intro digital forensics final

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following describes processes for gathering digital evidence in an organization, handling privileged and private data, training staff, handling data stored offsite, and other procedures for international entities?

Anti-Cartel enforcement manual

What types of trials do state supreme courts hear?

Appelate

Which of the following would be considered alternative dispute resolution?

Arbitration

what are documents assigned when they are produced as a result of a discovery request?

Bates Number

what are documents assigned when they are produced as a result of a request

Bates Number

What numbering system includes a prefix that denotes the document source?

Bates stamping

What is a document called that has redaction marks that cant be removed

Burned-in

which law came into effect in 1986 to address the growing problem of computers being hacked?

CFAA

what must be followed to ensure that evidence has not been tampered with or altered

Chain of Custody

Which case illustrated a fourthb amendment voilatoin os search incident to arrest

Chimel V California

Where does a plaintiff take a federal case in which there is a disagreement over the verdict?

Circuit court

What are the ninety Four federal district courts divided into?

Circuit courts

Which Law proposed by the eu parliament would require explicit consent to being tracked on the websites?

Cookie law

Which party is likely to act in a neutral position between multiple defendants?

Coordinating attorney

Which of the following is authorized and trained to collect and transport digital evidence at an investigation scene as difined in ISO, 2012.

DEFR

In what type of hearing is expert ask the judge if he testify to be an expert

Daubert hearing

The process of retrieving evidence from the data of an encrypted hard drive would be considered the jon of which of the following?

Device Forensics expert

Why can date searches be problematic

Differing date formats

In criminal casese, which of the following is a role similar to an e-discovery project manager in civil cases?

Discovery attourney

What was developed during the 1970s to make exchanging information electronically easier?

EDI

Which of the following is a method devised for handling an overwhelming amount of electronic evidence that attorneys must deal with?

EDRM

Which of the following is true about government searches of e-mail files?

Email older than 180 days doesnt require a warrant

What allows law enfocement to size information without a warrant if they believe evidence could be destroyed?

Exigent circumstances

A request for production requires the opposing party to respond verbally under oath

False

According to recent studies litigation involving esi costs considerably less than cases without ESI

False

Civil attorneys tend to rely on OS metadata rather than Metadata embedded in documents

False

Defense attorneys usually have forensic examiners on staff and rarely use consultants

False

E-discovery certifications have been approved and recognized by the ABA

False

In general, states rules regarding ESI can be more lenient than federal rules?

False

In the edrm, the collection stage comes before the preservation stage

False

Metadata is a legal term that referes to the actual information being retrieved

False

Privacy laws have kept pace with technology advancements quite closely

False

The american digest system contains statues and cases for only Ohio and New york

False

students researching case law typically begin with lexisnexis

False

using a broad scope for data collection requires configuring search criteria in the software tools used for collecting data

False

when the recycle bin is emptied in windows the files can no longer be recovered

False

What type of document search uses wildcards and other methods to allow for variances in spelling and typing mistakes?

Fuzzy

Which of the following is an example of metadata

GPS data for a photo

If you suspect computer discover material has been deleted or altered what should you try to acquire?

Hard drive image

Which task most likely to require a digital forensics tool

Hard drive image capture

Under what circumstances may police search data on a cell phone taken from a man that is arrested

In exigent circumstances

Which provision was upheld in uS v Stabile in wihich child pornography was found while investigating evidence of counterfeiting?

Inevitable discovery

Which concept is illistrated by the scenario in which a persons car is searched after it has been impounded for being illegally parked?

Inventory Search

Which of the following is not among the fields recommended to be included in e-mail production?

Mail server address

Which of the following is not a typical perpective that affects how people aprroach e-discovery project?

Medical professional

What format is used on documents that dont lend themselves easily to TIF conversion?

Near-native

What type of software can be used to index the text contained in scanned pictures of documents

OCR

What type of software is used to conver word images into searchable text?

OCR

which of the following is not an advantage of web-based repositories?

Only a single attorney at a time can access the data

In what format are attorneys required to file doccuments with the court

PDF

Which of the following is not a drawback of automated review?

Paper document searching

What can result from the cases outcome if the situation a case involves hasn't been tried before?

Precedent

Which of the following is a term used to describe work done by an attorney to help those that cant afford their services?

Pro bono

why might location of data be a consideration when planning discovery scope?

