IS4670 CHAPTER 1 TERMS & DEFINITIONS Flashcards
Criminal activity that pertains to the wrongful taking of information or the causing of damage to information.
Cybercrime -
The process of acquiring and analyzing data stored on physical storage media, such as computer hard drives, smartphones, and removable media. This includes the recovery of hidden and deleted data. It also includes the process of identifying who created a file or message.
Disk forensics -
The study of the source and content of e-mail as evidence. E-mail forensics includes identifying the sender, recipient, date, time, and origination location of an e-mail message.
E-mail forensics -
Anything that changes or destroys digital evidence between the time the evidence is created and when the case goes to court. An action that changes the evidence could be either accidental or deliberate.
Evidence dynamics -
The process of piecing together where and when a user has been on the Internet.
Internet forensics -
An area of systems forensics that is used to search memory in real time. Live system forensics is typically used for working with compromised hosts and to identify system abuse.
Live system forensics -
An area of system forensics that focuses on investigating network intrusions, abuse, and often crimes that cross jurisdictions
Network forensics -
An area of systems forensics that is most often used to examine malicious code. Also known as malware forensics
Software forensics -
Withholding, hiding, alteration, or destruction of evidence relevant to a legal proceeding, whether intentional or negligent.
Spoliation -
The collection, preservation, analysis, documentation, and presentation of digital evidence so that it is admissible in a court of law.
System forensics -
Evidence gathered from computers, digital media, or electronic devices, such as a mobile phone or digital camera.
System forensics evidence -
An individual responsible for system forensics.
System forensics specialist -
