compTIA security e8 chap15

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is the key difference between hashing and checksums?

Both can validate integrity, but a hash also provides a unique digital fingerprint.

What is the document that tracks the control of a piece of evidence called?

Chain of custody

Theresa's organization has received a legal hold notice for their files and documents. Which of the following is not an action she needs to take?

Delete all sensitive documents related to the case.

What is eDiscovery?

A process for sharing electronic forensic data

A forensic specialist discovered that an intruder infiltrated a system as a standard user and was therefore unable to remove evidence of their attack to evade detection. The specialist found log entries and inconsistent version-tracking metadata. What is the collective term for the various sources of evidence that an attacker might leave behind?

Artifacts

Henry wants to use an open-source forensic suite. Which of the following tools should he select?

Autopsy

While doing forensic investigation and gathering evidence, which of the following should you keep in mind?

Classify available evidence according to its order of volatility.

What legal concept determines the law enforcement agency or agencies that will be involved in a case based on location?

Jurisdiction

Alaina wants to maintain chain of custody documentation and has created a form. Which of the following is not a common element on a chain of custody form?

Method of transport

Which aspect of digital forensics is most concerned with the definitive and indisputable identification of the source of admissible evidence?

Non-repudiation

What kind of tool, often called a sniffer, is used to capture network traffic, allowing the operator to visualize the various processes involved in the communication?

Protocol analyzer

Naomi is preparing to migrate her organization to a cloud service and wants to ensure that she has the appropriate contractual language in place. Which of the following is not a common item she should include?

Right to forensic examination

Erica provides laptops and mobile devices for her organization's traveling staff members. She has read a number of articles about data being stolen through the use of malicious charging cables or chargers. What type of solution can she give her organization's traveling staff to prevent this attack?

USB data blocker

When is it appropriate to establish a legal hold on information?

When the information is not in your control but is legally relevant

Cynthia wants to make an exact copy of a drive using a Linux command-line tool. What command should she use?

dd


Ensembles d'études connexes

Chapter 11: Employment Relationships and Labor Law

View Set

American History Lesson 3 section 2

View Set

Marketing Chapter 14: Strategic Pricing Methods

View Set

Chapter 2- Language teaching methods (historical/alternative)

View Set

Biology 1201 Final exam- Moroney LSU

View Set

Chapter 22: Communicable Diseases

View Set