Property law vary by country

In a civil case, what can be applied to trade secrets or highly confidential documents to shield them from the public view?

Protective order

what is served on an opposing party that asks the opposing party to accept or deny certain facts of the case in writing and under oath

Request for admission

which was something corporate scandal

Sabranes oxley

Which of the following is a law that requires publicly held corporations to maintain e-mail records for five years?

Sarbanes-Oxley

What topic was involved in the US V comprehensive drug testing inc case heard by the ninth circuit court in 2010?

Scope of a warrant

What does the lead attorney establish that is typically used as a review filter

Search Protocols

What legal instrument is usually bypassed in civil e-discovery that is required for discovery in criminal cases?

Search warrant

Which of the following is not one of the way records can be obtained according to the act

Search warrant with previous notice

Which of the following were created by a group of lawyers and other professionals as guidelines for handling electronic documents?

Sedona Principles

What does the 1928 Olmstead V. US case make evident when examing the history of e-discovery?

Technology is frequently ahead of the law

Which of the following is a service that allowed students to access mainframes removely but is not secure?

Telnet

Which of the following is true about duty to preserve ESI data?

The FRCP can require inaccessible data to be produced

Why might you want to use the accessdata forensic toolkit?

To view document metadata

Aranet was the precurser to the internet

True

Authur Andersen was charged with obstruction of justice after destroying documents related to its audit of Enron

True

Case Law determines how laws are applied and is based on previous rulings

True

Cloud storage has complicated e-discovery as it relates to email

True

Consultants that give testimony are considered expert witnesses

True

If a backpack is carried by a suspect who is arrested police may inventory its contents?

True

Most litigation database and trial presentation tools were developed to be used with TIF and OCR files

True

Prior to the explosion of the internet, most hackers were employees of the organizations they hacked into.

True

The State-Province table reflects how laws can vary between states or provinces in a country.

True

The fourth amendment states that an expectation of privacy inside the home is reasonable

True

The objetive of a privilege log is to disclose information to the opposition so that its clear what has been specified as privleged and why

True

The sedona Canada principles and the ontario checklist for perparing a discovery plan are part of Canadian procedural law

True

accessing voicemail stored on the service providers servers requires a subpoena or a warrant

True

redaction marks and bates numbers cant be removed from burned-in documents

True

Which of the following was developed as the result of burgeoning e-commerce in the 1990s, focused on civil procedures, and has been a basis for e-discovery world wide?

UN Model law

which of the following establishes the requirements for electonic data interchange between countries?

UNECE

What do many large corporations require their outside counsel to use to track case outcomes and costs?

UTBMS

Which of the following is the capability to store a variety of communication types in the same inbox?

Unified messaging

Which of the following are not among the three main groups adressed by the IGRM model

Vendors and customers

The EEOC vs JPMORGAN chase bank, 2013 case provided an example of which of the following?

Voilation of a litigation hold

Which situation is broad e-discover scope most feasible

company with small IT infrastructure

Which form of discover takes an oral argument from a witness under oath before trial

deposition

IN criminal cases which is a role similar to a e-disovery project manager in civil cases

discovery attourney

which of the following is likely to hinder the data collection process

encrypted data

E-discovery is the use of advanced electronic surveillance to catch criminals in the act.

flase

Where should you look if you want to find what camera was used to take a photograph

in the EXIF Header

Which of the following is true about e-discovery

it can be thought of as data mining

Which of the following is not necessary for effectively managing e-discovery?

merging the IT and midical professions

Which desribes a protected computer

one used by financial institution for commerce or communication

what does the e-discovery scope help to determine

the amount of data collected

ISO 27037:2012 was developed for which of the following purposes

to describe how to respond to an investigation after the fact or in real time

Cloud computering is a model in which computeing recourses are hosted remotely

true

The EDRM preservation stage is crigical because ESI can be inadverently altered during collection

true


Set pelajaran terkait

Psychology Assessment 1 Chapter 2

View Set

Ch. 16 -- Innate Immunity: Nonspecific Defenses of the Host

View Set

APUSH FINAL REVIEW Ch. 12, 13, & 14 + Kahoot

View Set

Theatre of the AIDS Epidemic Comprehensive Quiz

View Set

Passpoint - Basic Physical Assessment

View Set

Estructura 1.3 - 1 - Identificar

View Set

CTS1168C CHAPTER 3: Managing Data

View Set