Cybercrimes Final
What is the name for the device that allows read-only access to all accessible data on a drive and keeps anything from being written to an original drive?
?
Which phrase is used to describe the period prior to the development of a formal structure, protocol, training, and tools for forensic analyses?
Ad Hoc phase
Generally speaking, if a criminal suggests that their victim was asking for it, they are applying which technique of neutralization?
Denial of victim
Identify and describe two digital forensic tools.
FTK imager: The benefit is that the use of an image allows the investigator to prove that they have not made any modifications to the drive that could affect the forensic results. UFED: is a portable device used for forensically extracting data from cell phones.
What phrase references the process of searching for files and extracting that data without considering the larger file systems?
File carving
What standard recognizes that scientific evidence can only be admitted if it is generally viewed as reliable by the scientific community?
Frye standard
Identify and discuss one future trend in cybercrime offending and victimization
I could see there being issues with the cloud. You could store anything and everything on the cloud there have already been nude images of celebrities leaked
It is extremely important that digital forensic examiners are able to verify the authenticity of the digital evidence. Explain whether the courts should be concerned with the use of hash algorithms for verifying the authenticity of digital evidence.
I don't think they should worry, hash algorithms are unique to each entity they are attached to
Home security systems, thermostats, and appliances that can be controlled via the web are examples of the _______
Internet of Things
What US government agency operates the Computer Forensic Tool Testing Project?
National Institute of Standards and Technology (NIST)
A software program that is freely available, and can be modified, used, or shared with anyone is called:
Open source
What is the name for the doctrine that allows police to search and seize evidence that may not be indicated in a search warrant but is in plain view of the officer and incriminating?
Plain view
Identify four criteria for determining whether digital forensic expert testimony is admissible in court according to the Daubert standard. Assess each of these criteria and explain whether or not digiral forensic evidence should be admissible in court.
Scientifically Accepted- The first one is that if the test that is done for the expert testimony is actually accepted by the scientific community or not. Peer Review - The second one is that if the testimony has been first tested or thoroughly checked by the experts in the forensic department or not. Thoroughly Tested - The third factor in the standard is that if the expert testimony can be tested or not further for verifying the testimony Made legitimately - The fourth and the main one is that if the testimony is done without being biased or not that is the testimony is tested legally only and without any intention of making a particular testimony.
Maintaining evidence integrity is one of the most important steps in the digital forensic investigation. Provide some examples of how the integrity of evidence can be discredited during a digital forensic investigation. What are some ways in which law enforcement can ensure that evidence integrity is maintained during a digital forensic investigation?
Since the original evidence should never be subjected to a forensic examination because of the fragile nature of digital evidence. A forensic copy, however, can be examined, and, if something goes wrong, can be discarded, and the copy process can be repeated. Someone who is good at their job can make the copy identical to the original.
What is the name of the US bill that failed to pass in 2012 in order to combat rates of piracy and counterfeiting?
Stop Online Piracy Act
What is the name for services that allow individuals to remotely access files stored on web servers via the Internet?
The Cloud
Which theory made the most sense to you in explaining crimes in a virtual world? Why?
The rational choice theory makes more sense to me because that is based on choice. This is especially true when combined with the low self-control theory as well.
What are some of the problems law enforcement investigators face when collecting digital evidence from a crime scene?
They need special equipment which they wouldn't just carry on them, especially if tech was locked.
What is the name of the downloadable program individuals can use to anonymize their online activity from others that has been a focus of law enforcement investigations over the last few years?
Tor
Which of the following anonymization tools have been targeted by law enforcement to better identify cybercriminals?
Tor
Does the idea of a low-self-control hacker make sense to you? Why or Why not?
Yes. If someone has the skills that they learned just for fun but end up feeling the temptation to commit crime with it and they end up doing so it shows they do not have high self control
Search warrants are not required in which of the following circumstances in the US?
all of the above
What is the term used to describe the stage in the forensic process where data is retrieved and preserved?
collection/acquisition
The term ________ references direct relationships between police and the general public to identify certain forms of crime that are viewed as a challenge and finding ways to work together to combat the issue.
community policing
Which of the following is not a step in the process of digital forensic investigation?
consumption/assessment
What theory considers the decision-making processes of offenders and views the likelihood of offending as a judgment of risk relative to offending rewards?
deterrence theory
Akers' dynamic process of social learning begins with which of the following elements?
differential associations
What is the term used to describe a data storage device that is portable and located outside of a computer that can be connected via USB or other means?
external hard drive
Which of the following is not a part of the Daubert standard for the admissibility of scientific evidence?
grant funding
What is the term used to describe the tangible or physical parts of a computer system?
hardware
When an examiner validates that the hard drive image they are working with is an authentic duplicate of the original, they use a unique algorithm to generate a:
hash value
What is the term used to refer to files that have been manipulated in order to conceal the contents of the original file?
hidden files
Which of the following is the source of low self-control in the general theory of crime?
ineffective parenting
How rapidly developing Iot (Internet of Things) can help cybercriminals to commit crimes? Give at least 2 specific examples
iot is used to try and connect everything to the internet, meaning more targets for cybercriminals. This could be used in two ways. Ringdoor bell for a in person crime or something like your Smart Phone since they have a lot of your personal info
What is the term used for legislation that mandates an individual to provide encryption keys or passwords to law enforcement in digital forensic investigations?
key disclosure laws
What theory has been integrated with routine activities theory to account for individual differences in the risk of victimization?
low self control
Which of the following is not a component of routine activities theory?
low self-control
What is the term used to refer to the organization of a hard drive into separate storage spaces?
partitioning
What is the term used to refer to the copy and capture of original data files in a way that makes them available for analyses that minimizes the likelihood of error?
preservation
What is the name for a legal document signed by a judge or magistrate that authorizes law enforcement to conduct a search?
search warrant
How rapidly developing artificial intelligence technology can help cybercriminals to commit crimes? Give at least two specific examples.
self driving cars Automated financial investing.
What is the term used to refer to the process where individuals accept a radical ideology without directly engaging others as part of that movement?
self-radicalization
Identify and describe exceptions to the warrant requirement for a search and seizure.
stop-and-frisk when evidence is being destroyed when consent is provided plain view
Which of the following is not a type of strain identified in Agnew's general strain theory?
strain from achieving positively valued goals
What term is used to describe the period of time when forensic procedures and computer crime legislation began to harmonize?
structured phase
Which of the following is not a technique of neutralization?
support for social movements
Which of the following is not a part of the scientific method?
theory
Which of the following is not a specific criteria identified for imaging tools by NIST?
tools shall be affordable