Cengage Chapter 4 - Processing Crime and Incident Scenes Flashcards
A computerized system for identifying fingerprints that’s connected to a central database; used to identify criminal suspects and review thousands of fingerprint samples at high speed.
Automated Fingerprint Identification System (AFIS)
Data generated by a computer, such as system log files or proxy server logs.
computer-generated records
Digital files generated by a person, such as electronic spreadsheets.
computer-stored records
Observing people or places without being detected, often by using electronic equipment, such as video cameras or keystroke/screen capture programs.
covert surveillance
A mathematical algorithm that translates a file into a unique hexadecimal value.
Cyclic Redundancy Check (CRC)
Evidence consisting of information stored or transmitted in electronic form.
digital evidence
A portable kit designed to process several computers and a variety of operating systems at a crime or incident scene involving computers. This kit should contain two or more types of software or hardware forensics tools, such as extra storage drives.
extensive-response field kit
A unique hexadecimal value that identifies a file or drive.
hash value
Chemical, biological, or radiological substances that can cause harm to people.
hazardous materials (HAZMAT)
A portable kit containing only the minimum tools needed to perform disk acquisitions and preliminary forensics analysis in the field.
initial-response field kit
Data that doesn’t contribute to evidence of a crime or violation.
innocent information
A value created by an encryption utility’s secret key.
keyed hash set
Wording in a search warrant that limits the scope of a search for evidence.
limiting phrase
Private-sector cases that require less investigative effort than a major criminal case.
low-level investigations
An algorithm that produces a hexadecimal value of a file or storage media. Used to determine whether data has been changed.
Message Digest 5 (MD5)
One of the governing bodies responsible for setting standards for some U.S. industries.
National Institute of Standards and Technology (NIST)
A unique hash number generated by a software tool and used to identify files.
nonkeyed hash set
Someone who might be a suspect or someone with additional knowledge that can provide enough evidence of probable cause for a search warrant or arrest.
person of interest
When conducting a search and seizure, objects in plain view of a law enforcement officer, who has the right to be in position to have that view, are subject to seizure without a warrant and can be introduced as evidence. Applied to conducting searches of computers, the plain view doctrine’s limitations are less clear.
plain view doctrine
The standard specifying whether a police officer has the right to make an arrest, conduct a personal or property search, or obtain a warrant for arrest.
probable cause
The motivation for law enforcement and other professional personnel to examine an incident or crime scene to see what happened.
professional curiosity
A group that sets standards for recovering, preserving, and examining digital evidence.
Scientific Working Group on Digital Evidence (SWGDE)
A forensic hashing algorithm created by NIST to determine whether data in a file or on storage media has been altered. See also National Institute of Standards and Technology (NIST).
Secure Hash Algorithm version 1 (SHA-1)
Detecting data transmissions to and from a suspect’s computer and a network server to determine the type of data being transmitted over a network.
sniffing
