Final Exam Review

Ace your homework & exams now with Quizwiz!

True

. By the 1970s, electronic crimes were increasing, especially in the financial sector

True

. In 1999, Salesforce.com developed a customer relationship management (CRM) Web service that applied digital marketing research to business subscribers so that they could do their own market analysis; this service eventually led the way to the cloud

Business Case

. In the ____, you justify acquiring newer and better resources to investigate digital forensics cases

Warrant

. Law enforcement investigators need a(n) ____ to remove computers from a crime scene and transport them to a lab.

True

. Like UNIX e-mail servers, Exchange maintains logs to track e-mail communication

3

. Most packet analyzers operate on layer 2 or ____ of the OSI model.

Zoho

. Some popular Web-based e-mail service providers are Gmail, ____, Outlook Online, and Yahoo!

True

. Specially trained system and network administrators are often a CSP's first responders

Report

. To complete a forensic disk analysis and examination, you need to create a ____.

Type 1

. ____ hypervisors are typically, but not exclusively, loaded on servers or workstations with a lot of RAM and storage

Lossy

.____ compression compresses data by permanently discarding bits of information in the file

Scope Creep

.____ increases the time and resources needed to extract, analyze, and present evidence

Defense in depth

.____ is a layered network defense strategy developed by the National Security Agency (NSA).

Virtual Machine

A ____ enables you to run another OS on an existing physical computer (known as the host computer) by emulating a computer's hardware environment

Court order

A ____ is written by a judge to compel someone to do or not do something, such as a CSP producing user logon activities

Disaster recovery

A ____ plan specifies how to rebuild a forensic workstation after it has been severely contaminated by a virus from a drive you're analyzing

warning banner

A ____ usually appears when a computer starts or connects to the company intranet, network, or virtual private network (VPN) and informs end users that the organization reserves the right to inspect computer systems and network traffic at will.

True

A challenge with using social media data in court is authenticating the author and the information

True

A judge can exclude evidence obtained from a poorly worded warrant.

Steel

A secure storage container or cabinet should be made of ____ and include an internal cabinet lock or external padlock

True

A separate manual validation is recommended for all raw acquisitions at the time of analysis

KFF

AccessData ____ compares known file hash values to files on your evidence drive or image files to see whether they contain suspicious data

True

After a judge approves and signs a search warrant, it's ready to be executed, meaning you can collect evidence as defined by the warrant

True

After retrieving and examining evidence data with one tool, you should verify your results by performing the same tasks with other similar forensics tools

MD5

Autopsy uses____to validate an image

True

Because bring your own device (BYOD) has become a business standard, investigators must consider how to keep employees' personal data separate from case evidence

True

Before OS X, the Hierarchical File System (HFS) was used, in which files are stored in directories (folders) that can be nested in other directories.

True

Bitmap images are collections of dots, or pixels, in a grid format that form a graphic

File Header

Changing the extension on a file name does not change the file type in the _______.

False

Corporate investigators always have the authority to seize all computer equipment during a corporate investigation.

Warrant

Criminal investigations are limited to finding data defined in the search ____.

False

E-mail crimes and violations rarely depend on the city, state, and country in which the e-mail originated.

None of the above is correct.

Frequency-hopping is used by CDMA as both a security measure and to increase cell tower throughput. Frequency hopping was patented by _______.

TDMA (Time Division Multiple Access)

Global System for Mobile Communications (GSM) uses the ____ technique, so multiple phones take turns sharing a channel.

True

If a file contains information, it always occupies at least one allocation block.

True

If a graphics file is fragmented across areas on a disk, you must recover all the fragments before re-creating the file.

..pst

In Microsoft Outlook, you can save sent, drafted, deleted, and received e-mails in a file with a file extension of ____.

SYN flood

In a(n) ____ attack, the attacker keeps asking your server to establish a connection

Resource

In macOS, w hen you're working with an application file, the ____ fork contains additional information, such as menus, dialog boxes, icons, executable code, and controls

1024

In the NTFS MFT, all files and folders are stored in separate records of ____ bytes each

False

Most basic phones use the same OSs as PCs

/etc/exports

On a Linux computer, ____ represents file systems exported to remote hosts

Availability

One of the pillars of cybersecurity is the CIA Triad. The 'A' stands for _________.

True

Private-sector cases, such as employee abuse investigations, might not specify limitations in recovering data.

True

Some acquisition tools don't copy data in the host protected area (HPA) of a disk drive

International Telecommunications Union

The 3G standard was developed by the ____ under the United Nations

True

The type of file system an OS uses determines how data is stored on the disk.

Spudger

This device is called a ______ and is a non-conducting probe used to form, shape, guide, and separate fine computer wire terminals, telephone wires and cables

Virtualization as a service

Which of the following is not a service level for the cloud?


Related study sets

Cerebral Cortex: Frontal & Parietal Lobes

View Set

Chapter 6 Project Time Management

View Set

Life, Accident, And Health Insurance Exam

View Set

Protons, Neutrons, and Electrons

View Set

Test 4 Chapter 9: The Russian Domain

View Set