Cyber Crimes Final Exam Study Guide!

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

T/F Courts were becoming Less familiar w/ digital evidence during the Enterprise Phase?

False they were MORE familiar w/ digital evidence

Name the Legislation "Against the unauthorized modification or deletion of data on a computer system, and against damage to computer hardware including networks. The maximum penalty for a single offense classified as a Felony of the Third Degree was: "Up to 5 years of imprisonment and a fine of up to $5,000 or any higher amount equal to double the pecuniary gain derived from the offense by the offender or double the pecuniary loss suffered by the victim."?!??!

Florida Computer Crimes Act of 1978?!?!?

________ _________ is when Data is unaltered and the acquisition process was documented?!?!

Forensic Soundness

What Standard is "Scientific evidence is only admissible if it is generally accepted as reliable by the scientific community"?!?!

Frye Standard

_________ ______ are Capable of providing communication, photography, navigation, entertainment, and data storage.

Handheld Devices

Explain what imaging, hashing/hash values are?!?!

Hashes-- they are used to identify and remove junk data with the NSRL/NIST used to de-duplicate files in computer forensics &electronic discovery Imaging--

During the Enterprise Phase more forensic tools were being developed to assist law enforcement: (_____ vs. _____-______ )

Propietary software vs. Open-Source

Whats a Collision?!?

an event of two or more records being assigned the same identifier or location in memory.

What case did the Supreme Court rule that law enforcement may obtain permission from 3rd PARTY so long as they share a common authority over the property being searched?!?!?!

(Illinois v. Rodriguez, 1990)

In Digital Forensics Collection/ Acquisition involves what 3 things?

1. Search & Seizure 2. DOCUMENT 3.Preservation (write Blocker,imaging,hash values)

What are the 4 common Stages of Digital Forensic Investigation?

1) Survey/ Identification 2) Collection/ Acquisition 3) Examination/ Analysis 4) Report/ Presentation

What are the 3 Steps in the Digital Forensic Process?!?!

1. Acquisition 2. Analysis 3. Reporting

W/ the Four common stages of a digital forensic investigation (and what's the most important part?)

1. Acquisition 2. Identification 3. Evaluation 4. Admission

What are 2 types of digital Forensics in the 1980's?!?!

1. Dead-box Forensics 2. Computer Forensics

Traditionally war are the 3 most common forms of digital evidence in computer systems?

1. Hardware 2. Software 3. Peripheral Devices

What 3 purposes digital evidence be used to link people,places, & objectives involved in a crime?

1. Identify or Eliminate Suspects 2. Refute Testimony 3. Corpus Delicti

List the 3 Supreme Court Cases & clauses that become extremely important when a suspect is compelled to provide the encryption key or password to an electronic device that may contain incriminating files?!?!?!!?

1. In re Boucher (2007) 2. United States v. Fricosu (2012) 3. In re Doe (2012)

There are inconsistencies between state and federal legislation in the United States, as well as a variety of international judicial systems w/ regards to what 2 SPECIFIC Legislation?!? - Key disclosure law - Different admissibility standards

1. Key disclosure law 2. Different admissibility standards

List 4 of the many problems during the "Ad Hoc" Stage (early 1980's)?

1. Lack of formal structure 2. Lack of Protocols 3. Lack of Training Tools 4. Chain of custody issues

What are Three methods of physical extraction (according to NIST)?!?!?

1. Logical extraction gets information from the device using the original equipment manufacturer application programming interface for synchronizing the phone's contents w/ a PC 2. Brute force Extraction is performed by 3rd party passcode brute force tools that send a series of passcodes / passwords to the mobile device 3. File system extraction is used for understanding the file structure, web browsing history, or app usage, and providing the examiner with the ability to perform an analysis with traditional computer forensic tools

Digital Forensics refers to the analysis of digital evidence give the 4 typed of forensics?!?!

1. Network forensics (Internet traffic) 2. Computer forensics (computer hardware) 3. mobile-device forensics (cell phone) 4. Malware forensics (viruses)

Give 4 Exceptions to Search Incident To Arrest?!?

1. Plain view doctrine 2. Motor vehicle searches 3. Border searches 4. Open fields

In the ADMISSIBILITY OF EVIDENCE Give the 5 Evidentiary Issues when assessing the Admissibility of Electronic Evidence?!?!

