Chapter 2

Question 1

An employer can be held liable for e-mail harassment.

Answer 1

T

Question 2

Building a business case can involve which of the following?

a. Procedures for gathering evidence
b. Testing software
c. Protecting trade secrets

Answer 2

All

Question 3

The ASCLD mandates the procedures established for a computer forensics lab. True or False?

Answer 3

False

Question 4

The manager of a computer forensics lab is responsible for which of the following? (Choose all that apply.)

a. Necessary changes in lab procedures and software
b. Ensuring that staff members have sufficient training to do the job
c. Knowing the lab objectives
d. None of the above

Answer 4

A, B, C

Question 5

To determine the types of operating systems needed in your lab, list two sources of information you could use.

Answer 5

Uniform Crime Report statistics for your area and a list of cases handled in your area or at your company.

Question 6

What items should your business plan include?

Answer 6

Physical security items, such as evidence lockers; how many machines are needed; what OS’s your lab commonly examines; why you need certain software; and how your lab will benefit the company (such as being able to quickly exonerate employees or discover whether they’re guilty)

Question 7

List two popular certification systems for computer forensics.

Answer 7

IAVIS, HTCN, EnCE

Question 8

Why is physical security so critical for digital forensics labs?

Answer 8

Integrity of the evidence.

Question 9

If a visitor to your computer forensics lab is a personal friend, it’s not necessary to have him or her sign the visitor’s log.

Answer 9

F

Question 10

What three items should you research before enlisting in a certification program?

Answer 10

Requirements, cost and acceptability in your chosen area of employment.

Question 11

Large computer forensics labs should have at least ____ exits?

Answer 11

Two

Question 12

Typically, a(n) ______ lab has a separate storage area or room for evidence.

Answer 12

Regional

Question 13

Computer forensics facilities always have windows. True or False?

Answer 13

F

Question 14

Evidence storage containers should have several master keys.

Answer 14

T

Question 15

A forensic workstation should always have a direct broadband connection to the Internet. True or False?

Answer 15

F

Question 16

Which organization provides good information on safe storage containers?

Answer 16

NISPOM

Question 17

Which organization has guidelines on how to operate a computer forensics lab?

Answer 17

ASCLD

Question 18

What term refers to labs constructed to shield EMR emissions?

Answer 18

TEMPEST

Question 19

American Society of Crime Laboratory Directors (ASCLD)

Answer 19

A national society that sets the standards, management, and audit procedures for labs used in crime analysis

Question 20

A national society that sets the standards, management, and audit procedures for labs used in crime analysis

Answer 20

American Society of Crime Laboratory Directors (ASCLD)

Question 21

business case

Answer 21

A document that provides justification to upper management or a lender for purchasing new equipment, software, or other tools when upgrading your facility

Question 22

A document that provides justification to upper management or a lender for purchasing new equipment, software, or other tools when upgrading your facility

Answer 22

business case

Question 23

Certified Computer Examiner (CCE)

Answer 23

A certification from the International Society of Forensic Computer Examiners

Question 24

A certification from the International Society of Forensic Computer Examiners

Answer 24

Certified Computer Examiner (CCE)

Question 25

Certified Cyber Forensics Professional (CCFP)

Answer 25

A certification from ISC for completing the education and work experience and passing the exam

Question 26

A certification from ISC for completing the education and work experience and passing the exam

Answer 26

Certified Cyber Forensics Professional (CCFP)

Question 27

Certified Forensic Computer Examiner (CFCE)

Answer 27

A certificate awarded by IACIS at completion

Question 28

A certificate awarded by IACIS at completion

Answer 28

Certified Forensic Computer Examiner (CFCE)

Question 29

configuration management

Answer 29

The process of keeping track of all upgrades and patches you apply to your computer’s OS and applications

Question 30

The process of keeping track of all upgrades and patches you apply to your computer’s OS and applications

Answer 30

configuration management

Question 31

digital forensics lab

Answer 31

A lab dedicated to digital investigations

Question 32

A lab dedicated to digital investigations

Answer 32

digital forensics lab

Question 33

High Tech Crime Network (HTCN)

Answer 33

A national organization that provides certification for computer crime investigators and digital forensics technicians

Question 34

A national organization that provides certification for computer crime investigators and digital forensics technicians

Answer 34

High Tech Crime Network (HTCN)

Question 35

Risk Managment

Answer 35

The process of determining how much risk is acceptable for any process or operation

Question 36

The process of determining how much risk is acceptable for any process or operation

Answer 36

Risk Managment

Question 37

Secure facility

Answer 37

A facility that can be locked and allows limited access to the room’s contents

Question 38

A facility that can be locked and allows limited access to the room’s contents

Answer 38

Secure facility

Question 39

TEMPEST

Answer 39

A term referring to facilities that have been hardened so that no electrical signals from digital devices, computer networks, and telephone systems can’t be monitored or accessed easily by someone outside the facility

Question 40

A term referring to facilities that have been hardened so that no electrical signals from digital devices, computer networks, and telephone systems can’t be monitored or accessed easily by someone outside the facility

Answer 40

TEMPEST

Question 41

Uniform Crime Report

Answer 41

Information collected at the federal, state, and local levels to determine the types and frequencies of crimes committed.

Question 42

Information collected at the federal, state, and local levels to determine the types and frequencies of crimes committed.

Answer 42

Uniform Crime Report

Question 43

IAVIS, HTCN, EnCE

Answer 43

two popular certification systems for computer forensics.