Data Forensics I PRETEST

Ace your homework & exams now with Quizwiz!

When was the Freedom of Information Act originally enacted?

1960s

When recovering evidence from a contaminated crime scene, the investigator should take measures to avoid damage to the drive from overheating. At what temperature should the investigator take action?

80 degrees or higher

What does the investigator in a criminal or public-sector case submit, at the request of the prosecuting attorney, if he or she has enough information to support a search warrant?

An affidavit

What term refers to the individual who has the power to conduct digital forensic investigations?

Authorized requester

In what process is the acquisition of newer and better resources for investigation justified?

Building a business case

A technician is trying to recover information on a computer that has been hidden or deleted on purpose in order to hide evidence of a crime. Which type of task is the technician performing?

Data recovery

The file or folder's MFT record provides cluster addresses where the file is stored on the drive's partition. What are these cluster addresses called?

Data runs

What term refers to a person using a computer to perform routine tasks other than systems administration?

End user

What must be done, under oath, to verify that the information in the affidavit is true?

It must be notarized

What type of acquisition is used for most remote acquisitions?

Live

What is most often the focus of digital investigations in the private sector?

Misuse of digital assets

Which filename refers to the Windows XP system service dispatch stubs to executables functions and internal support functions?

Ntdll.dll

What type of evidence do courts consider evidence data in a computer to be?

Physical

If your time is limited, what type of acquisition data copy method should you consider?

Sparse

Which technique can be used for extracting evidence from large systems?

Sparse acquisition

Under what circumstances are digital records considered admissible?

They are business records

What command works similarly to the dd command but has many features designed for computer forensics acquisitions?

dcfldd

See all study sets

Data Forensics I PRETEST

Related study sets

MGMT 330 - Exam #3

Azure Data Fundamentals

Chapter 48 Diabetes Mellitus

Sociology Exam 1

geog exam 1

chap 40 child with neuromuscular

John Snow & Cholera

Environmental Bio Final

Finance Exam Wrong Answered Questions Chapter 4

Types of Biotechnology

CH. 20 Practice

Chapter 10: Global Inequality

Mod 8 SLAAC and DHCPv6 HW Homework in Homework

Module 5 MGMT 417 Affirmative Action

3rd trimester practice exam help

GBS 151 Intro to business lesson 1 - 6

ATI Med Surg Exam 1 Practice Questions

VSIM Josephine Morrow Pre-Sim & Post-Sim Answers

CHM 161 midterm

capitulo 8 human anatomy and Physiology examen 2