should be most concerned with restrictions applied to customers and security measures.

?

Available to access the Internet or take pictures while walking

Google Glass

Includes cars, homes, pets, livestock, and applications for making all these things work together

Internet of Anything

Includes the ever-growing number of physical devices connected on the Internet

Internet of Things

Nonvolatile memory

ROM

A ____ is a tool with application programming interfaces (APIs) that allow reconfiguring a cloud on the fly; it's accessed through the application's Web interface. a. programming language b. management plane c. backdoor d. configuration manager

b

Cellebrite includes ____, a mobile forensics tool that's often used by law enforcement and the military. a. MOBILedit Forensics b. UFED Reader c. BitPim d. DataPilot

b

For personal use, ____ have been replaced by iPods, iPads, and other mobile devices. a. SDHCs b. PDAs c. CFs d. MMCs

b

Select the folder below that is most likely to contain Dropbox files for a specific user: a. C:\Dropbox b. C:\Users\username\Dropbox c. C:\Users\Dropbox d. C:\Users\username\AppData\Dropbox

b

The ____ is an organization that has developed resource documentation for CSPs and their staff. It provides guidance for privacy agreements, security measures, questionnaires, and more. a. OpenStack Framework Alliance b. Cloud Security Alliance c. Cloud Architecture Group d. vCloud Security Advisory Panel

b

The ____ digital network, a faster version of GSM, is designed to deliver data. a. TDMA b. iDEN c. EDGE d. D-AMPS

c

The file system for a SIM card is a ____ structure. a. volatile b. circular c. hierarchical d. linear

c

Remote acquisitions are often easier because you're usually dealing with large volumes of data. (T/F)

false

Proprietary protocol developed by Motorola

iDEN

Homomorphic encryption uses an "ideal lattice" mathematical formula to encrypt data. (T/F)

true

In 1999, Salesforce.com developed a customer relationship management (CRM) Web service that applied digital marketing research to business subscribers so that they could do their own market analysis; this service eventually led the way to the cloud. (T/F)

true

In 2010, both VMware and BlackBerry were thinking of developing type 2 hypervisors for mobile devices. (T/F)

true

Portability of information is what makes SIM cards so versatile. (T/F)

true

Explain what "anti-forensics" is, and provide detail on some anti-forensics tactics.

Anti-forensics tactics are used in cloud environments as well as in other network environments. Hackers might obfuscate incriminating files or hide them by the simple technique of changing file extensions. Specialized malware for defeating evidence collection can add time to an investigation and result in the loss of valuable evidence. Additional methods for anti-forensics include inserting malware programs in other files, using encryption to obfuscate malware programs activated through other malware programs, and using data-hiding utilities that append malware to existing files. Other techniques affect file metadata by changing the modify and last access times. Changing file timestamps can make it difficult to develop a timeline of a hacker's activities. Calculating hash values of files and comparing the results with known good files' hash values can help identify files that might have been altered.

One of the most common digital networks, it uses the full radio frequency spectrum to define channels

CDMA

Has a collection of cables that can interface with phones made by Nokia, Motorola, Samsung, among others

DataPilot

Standard developed specifically for 3G

EDGE

Explain what a government agency subpoena is, and describe how it is used.

U.S. Code 18 states that customer communications and records can't be knowingly divulged to any person or entity, although it allows specific exceptions to government agencies. This type of subpoena is used to get information when it's believed there's a danger of death or serious physical injury or to get information for the National Center for Missing and Exploited Children.

A stand-alone portable device with software that can be loaded on a computer

Universal Forensics Extraction Device (UFED)

Addresses the many parts that have sensors in cars

Vehicle system forensics

In a Windows environment, BitPim stores files in ____ by default. a. My Documents\BitPim b. My Documents\Forensics Files\BitPim c. My Documents\BitPim\Forensics Files d. My Documents\BitPim\Files

a

The ____ Dropbox file stores information on shared directories associated with a Dropbox user account and file transfers between Dropbox and the client's system. a. filecache.dbx b. read_filejournal c. filetx.log d. filecache.dll

a

The ____ digital network divides a radio frequency into time slots. a. TDMA b. CDMA c. FDMA d. EDGE

a