Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IS3350 LEGAL ISSUES IN INFORMATION SECURITY > IS3350 CHAPTER 15 > Flashcards

IS3350 CHAPTER 15 Flashcards

1
Q

Documentation that shows how evidence is collected, used, and handled throughout the lifetime of a case is called ___?
This document shows who obtained evidence, where and when it was obtained, who secured it, and who had control or possession of it.

A

CHAIN OF CUSTODY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A category of computer forensics that focuses on examining programming code for malicious code or signatures is called ___?
It is also know as malware forensics.

A

CODE OF ANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The scientific process of collecting and examining data that is stored on or received or transmitted by an electronic device is called ___?
It is also called system forensics, digital forensics, computer forensic analysis, computer examination, data recovery, or inforensics.

A

COMPUTER FORENSICS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Evidence collected from an electronic device is called ___?

A

DIGITAL EVIDENCE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An exact copy of an electronic media storage device is called ___?
A bit-by-bit copy includes deleted files, slack space, and areas of the storage device that a normal file copy would not include.

A

FORENSIC DUPLICATE IMAGE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A legal doctrine that states that evidence that isn’t gathered evidence can’t be used in court is called ___?
Any subsequent evidence gathered as a result of the illegally obtained evidence can’t be used in court either.

A

FRUIT OF THE POISONOUS TREE DOCTRINE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Any out-of-court statement made by a person that is offered to prove some issue in a case is called ___?
Gossip is a common example.

A

HEARSAY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A basic assumption in forensics science that states that people always leave traces of their activities when they interact with other people or with other objects is called ___?

A

LOCARD’S EXCHANGE PRINCIPLE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A category of computer forensics that focuses on collecting and examining data stored on physical media is called ___?

A

MEDIA ANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A category of computer forensics that focuses on capturing and examining network traffic is called ___?
It includes reviewing transaction logs and using real time monitoring to identify and locate evidence.

A

NETWORK ANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A warning banner that provides notice of legal rights to users of computer networks is called ___?
The are generally displayed as a computer user logs into a network or on an entity’s home page.

A

NETWORK BANNER

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A formal protest made by an attorney to a trial court judge is called ___?
An attorney usually makes this if the opposing party is asking questions or submitting evidence that is inappropriate or violates a trial court rule.

A

OBJECTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Devices that monitor outgoing transmission data is called ___?
They record dialing, routing, signaling, or address information.

A

PEN REGISTER DEVICES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data that is sorted on a hard drive or other storage media is called ___?
It is preserved when an electronic device is turned off.

A

PERSISTENT DATA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Evidence that proves or disproves a legal element in a case is called ___?
If evidence isn’t this, then it can be excluded from a trial.
Also known as relevant evidence.

A

PROBATIVE EVIDENCE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Devices that monitor incoming transmission data is called ___?
They capture incoming electronic signals that identify the originating transmission data.

A

TRAP AND TRACE DEVICES

17
Q

Data that is sorted in the memory of an electronic device is called ___?
It is lost when an electronic device is turned off.

A

VOLATILE DATA

18
Q
  1. A system back-up copy is considered a forensic duplicate image.
    TRUE OR FALSE
A

FALSE

19
Q
  1. What is an exception to the Fourth Amendment’s search warrant requirement?
  2. Consent
  3. Plain view doctrine
  4. Inventory search
  5. All the above
  6. None of the above
A

Consent
Plain view doctrine
Inventory search

All the above

20
Q
  1. Which principle is a basic assumption of forensic science?
  2. The silver platter doctrine
  3. Exigent circumstances
  4. Rocard’s exchange principle
  5. The Daubert test
  6. None of the above
A

Rocard’s exchange principle

21
Q
  1. What are the three main electronic communications eavesdropping laws?
A

The Electronic Communications Privacy Act;
the Wiretap Act;
the Pen Register and Trap and Trace Statute

22
Q
  1. What is another common term for computer forensics?
A 
Computer forensics also is known as 
system forensics, 
digital forensics, 
computer forensic analysis, 
computer examination, 
data recovery, 
and inforensics (information forensics)
These are interchangeable
23
Q
  1. Which type of computer forensics focuses on examining programming code?
  2. Media analysis
  3. Malware forensics
  4. Internet forensics
  5. Network analysis
  6. None of the above
A

Malware forensics

24
Q
  1. Which forensic certification is only available to law enforcement personnel?
  2. CCE
  3. GCFA
  4. CCFE
  5. EnCE
  6. None of the above
A

None of the above

25
Q
  1. A computer can play one of ___ roles in a crime.
A

Three (3)

26
Q
  1. Which investigative step includes “bag and tag”?
  2. Identification
  3. Preservation
  4. Collection
  5. Examination
  6. None of the above
A

Collection

27
Q
  1. which investigative step includes interviewing persons of interest for information about electronic devices?
  2. Identification
  3. Preservation
  4. Collection
  5. Presentation
  6. None of the above
A

Preservation

28
Q
  1. Which organization created the most well-known guiding principles for computer forensic examiners?
  2. IOCE
  3. ISO/IEC
  4. ISFCE
  5. IACRB
  6. None of the above
A

IOCE

29
Q
  1. What is volatile data?
A

Data stored in the memory of an electronic device. Volatile data is lost when the electronic device is turned off.

30
Q
  1. Which law governs the collection of real-time transmission data?
  2. The Electronic Communications Privacy Act
  3. The Wiretap Act
  4. The Pen Register and Trap and Trace Statute
  5. The Fourth Amendment
  6. None of the above
A

The Pen Register and Trap and Trace Statute

31
Q
  1. A trap and trace device monitors incoming transmission data.
    TRUE OR FALSE
A

FALSE

32
Q
  1. A forensic duplicate image is a ____.
A

Bit-by-bit copy

IS3350 LEGAL ISSUES IN INFORMATION SECURITY (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions