Guide To Computer Forensics and Investigations 5th Ed Chapter 1 Review Questions

Ace your homework & exams now with Quizwiz!

List three items that should be on an evidence custody form.

Description, who handled the item(evidence), case number

What is professional conduct, and why is it important?

Ethics and morals Being a professional, it is necessary for the person to maintain his/her ethical behavior and to have good professional conduct.

What do you call a list of people who have had physical possession of the evidence?

Evidence custody form

Data collected before an attorney issues a memo for an attorney-client privilege case is protected under the confidential work product rule.True or false

False

Digital forensics and data recovery refer to the same activities.True or false

False

Under normal circumstances, a private-sector investigator is considered an agent of law enforcement.True or false

False

You should always prove the allegations=إثبات الادعاءات made by the person who hired you?. True or False?

False

Police in the United States must use procedures that adhere to which of the following?

Fourth Amendment

List two types of digital investigations typically conducted in a business environment.

Fraud and insider trading

What's the purpose of maintaining a network of digital forensics specialists?

Not everyone knows everything

What are some ways to determine the resources needed for an investigation?

Operating System

Why should you do a standard risk assessment to prepare for an investigation?

Prevent problems

Why should you critique your case after it's finished?

Self-evaluation and peer review are essential parts of professional growth. After you complete a case, review it to identify successful decisions and actions and determine how you could have improved your performance.

What's the purpose of an affidavit? affidavit=إفادة خطية

Support of facts

What are the necessary components of a search warrant?

Swore statement,بيان اليمين الدستورية verified_user crime statement, judge needs to sign document

Why should evidence media be write-protected?

To make sure it's not altered or deleted

For digital evidence, an evidence bag is typically made of antistatic material.True or false

True

The triad of computing security includes which of the following?

Vulnerability/threat assessment and risk management, network intrusion detection and incident response, and digital investigation

List two items that should appear on a warning banner.

Warning! Unauthorized Access will be prosecuted!!

List three items that should be in your case report.

What was done, what was found, and what actions were taken during the investigation.

Policies can address rules for which of the following?

a. When you can log on to a company network from home b. The Internet sites you can or can't access c. The amount of personal e-mail you can send d. Any of the above Answer D


Related study sets

Chapter 11: Statement of Cash Flows

View Set

Chapter 43 - Restorative and Esthetic Dental Materials

View Set

Introduction to Macroeconomics (Chapter 5: Long Run Economic Growth)

View Set

Maternity: FINAL chapters 1,2,3,10,11,12,19,20,21,13,14, 5,6,7,8,9,22

View Set