1. Relevance 2. Authenticity 3. Not hearsay or is admissible hearsay 4. Original writing rule 5. Not duly prejudicial

In SCIENTIFIC EVIDENCE List the 3 Tradition standards for assessing the admissibility of scientific evidence from expert testimony?!!?

1.Frye 2. Federal Rules of Evidence 702 3. Daubert

What are the 3 Basic Requirements for a Warrant?!?

1.Must signed by a Neutral/Impartial judge or magistrate w/ NO vested interest 2. Must have PROBABLE CAUSE 3. Explicitly explain what crime was committed, & the location to be searched & the specific items to be seized

Name this Amendement "No person shall be held w/ out right to a Grand Jury, Double Jeopardy, Right to not Testify against self, Due process of law; nor shall private property be taken for public use, w/out compensation"?!?!?

5th Amendement

The Pre-Forensics stage in the early 1980's was called the __ ___ stage.

Ad Hoc Stage

_________ vs. _________ Dow Pharmaceuticals 1993 suggested 4 criteria for determining whether the relevant scientific evidence, theory, or study is reliable, therefore admissible, in court, List the 4 Criteria outlined?!?!

Daubert v. Merrell 1. Testing 2. Publication 3. Error Rate 4. Acceptance

_______ ________ is the investigation and analysis of media originating from digital sources in an effort to uncover evidence to present in a court of law.?!??!

Computer Forensics

What was established in 1986 involving the evolution of computer forensics legislation?

Computer Fraud & Abuse Act in 1986

Define what "Confirmation Bias" is and explain how it can cause you to make less than optimal choices?!?!?

Confirmation bias os when people filter out potentially useful facts that don't Agree w/ their own opinion. It affects perceptions & the decision making process can cause us to make less-than-optimal choices.

A __________ __________ is made when an individual gives permission, voluntarily and without deceit, to law enforcement to conduct a search.

Consent Search

Computer Forensics is also known as _______ _______?

Digital Forensics

These 4 events could be seen as the end to what Phase? --- 1. Backlogs of cases involving digital evidence 2. Lack training its expensive 3. No standards in certification/expertise 4. Need tools that can handle the ever-changing world of Technology

End of Enterprise Phase

What phase was when the 1st International Association for Forensic Science conference (1999) met? Coming out w/ the International Journal of Digital Evidence (2002) claiming computer forensics was Inaccurate?!??!

End of Structured Phase

_______ Phase was during the early 2000's known as the "Golden Age".

Enterprise Phase

What was Established in United States vs. Robinson in 1973?!?!?

Established constitutionality of search incident to arrest

__________ / ___________ involves: — Data recovery & extraction — Slack space — Tools of the trade — Repeatability & Reproducibility

Examination / Analysis

In storage devices ______ vs. ______ are 2 types of hard drives?!?!?!

External vs. Internal

In 1990 the Supreme Court declared an Exception redrawing warrants. Saying a warrantless search may be constitutional even if it does violate a person's reasonable expectation of privacy as long as it falls w/ in an established exception to the rule was declared in what Legal Case?!?!?

Illinois v. Rodriguez (1990)

How does SWGDE define digital evidence?

Information of probative value stored or transmitted in digital form

What 2 Supreme Court cases deal w/ the Right to Privacy & the "Reasonableness Standard"?!?!?

Katz vs. United States 1967 & U.S. vs. Pouloson 1994

A _____ _________ law is legislation that mandates a person to provide encryption keys or passwords to law enforcement for digital forensic investigations?!?!

Key Disclosure

The size & look of computer has dramatically changed but what system is the "Grandaddy of them all"?!?!

Legacy Systems

What Principal is this— "When there is contact between two items, there is an exchange of material"?!?!?

Locards Pricpal of Exchange

In 1966 this case was ruled on by the Supreme court saying "You have the right to remain silent. Anything you say can and will be used against you in the court of law. You have the right to talk to a lawyer and have him or her present with you while you are being questioned. If you cannot afford to hire a lawyer, one will be appointed to represent you before any questioning, if you wish"?!??!

