Introduction to Cyber Forensics Flashcards
Affidavit
A written statement made under oath or affirmation, used as evidence in a court of law.
Example: An individual providing a sworn statement of what they witnessed in a criminal case.
Allegation
A claim or assertion that someone has done something wrong or illegal, often made without proof.
Example: An employee accusing their supervisor of harassment in the workplace.
Approved Secure Container
A storage device that meets specific security requirements for the storage of sensitive or classified information.
Example: A safe or cabinet used to store classified government documents
attorney-client privilege (ACP)
The legal protection that allows communications between an attorney and their client to remain confidential and not be disclosed without the client’s permission.
Example: A lawyer and their client discussing the details of a legal case without fear of the conversation being used against them.
authorized requester
A person or entity that has the legal right to request access to specific information or evidence.
Example: A police department requesting access to a suspect’s phone records with a valid search warrant.
bit-stream copy
A forensic copy of a digital storage device or file that captures every bit of data, including deleted and hidden files.
Example: A digital forensics investigator creating a forensic copy of a hard drive for analysis.
bit-stream image
A forensic image of a digital storage device or file that captures a bit-for-bit copy of the data, including deleted and hidden files.
Example: A digital forensics investigator creating a forensic image of a USB drive for analysis.
chain of custody
The documented history of the custody, control, transfer, analysis, and disposition of physical or digital evidence, ensuring that the integrity of the evidence is maintained.
Example: A police officer documenting who collected evidence at a crime scene, who had possession of the evidence, and when and where it was transferred.
Computer Technology Investigators Network (CTIN)
A nonprofit organization that provides training, resources, and networking opportunities for digital forensics and cybercrime investigators.
Example: A digital forensics investigator attending a CTIN training seminar to stay up-to-date on the latest forensic techniques.
data recovery
The process of retrieving lost, damaged, or deleted data from digital storage devices.
Example: A person recovering deleted photos from their phone.
Digital Evidence First Responder (DEFR)
A trained professional who is the first to respond to a digital crime scene and collects and preserves digital evidence.
Example: A police officer trained to collect and preserve digital evidence at the scene of a cybercrime.
Digital Evidence Specialist (DES)
A trained professional who specializes in the forensic analysis of digital evidence.
Example: A digital forensics investigator who specializes in analyzing data from mobile devices.
digital forensics
The process of collecting, preserving, analyzing, and presenting digital evidence in a manner that is admissible in a court of law.
Example: A digital forensics investigator analyzing a computer system to find evidence of illegal activity.
digital investigations
The process of conducting an investigation that involves digital evidence and technology.
Example: A law enforcement agency investigating an online fraud scheme.
evidence bags
Bags used to store physical evidence, often with a label and chain of custody documentation attached.
Example: A police officer placing a knife found at a crime scene in an evidence bag and labeling it with the date and location it was found.
evidence custody form
A form used to document the transfer of physical evidence from one person or agency to another, including the chain of custody.
Example: A police officer filling out an evidence custody form
exculpatory evidence
Evidence that tends to clear or exonerate the accused of guilt or blame.
Example: DNA evidence that proves someone was not present at the scene of a crime.
exhibits
Physical or digital evidence presented in a court of law to prove or disprove a fact in a case.
Example: A murder weapon presented as evidence in a murder trial.
forensic workstation
A specialized computer system used for digital forensics analysis, with specific hardware and software configurations.
Example: A computer system used to analyze a hard drive for evidence of illegal activity.
Fourth Amendment
An amendment to the United States Constitution that protects citizens from unreasonable searches and seizures by the government.
Example: Police officers obtaining a search warrant before searching someone’s home.
hostile work environment
A workplace environment in which an employee feels uncomfortable or harassed, typically due to discriminatory or abusive behavior.
Example: An employee being subjected to sexual harassment by their supervisor.
inculpatory evidence
Evidence that tends to show the guilt or culpability of the accused.
Example: Security camera footage showing a suspect committing a crime
industrial espionage
The theft or unauthorized use of intellectual property, trade secrets, or confidential information for competitive advantage.
Example: A company stealing a competitor’s technology or trade secrets to gain an advantage in the marketplace.