Forensic Fundamentals

Question 1

18 USC § 1029

Answer 1

Cannot use a computer to commit fraud

Question 2

18 USC § 1030

Answer 2

Computer Fraud and Abuse Act

Question 3

ECPA

Answer 3

Electronic Communications Privacy Act

Question 4

CALEA

Answer 4

Communications Assistance for Law Enforcement Aid

Question 5

What does the ECPA Dictate

Answer 5

Cannot intercept unauthorizated communications through electronic means

Question 6

What does the CALEA dictate

Answer 6

Allows police to surveil digital communications

Question 7

EEA

Answer 7

Economic Esponiage Act

Question 8

What does the EEA say?

Answer 8

Cannot steal trade secrets even commercially

Question 9

Rule 402

Answer 9

Test for Relevant Evidence

Question 10

Rule 502

Answer 10

Attorney-client privilege

Question 11

Rule 702

Answer 11

Testimony by expert witness

Question 12

Rule 902

Answer 12

Evidence that is self authenticating (hashing)

Question 13

Rule 1002

Answer 13

Provide only the best evidence (the original)

Question 14

Rule 1003

Answer 14

Admissibility of exact duplicates (“forensically sound”)

Question 15

Forensically sound image

Answer 15

• Exact representation
• Hashing process
• Audit trail

Question 16

The digital forensic process

Answer 16

• Identification
• Preservation
• Collection
• Examination
• Analysis
• Presentation

Question 17

Functional Investigation Methodology

Answer 17

Jk

Question 18

Cyber Kill Chain

Answer 18

Recon
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives