Forensics 8
Bitmap images store graphics info as grids of __________, sorts for "picture elements."
Pixels
When you decompress data that uses a lossy compression algorithm, you regain data lost by compression.
False
The two major forms of steganography are ____________________ and substitution.
Insertion
The __________ is the best source for learning more about file formats and their extensions.
Internet
What can investigators learn using Exif format metadata, and how is this data accessed?
Investigators can learn more about the type of digital camera and the environment in which photos were taken. Investigators must use special programs, such as Exif Reader, Irfan View, or ProDiscover, which has a built-in Exif viewer, in order to access the metadata.
compression which does not discard data in compressed files
Lossless compression
____ compression compresses data by permanently discarding bits of information in the file.
Lossy
Select below the utility that is not a lossless compression utility:
Lzip
When looking at a byte of information in binary, such as 11101100, what is the first bit on the left referred to as?
Most Significant Bit
The first 3 bytes of an XIF file are exactly the same as a TIF file.
TRUE
Each graphics file type has a unique header value.
True
Graphics files are created and saved in the graphics editor, such as Microsoft Paint, Adobe Freehand MX, Adobe Photoshop, or Gnome GIMP
True
ProDiscover adds a ______ extension automatically on all copied clusters the Recover Clusters function exports.
txt file
graphics based on mathematical instructions to form lines, curves, text, and other geometric shapes
vector graphics
The ______ format is an image format produced by the Nuance PaperPort scanning program.
xif
In simple terms, _____________ compression discards bits in much the same way rounding off decimal values discards numbers.
Vector Quantization
a form of compression that uses an algorithm similar to rounding off decimal values to eliminate unnecessary bits of data
Vector Quantization (VQ)
Which of the following is not considered to be a non-standard graphics file format?
.dxf
Which of the following formats is not considered to be a standard graphics file format?
.dxf
How many bits are required to create a pixel capable of displaying 65,536 different color
16 bits
How many different colors can be displayed by a 24 bit colored pixel?
16,777,216
What act defines precisely how copyright laws pertain to graphics?
1976 Copywright Act
All TIF files start at offset 0 with what 6 hexadecimal characters
49 49 2A
Which graphics file format below is rarely compressed?
BMP
When using steganography to hide messages, why is it better to change the least significant bits of an image, and how is this detected?
Changing the most significant bit (highest priority bit) on the left will cause a greater change in the pixel's color than changing the least significant bit. Generally speaking, only the last two LSBs in an image can be changed without producing a noticeable change in the shad of the color a pixel displays. To detect a change to the last two LSBs in a graphics file, a steganalysis tool must be used.
The process of converting raw picture data to another format is called _________________.
Demosaicing
A file format that Japan Electronics and Information Technology Industries Association (JEITA) developed as a standard for storing metadata in JPEG and TIF files
ExiF (exchangeable image file)
A standard JFIF JPEG has a header value of _____________ from offset 0 and the label name JFIF starting at offset 6.
FF D8 FF E0
For all JPEG files, the ending hexadecimal marker, also known as the end of image (EOI), is ____________
FFD9
For EXIF JPEG files, the hexadecimal value starting at offset 2 is _____________.
FFE1
Most digital cameras use the bitmap format to store photos.
False
collections of dots, or pixels, in a grid format that form a graphic
bitmap images
the process of recovering file fragments that are scattered across a disk
carving
The process of converting raw picture data to another format, such as JPEG or TIF
demosaicing
What format was developed as a standard for storing metadata in image files?
exif
the results of keyword searches that contain the correct match but aren't relevant to the investigation
false positives
What file type starts at offset 0 with a hexidecimal value of FFD8?
jpeg
The Lempel-Ziv-Welch (LZW) algorithm is used in _____________ compression.
lossless
Whatkind of graphics file combines bitmap and vector graphics types
metafile
graphics files that are combinations of bitmap and vector images
metafile graphics
less common graphics file formats, including proprietary formats, newer formats, formats that most image viewers don't recognize, and old or obsolete formats
nonstandard graphics file formats
The _____________ format is a proprietary format used by Adobe Photoshop.
psd
Which of the following is not a type of graphic file that is created by a graphics program?
raster graphics
collection of pixels stored in rows rather than a grid, as with bitmap images, to make graphics easier to print; usually created when a vector graphic is converted to a bitmap image
raster images
Referred to as a digital negative, the _______ is typically used on many higher-end digital cameras.
raw file format
