Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Digital Forensics > Digital Forensics 8 > Flashcards

Digital Forensics 8 Flashcards

1
Q

A packet is sent with the FIN flag turned on. If the port is open, this generates an error message. Remember that FIN indicates the communication is ended. Because there was no prior communication, an error is generated telling the hacker that this port is open and in use.

A

Fin Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

sends a TCP packet to the target with the URG, PUSH, and FIN flags set. The alternating bits turn on and off in the flags byte.

A

Christmas Tree Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

turns off all flags, creating a lack of TCP flags in the packet. This would never happen with real communications. It, too, normally results in an error packet being sent.

A

Null Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

GET Request to read a webpage

HEAD Request to read just the head section of a webpage

PUT Request to write a webpage

POST Request to append to a page

DELETE Remove the webpage

LINK Connect two existing resources

UNLINK Break an existing connection between two resources

A

HTTP Commands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Even though a router is just a special-purpose computer running a routing program, getting evidence from a router is quite different from getting evidence from a PC, laptop, or server. The first major difference is that with a router, you do not shut down the device and image it. The reason is that once you shut it down, you will have potentially lost valuable evidence.

A

info …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

he predicted that the trend would continue for at least 10 more years. In other words, he predicted, the number of transistors on an integrated circuit would double every 2 years for the next 10 years.

A

Moore’s Law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

a protected computer is any computer at a financial institution or a government agency. This provision basically means that if someone hacks into a protected system, law enforcement officials can track down and intercept all that perpetrator’s communications if they reasonably believe it is relevant to the investigation.

A

USA Patriot Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

(For Papers) Must state sources can use : CERT, the Federal Bureau of Investigation (FBI), the Secret Service, and the Cornell University Law School are all very reputable sources.

Whatever tool you choose to use, the index.dat file is a fantastic source of forensic information that cannot be overlooked in your forensic investigation.

A

info …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Digital Forensics (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions