Computer Forensics Chapter 2

Ace your homework & exams now with Quizwiz!

Certified Forensic Computer Examiner (CFCE)

A certificate awarded by IACIS at completion of all portions of the exam

Certified cyber forensics professional (CCFP)

A certification form the ISC for completing the education and work experience and passing the exam

Which organization has guidelines on how to operate a digital forensics lab?

ASCLD

Building a business case can involve which of the following

All of the above

List two populare certification systems for digital forensics

IACIS HTCN EnCE ISFCE

Document with justification to management/lender for facility upgrades

Business Case

Certification from ISFCE

Certified Computer Examiner.

​What certification program, sponsored by ISC2, requires knowledge of digital forensics, malware analysis, incident response, e-discovery, and other disciplines related to cyber investigations?

Certified Cyber Forensics Professional

Certificate awarded by IACIS

Certified Forensic Computer Examiner (CFCE)

​Candidates who complete the IACIS test successfully are designated as a _______.

Certified Forensic Computer Examiner (CFCE)

Process of tracking of all upgrades and patches applied to computer's OS and applications

Configuration Mangement

Which tool below is not recommended for use in a forensics lab?​

Degausser

​How often should hardware be replaced within a forensics lab?

Every 12 to 18 months

A forensic workstation should always have a direct broadband connection to the Internet

FALSE

Digital forensics facilities always have windows

FALSE

Evidence storage containers should have several master keys.

FALSE

If a visitor ot your digital forensics lab is a personal friend, it's not necessary to have him or her sign the visitor's log?

FALSE

The ASCLD mandates the procedures established for a digital forensics lab

FALSE

Which file system below is utilized by the Xbox gaming system?​

FATX

A Faraday Cage acts as an evidence locker or safe to preserve the integrity of evieence.

False

Because they are outdated, ribbon cables should not be considered for use within a forensics lab.

False

The shielding of sensitive computing systems and prevention of electronic eavesdropping of any computer emissions is known as FAUST by the US Department of Defense

False

Universal Crime Records are generated as the federal, state and local levels to show the types and frequency of crimes commited.

False

Provides certification for computer crime investigators and digital forensics technicians.

High Tech Crime Network (HTCN)

_______ is a specialized viewer software program.

Irfan View

The manager of a digital fornesics lab is responsible for which of the following?

Making necessary changes in lab procedures and software Ensuring that staff members have enough training to do the job Knowing the lab objectives

Which organization provides goo dinformation on safe storage containers?

NISPOM

_______ describes the characteristics of a safe storage container.

NISPOM

_______ can be used to restore backup files directly to a workstation.

Norton Ghost

What items should your business plan include?

Physical security items, such as evidence lockers how many machines are needed what OS your lab commonly examines why you need certain software

What three items should you research before enlisting in a certification program?

Requirements cost acceptaility in your chosen area of employment

​Which option below is not a recommendation for securing storage containers?

Rooms with evidence containers should have a secured wireless network.

What name refers to labs constructed to shield EMR emissions

TEMPEST

An employer can be help liable for email harassment

TRUE

Why is physical security so critical for digital forensics labs?

To maintain the chain of custody and prevent data from being lost, corrupted, or stolen

A business case is a plan that can be used to sell your services to management or clients, in which a justification is made for acquiring newer and better resources to investigate digital forensics cases.

True

A disaster recovery plan ensures that workstations and file servers can be restored to their original condition in the event of a catastrophe.

True

As part of a business case, acquisition planning requires researching differnect products to determine which one is the best and most cost effective.

True

Linux Live CDs and WinFE disks do not automatically mount hard drives, but can be used to view file systmes.

True

The American Society of Crime Laboratry Directors (ASCLD) provides guidleines to members for managing a forensics lab and acquiring crime and forensics lab accreditation.

True

The recording of all updates made to a workstation or machine is referred to as configuration management.

True

Large digital forensics labs should have at least ______ exits?

Two

To determine the types of operating systems needed in your lab, list two sources of information you could use.

Uniform Crime Report statistics for your area and a list of cases handled in your area or at your company

Certified Computer Examiner (CCE)

a certification from the Interantional Society of Forensic Computer Examiners

business case

a document that provides justification to upper management or a lender for purchasing new equipment, software, or other tools when upgrading your facility.

secure facility

a facility that can be locked and allows limited access to the room's contents

digital forensics lab

a lab dedicated to digital investigations

High Tech Crime Network (HTCN)

a national organization that provides certification for computer crime investigators and digital forensics technicians

American Society of Crime Laboratory directors (ASCLD)

a national society that sets the standards, management, and autdit procedures for las used in crime analysis, including digital forensics labs used by the police, FBI and simiar organizations

TEMPEST

a term referring to facilities that have been hardened so that electrical signals form digital devices, computer network, sand telephone systems can't be monitored or accessed easily by someone outside the facility

Uniform Crime Report

information collected at the federal, state and local levels to determine the types of frequencies of crimes commited

Typically a _________ lab has a separate storage area or room for evidence

regional

risk management

the process of determining how much risk is acceptable for any process or operation, such as replacing equipment

configuration management

the process of keeping track of all upgrades and patches you apply to your computer's OS and applications

​In order to qualify for the Advanced Certified Computer Forensic Technician certification, a candidate must have _______ years of hands-on experience in computer forensics investigations.

five


Related study sets

Digital Media Marketing Strategy

View Set

Certmaster learn practice test pt. 1

View Set

chapter 15 insurance for senior citizens & special needs individuals / Chapter 16 federal tax considerations for health insurance

View Set

4. Anti-Inflammatory Drugs: Steroids

View Set