Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

4th Year - 1st Sem > IA - DIGITAL FORENSICS > Flashcards

IA - DIGITAL FORENSICS Flashcards

1
Q

Branches of Digital Forensics

A
  1. Computer Forensics
  2. Mobile Device Forensics
  3. Network Forensics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

is a branch of digital forensics concerned with evidence found in computers and digital storage media

A

Computer Forensics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

focused on the recovery of digital evidence form mobile devices using forensically sound methods

A

mobile device forensics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

involved the alleged breaking of laws and law enforcement agencies and their digital forensic examiners

A

criminal cases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

examiners specialize in one area of digital evidence; either at broad level or sub-specialisst

A

Digital Evidence Examiners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

focused on monitoring and analyzing computer network traffic for information gathering, legal evidence or intrusion detention

A

network forensics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • gather or process evidence at crime scenes
  • trained on the correct handling of technology
A

Digital Forensic Technician

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Purpose of digital forensics

A
  1. criminal cases
  2. civil cases
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  • someone who has a desire to follow the evidence and solve a crime virtually
  • recover data like documents, photos, and emails from a computer hard drive and other storage devices such as zip and flash drives with deleted, damaged, or otherwise manipulated
A

Digital Forensics Investigator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

involved the protection of rights and property of individuals or contractual disputes between commercial entities where a form of digital forensics called electronic discovery may be involved

A

civil cases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  • the admissibility of digital evidence relies on the tool used to extract it
  • Forensic tools are subjected to the Daubert standard, where judge is responsible for ensuring that the processes and software used were acceptable
A

Investigative tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Example Uses of Digital Forensics

A
  1. Intellectual Property Theft
  2. Industrial Espionage
  3. Employment Disputes
  4. Fraud Investigations
  5. Forgeries Related Matters
  6. Bankruptcy Investigations
  7. Inappropriate Use of The Internet and Email in workplace
  8. Issues Concern with the regulatory compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

GENERAL TOOLS USED IN FOLLOWING CATEGORIES

A
  1. disk and data capture tools
  2. file viewer tools
  3. file analysis tools
  4. internet analysis tools
  5. email analysis tools
  6. registry analysis tools
  7. mobile device analysis tools
  8. mac os analysis tools
  9. network forensics tools
  10. database forensics tools
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Internet crime is for investigators, laboratory and technical personnel to understand and how the process works and to stay closely engaged with advances in software and tracking techologies

A

Internet-Based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

crims such as pornography, copyright infringement, extortion or counterfeiting have digital evidence which is on the computer’s hard drive and general equipment, including removable devices such as thumb drive and CRDOM

A

Stand-Alone Computers or Devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  • allow criminals to engage in an ever-growing variety of activities and devices keep track of every move and message
  • it is th tracking capability that truns mobile devices into key evidence in many cases
A

Mobile Devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Stages of Digital Forensics Investigation

A
  1. identification
  2. preservation
  3. analysis
  4. documentation
  5. presentation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

is any probative information stored or transmitted in digital form that a party to a court case may use in trial

A

digital evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

physical evidence cannot be wrong. it cannot perjure itself, it cannot be wholly absent. only human failure to find it, study and understand it, can diminish its value

A

Locard’s Principle

11
Q
  • deter any alteration in evidence, either intentionally or unintentionally, states that the court prefers original evidence in trial rather than a copy
  • are used to establish a credible link between the attacker, victime, and crime scene
A

Best Evidence Rule

12
Q

types of investigation

A
  1. criminal forensics
  2. intelligence gathering
  3. electronic discovery
  4. intrusion investigation
12
Q

is usually part of a wider investigation conducted by law enforcement and other specialists with reports being intended to facilitate that investigation and ultimately be entered as an expert evidence before court

A

criminal forensics

12
Q

is often associated with crime providing intelligence to help track, stop, or identify criminal activity

A

intelligence gathering

12
Q

has a specific legal limitations and restrictions, usually in relation to the scope of any investigation

A

electronic discovery

13
Q
  • final form of investigation is different from previous ones
  • instigated as a response to a network intrusion
A

intrusion investigation

14
Q

techniques of digital forensics

A
  1. cross-drive analysis
  2. live analysis
    2.1 volatile analysis
    3.recovery of deleted files
    4.stochastic forensics
    5.stenography
15
Q
  • a forensic technique that correlates information found on multiple hard drives.
  • this process, still being researched can be used to identify social networks and perform anomaly detection
A

cross-drive analysis

16
Q
  • the examination of computers from within the operating system using custom forensics to extract evidence
  • this practice is useful when dealing with encrypting file system
A

live analysis

17
Q

is data that is lost when power is switched off

A

volatile data

18
Q

a method uses stochastric properties of the computer system to investigate activities lacking digital artifacts

A

stochastic forensics

18
Q

order of voladility of digital evidences

A
  1. CPU
  2. ARP Cache
  3. Memory
  4. Temporary File System
  5. Data on Hard Disk
  6. remotely lagged data
  7. data contained on archival media
19
Q

computer forensics professionals can fight this by looking at the hash of the file and comparing it to the original image

A

stenography

19
Q
  • modern forensic softwares have their own tools for recovering deleted data
  • most OS and file systems fo not always rease physical file data, allowing investifators to reconstruct it from physical disk sectors
A

recovery of deleted files

20
Q

the testbed should be created from the trusted source and functionality of the testbed should be checked in advance before using them in the build

A

create forensic tool testbed

20
Q

chracteristics of digital evidence

A
  1. admissibility
  2. reliability
  3. convincing to judges
  4. completeness
  5. authentication
  6. assessment
  7. acquisition
  8. preservation
  9. examination and analysis
  10. documentation and reporting
20
Q

first responder toolkit

A
  1. create forensic tool testbed
  2. document the forensic tool testbed
  3. document the summary of the forensic tools
  4. test the tools
21
Q

for every tool that is acquired for the testbed, the follwiing information is documented for easy reference and record

A

document the summary of the forensic tools

22
Q

now the tools selected and installed are testedd in the testbed and its performance and output is examined

A

test the tools

23
Q

some common mistakes first responder should avoid

A
  1. do not shu off or reboot machine
  2. do not assume that any parts of the victim is reliable
  3. take precaution
  4. follow procedures
24
Q

issues facing computer forensics

A
  1. technical issues
  2. legal issues
  3. administartive issues
25
Q

technical issues

A
  1. encryption
  2. increasing storage space
  3. new technologies
  4. anti-forensics
26
Q
  • may confuse or distract computer examiner’s findings. In such cases, a competent opposing lawyer supplied with evidence from competent computer forensic analysit shoulw be able to dismiss such argument
A

Legal Issues

27
Q

3 Famous Cases Solved Through Digital Forensics

A
  1. BTK Killer
  2. The Craigslist Killer
  3. Larry J Thomas Vs State of Indiana
28
Q

dennis rader tortured and killed 10 people but the digital forensics experts were able to trace the metadata contained within the disk helping unveil the killers identity

A

BTK Killer

29
Q

when investigators traced emails exchanged between victims and ip address led them to unlikely suspect

A

the craigslist killer

30
Q

during the investigation, the authorities took the current posted on the culprits facebook account under consideration

A

Larry J. Thomas vs the state of Indiana

4th Year - 1st Sem (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions