Computer Forensics Chapter 1

Ace your homework & exams now with Quizwiz!

For digital evidence, an evidence bag is typically made of antistatic material. a. True b. False

a. True

A warning banner should never state that the organization has the right to monitor what users do. a. true b. false

b. false

Why should evidence media be write-protected? a. To make image files smaller in size b. To make sure data isn't altered c. To speed up the imaging process d. To comply with Industry standards

b. To make sure data isn't altered

Data collected before an attorney issues a memo for an attorney-client privilege case is protected under the confidential work product rule. a. true b. false

b. false

Why is professional conduct important? a. It includes ethics, morals, and standards of behavior b. It saves a company from using warning banners c. It helps with an investigation d. All of the above

a. It includes ethics, morals, and standards of behavior

What is one of the necessary components of a search warrant? a. Signature of an impartial judicial officer b. Professional ethics c. Standards of behavior d. Professional codes

a. Signature of an impartial judicial officer

The triad of computing security includes which of the following? a. Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation b. Vulnerability assessment, intrusion response, and monitoring c. Vulnerability assessment, detection, and monitoring d. Detection, response, and monitoring

a. Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation

What do you call a list of people who have had physical possession of the evidence? a. chain of custody b. evidence log c. evidence record d. affidavit

a. chain of custody

Embezzlement is a type of digital investigation typically conducted in a business environment. a. true b. false

a. true

One way to determine the resources needed for an investigation is based on the OS of the suspect computer, list the software needed for the examination. a. true b. false

a. true

Digital forensics and data recovery refer to the same activities. a. True b. False

b. False

Police in the United States must use procedures that adhere to which of the following? a. third amendment b. Fourth Amendment c. First Amendment d. None of the above

b. Fourth Amendment

Why should you do a standard risk assessment to prepare for an investigation? a. To discuss the case with the opposing counsel b. To list problems that might happen when conducting an investigation c. To obtain a search warrant d. To obtain an affidavit

b. To list problems that might happen when conducting an investigation

Under normal circumstances, a private-sector investigator is considered an agent of law enforcement. a. true b. false

b. false

You should always prove the allegations made by the person who hired you. a. true b. false

b. false

You shouldn't include a narrative of what steps you took in your case report a. true b. false

b. false

The purpose of maintaining a network of digital forensics specialists is to develop a list of colleagues who specialize in areas different from your own specialties in case you need help on an investigation. a. true b. false

a. true

List three items that should be on an evidence custody form. a. Name of the investigator, affidavit and name of the judge assigned to the case b. Case number, name of the investigator and nature of the case c. Description of the evidence, location of the evidence and search warrant d. Affidavit, search warrant, and description of the evidence

b. Case number, name of the investigator and nature of the case

What's the purpose of an affidavit? a. To list problems that might happen when conducting an investigation b. To provide facts in support of evidence of a crime to submit to a judge when requesting a search warrant c. To determine the OS of the suspect computer and list the software needed for the examination d. To specify who, what, when, and where—that is, specifics on place, time, items being searched for, and so forth

b. To provide facts in support of evidence of a crime to submit to a judge when requesting a search warrant

Policies can address rules for which of the following? a. The Internet sites you can or can't access b. When you can log on to a company network from home c. The amount of personal e-mail you can send d. Any of the above

d. Any of the above

Why should you critique your case after it's finished? a. To list problems that might happen when conducting investigation b. to maintain professional conduct c. to maintain chain of custody d. to improve your work

d. to improve your work


Related study sets

LearningCurve 14a. Introduction to Personality and Psychodynamic Theories

View Set

"Psychiatric/Mental Health Nursing - Psychobiological Disorders + Foundations"

View Set

Health Assessment Chapter 3 Questions

View Set

Spanish Vocab. 5B (To describe people and things)

View Set

Chapter 15: Introductory Psychology

View Set

Sin Cos Tan (90°,180°, 270°, 360°)

View Set

test 1, ch 2 radiation types, sources, doses received

View Set