Miranda vs. Arizona 1966

Who was Responsible for Launching this Initiative and what Project was to "provide unbiased, open, and objective means for manufacturers, law enforcement, and the legal community to assess the validity of tools used in computer forensics"?!?!?!?

National Institute of Standards and Technology (NIST) Launched the Computer Forensic Tool Testing project (CFTT)

The 1970's was known for ____,____, & ________? List 2 important events in 1978 & 1979?

Peace, Love, & Cyber-crimes -Florida, Fagler (1978) -Interpol (1979)

What is Slack Space?!?!

Portions of a hard drive that are not fully used by the current allocated file and which may contain data from a previously deleted file

What is "Evidence Integrity" defined as?!?

Reliability & Truthfulness of the evidence

Floopy Disks, CD's, USB's, thumb drives, memory cards are all examples of _______ ______ _______?!?!?

Removal Media Devices

Define Repeatability vs. Reproducibility

Repeatability-- same measurement procedure, same observer, same instrument, same period of time, same location Reproducibity-- Different Principle of Measurement, Observer, Method of Measurement

"Old Crimes w/ New Tricks" Is associated w/ what?

Salami Slicing

Who made this definition? Defining What?

Scientific Working Group on Digital Eviedence (SWGDE) Defining Digital Evidence

What Clause is where the defendant may "Plead the Fifth" so he/she does not have to answer any questions or provide testimony that might be self- incriminating"?!?!

Self-Incrimination Clause

Explain the difference w/ Hardware vs. software write-blockers?!?!

Software & hardware write blockers do the same job They prevent writes to storage devices. The main difference between the 2 types is: -Software write blockers are installed on a forensic computer workstation -- Hardware write blockers have write blocking software installed on a controller chip inside a portable physical device

Name the Supreme Court case concluded w/ a explanation of "Exigent Circumstances"?!?!?!?

State vs. Smith 2009

Expain the difference w/ Steganography vs. Encryption?!?!

Steganography deals with composing hidden messages so that only the sender and the receiver know that the message even exists. Encryption is the process of encoding messages or Info in such a way that only authorized people can read using an encryption algorithm, generating ciphertext that can only be read if decrypted

What phase was Characterized by the harmonization between computer forensic procedure/policy and computer crime legislation?!?!? (2 stage)

Structured Phase (Mid 1980s)

These 3 main events characterized what phase & When? 1. Several federal statutes criminalized various forms of hacking & wire fraud 2. Companies drafted appropriate use policies. 3. Courts encouraged the dev. of computer forensic tools that could withstand the courtroom

Structured Phase during the Mid 1980s

The _______ recommended "harmonization" of criminal laws penalizing computer fraud in 1980s.

The Organistion of Economic Co-operation and Development (OECD)

Define "Corpus delicti"?!?!?

The facts and circumstances constituting a breach of a law.

Explain what the 4th Amendment entails?

The right of people to be secure in their persons, houses, papers, and effects, against UNREASONABLE SEARCHES & SEIZURES if no Warrants have been issued upon probable cause particularly describing the place to be searched or things to be seized

In Evidence Integrity Transparency & _______ _ are crucial essential evidential aspects.

Validity

What is "Locard's Principle of Exchange"?!?!?

When a person comes into contact with an object or other person, a potential transfer of physical evidence can occur

Define what Wiping is?!?!

Wiping can perform various types and intensities of drive wiping operations overriding a system

What is a Write Blocker??

Write blocker is any tool that permits read-only access to data storage devices w/ out compromising the integrity of the data. A write blocker can guarantee the protection of the data chain of custody

Can digital Evidence may be used in both Criminal & Civil Cases? List 3 Examples

Yes 1. State of Florida vs. Casie Marie Anthony 2. Rotenburg Cannibal Case 3. Berryman-Dages city of Gainsville

What was important in United States v. Finley (2007)?!?!

important because the Search occurred post-arrest and the cell phone was retrieved from his pants pocket


Ensembles d'études connexes

Chapter 2- Economic impact of WW2 and post war development

View Set

Chapter 45- Antiarrhythmic Agents

View Set

nursing 6 unit 3 Brunner med surg Chapter 69: Management of Patients With Neurologic Infections, Autoimmune Disorders, and Neuropathies

View Set

14. ASU - CIS105 - Computer Applications and IT - Mid-term Exam

View Set