Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Computer Crime > Chapter 10: Reports > Flashcards

Chapter 10: Reports Flashcards

1
Q

what is the foundation to your reporting

A

your notes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are the fundamental elements of notetaking

A
  • when you did smth
  • what you did
  • what you saw
  • why you did smth
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

when does notetaking start

A
  • when you get the notification/ you have to respond to the scene
  • including time, who notified you, when you arrive at scene
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

why are we willing to alter digital evidence when collecting RAM

A

cause it would be lost if it wasn’t collected in time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

are notes taken by hand or digital?

A

up to the person (but be consistent)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is the purpose of the report

A
  • to document the results of your examination
  • can be used in court/ administrative proceedings
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is a general template that can address the technical and non-technical audience

A
  • administrative info
  • executive summary
  • narrative
  • exhibits/ technical details
  • glossary
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what sort of info is in the administrative section

A
  • name of agency, case number, participants
  • when it started and what happened before you were called onto the case
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what sort of info is in the executive summary

A
  • should only be 10% of report
  • short, concise paragraphs
  • follow same timeline as narrative
  • not include info not in narratuve
  • contain findings/ conclusions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is the difference between the executive summary and narrative

A
  • executive summary is in easy plain language that anyone can understand, and very summed up and to the point
  • narrative explains EVERYTHING with the precise terms for the experts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what are the sections within the narrative

A
  • evidence analyzed
  • acquisition details
  • analysis details
  • exhibit/ technical details
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is described in the evidence analyzed section of the narrative

A

include all evidence examined, including make/model, serial numbers etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what is described in the acquisition details section of the narrative

A
  • describe the acquisition process of creating the forensic image(s)
  • hardware/software used in the process and version numbers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what is described in the analysis details section of the narrative

A
  • analyse the artifacts and explain why it is relevant to the investigation to the reader
  • include ss, AND explain what the ss is showing, don’t assume they know what the ss means
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is described in the exhibit/ technical details section of the narrative

A
  • ss of the artifacts should be placed here
  • include output reports of the tools used in the exam process
  • literally anything you reference in your narrative should be here
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
A

Computer Crime (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions