intro digital forensics final
Which of the following describes processes for gathering digital evidence in an organization, handling privileged and private data, training staff, handling data stored offsite, and other procedures for international entities?
Anti-Cartel enforcement manual
What types of trials do state supreme courts hear?
Appelate
Which of the following would be considered alternative dispute resolution?
Arbitration
what are documents assigned when they are produced as a result of a discovery request?
Bates Number
what are documents assigned when they are produced as a result of a request
Bates Number
What numbering system includes a prefix that denotes the document source?
Bates stamping
What is a document called that has redaction marks that cant be removed
Burned-in
which law came into effect in 1986 to address the growing problem of computers being hacked?
CFAA
what must be followed to ensure that evidence has not been tampered with or altered
Chain of Custody
Which case illustrated a fourthb amendment voilatoin os search incident to arrest
Chimel V California
Where does a plaintiff take a federal case in which there is a disagreement over the verdict?
Circuit court
What are the ninety Four federal district courts divided into?
Circuit courts
Which Law proposed by the eu parliament would require explicit consent to being tracked on the websites?
Cookie law
Which party is likely to act in a neutral position between multiple defendants?
Coordinating attorney
Which of the following is authorized and trained to collect and transport digital evidence at an investigation scene as difined in ISO, 2012.
DEFR
In what type of hearing is expert ask the judge if he testify to be an expert
Daubert hearing
The process of retrieving evidence from the data of an encrypted hard drive would be considered the jon of which of the following?
Device Forensics expert
Why can date searches be problematic
Differing date formats
In criminal casese, which of the following is a role similar to an e-discovery project manager in civil cases?
Discovery attourney
What was developed during the 1970s to make exchanging information electronically easier?
EDI
Which of the following is a method devised for handling an overwhelming amount of electronic evidence that attorneys must deal with?
EDRM
Which of the following is true about government searches of e-mail files?
Email older than 180 days doesnt require a warrant
What allows law enfocement to size information without a warrant if they believe evidence could be destroyed?
Exigent circumstances
A request for production requires the opposing party to respond verbally under oath
False
According to recent studies litigation involving esi costs considerably less than cases without ESI
False
Civil attorneys tend to rely on OS metadata rather than Metadata embedded in documents
False
Defense attorneys usually have forensic examiners on staff and rarely use consultants
False
E-discovery certifications have been approved and recognized by the ABA
False
In general, states rules regarding ESI can be more lenient than federal rules?
False
In the edrm, the collection stage comes before the preservation stage
False
Metadata is a legal term that referes to the actual information being retrieved
False
Privacy laws have kept pace with technology advancements quite closely
False
The american digest system contains statues and cases for only Ohio and New york
False
students researching case law typically begin with lexisnexis
False
using a broad scope for data collection requires configuring search criteria in the software tools used for collecting data
False
when the recycle bin is emptied in windows the files can no longer be recovered
False
What type of document search uses wildcards and other methods to allow for variances in spelling and typing mistakes?
Fuzzy
Which of the following is an example of metadata
GPS data for a photo
If you suspect computer discover material has been deleted or altered what should you try to acquire?
Hard drive image
Which task most likely to require a digital forensics tool
Hard drive image capture
Under what circumstances may police search data on a cell phone taken from a man that is arrested
In exigent circumstances
Which provision was upheld in uS v Stabile in wihich child pornography was found while investigating evidence of counterfeiting?
Inevitable discovery
Which concept is illistrated by the scenario in which a persons car is searched after it has been impounded for being illegally parked?
Inventory Search
Which of the following is not among the fields recommended to be included in e-mail production?
Mail server address
Which of the following is not a typical perpective that affects how people aprroach e-discovery project?
Medical professional
What format is used on documents that dont lend themselves easily to TIF conversion?
Near-native
What type of software can be used to index the text contained in scanned pictures of documents
OCR
What type of software is used to conver word images into searchable text?
OCR
which of the following is not an advantage of web-based repositories?
Only a single attorney at a time can access the data
In what format are attorneys required to file doccuments with the court
Which of the following is not a drawback of automated review?
Paper document searching
What can result from the cases outcome if the situation a case involves hasn't been tried before?
Precedent
Which of the following is a term used to describe work done by an attorney to help those that cant afford their services?
Pro bono
why might location of data be a consideration when planning discovery scope?
Property law vary by country
In a civil case, what can be applied to trade secrets or highly confidential documents to shield them from the public view?
Protective order
what is served on an opposing party that asks the opposing party to accept or deny certain facts of the case in writing and under oath
Request for admission
which was something corporate scandal
Sabranes oxley
Which of the following is a law that requires publicly held corporations to maintain e-mail records for five years?
Sarbanes-Oxley
What topic was involved in the US V comprehensive drug testing inc case heard by the ninth circuit court in 2010?
Scope of a warrant
What does the lead attorney establish that is typically used as a review filter
Search Protocols
What legal instrument is usually bypassed in civil e-discovery that is required for discovery in criminal cases?
Search warrant
Which of the following is not one of the way records can be obtained according to the act
Search warrant with previous notice
Which of the following were created by a group of lawyers and other professionals as guidelines for handling electronic documents?
Sedona Principles
What does the 1928 Olmstead V. US case make evident when examing the history of e-discovery?
Technology is frequently ahead of the law
Which of the following is a service that allowed students to access mainframes removely but is not secure?
Telnet
Which of the following is true about duty to preserve ESI data?
The FRCP can require inaccessible data to be produced
Why might you want to use the accessdata forensic toolkit?
To view document metadata
Aranet was the precurser to the internet
True
Authur Andersen was charged with obstruction of justice after destroying documents related to its audit of Enron
True
Case Law determines how laws are applied and is based on previous rulings
True
Cloud storage has complicated e-discovery as it relates to email
True
Consultants that give testimony are considered expert witnesses
True
If a backpack is carried by a suspect who is arrested police may inventory its contents?
True
Most litigation database and trial presentation tools were developed to be used with TIF and OCR files
True
Prior to the explosion of the internet, most hackers were employees of the organizations they hacked into.
True
The State-Province table reflects how laws can vary between states or provinces in a country.
True
The fourth amendment states that an expectation of privacy inside the home is reasonable
True
The objetive of a privilege log is to disclose information to the opposition so that its clear what has been specified as privleged and why
True
The sedona Canada principles and the ontario checklist for perparing a discovery plan are part of Canadian procedural law
True
accessing voicemail stored on the service providers servers requires a subpoena or a warrant
True
redaction marks and bates numbers cant be removed from burned-in documents
True
Which of the following was developed as the result of burgeoning e-commerce in the 1990s, focused on civil procedures, and has been a basis for e-discovery world wide?
UN Model law
which of the following establishes the requirements for electonic data interchange between countries?
UNECE
What do many large corporations require their outside counsel to use to track case outcomes and costs?
UTBMS
Which of the following is the capability to store a variety of communication types in the same inbox?
Unified messaging
Which of the following are not among the three main groups adressed by the IGRM model
Vendors and customers
The EEOC vs JPMORGAN chase bank, 2013 case provided an example of which of the following?
Voilation of a litigation hold
Which situation is broad e-discover scope most feasible
company with small IT infrastructure
Which form of discover takes an oral argument from a witness under oath before trial
deposition
IN criminal cases which is a role similar to a e-disovery project manager in civil cases
discovery attourney
which of the following is likely to hinder the data collection process
encrypted data
E-discovery is the use of advanced electronic surveillance to catch criminals in the act.
flase
Where should you look if you want to find what camera was used to take a photograph
in the EXIF Header
Which of the following is true about e-discovery
it can be thought of as data mining
Which of the following is not necessary for effectively managing e-discovery?
merging the IT and midical professions
Which desribes a protected computer
one used by financial institution for commerce or communication
what does the e-discovery scope help to determine
the amount of data collected
ISO 27037:2012 was developed for which of the following purposes
to describe how to respond to an investigation after the fact or in real time
Cloud computering is a model in which computeing recourses are hosted remotely
true
The EDRM preservation stage is crigical because ESI can be inadverently altered during collection
true
