IS4670 CHAPTER 6 TERMS & DEFINITIONS Flashcards

1
Q
  • A text file that a series of commands intended to be executed by the command interpreter. When a this is run, another program reads the file and executes its commands.
A

Batch file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • A backup that involves the copying of every bit of data on a computer hard disk drive or another type of storage media. It exactly replicates all sectors on the storage device, so all files and ambient data storage areas are copied.
A

Bit stream backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • A process that starts an operating system when the user turns on a computer system.
A

Boot process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • A fixed-length block of data—one to 128 sectors—in which DOS- and Windows-based computers store files. These are made up of blocks of sectors.
A

Cluster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  • A table that stores associations between files and the clusters assigned to them.
A

File allocation table (FAT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  • An amendment that guards against unreasonable searches and seizures. It specifically requires that search and arrest warrants be judicially sanctioned and supported by probable cause.
A

Fourth Amendment to the U.S. Constitution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  • The process of creating a complete sector-by-sector copy of a disk drive. Also known as making a bit stream backup.
A

Imaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  • Evidence that shows, or tends to show, a person’s involvement in an act, or evidence that can establish guilt.
A

Incriminating evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • A segment of the forensics world that recommends leaving a suspect computer turned on and working on it immediately after securing it.
A

Live analysis school of thought

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  • Analysis using the native operating system, on the evidence disk or a forensic duplicate, to peruse the data. It looks for things that are visible, known about, and possibly controlled by the user.
A

Logical analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • Offline analysis conducted on an evidence disk or forensic duplicate after booting from a CD or another system. It looks for things that may have been overlooked, or are invisible, to the user.
A

Physical analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  • | A segment of the forensics world that believes a suspect computer should be carefully shut down immediately when the computer is secured.
A

Safe shutdown school of thought

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  • The smallest unit of storage on a computer. It is composed of bits and is generally a power of two bytes in size.
A

Sector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  • Fringe data that remains on the physical track of storage media after deletion, sweeping, or scrubbing.
A

Shadow data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  • Data that an operating system creates and overwrites without the computer user taking a direct action to save this data.
A

Temporary data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  • Data from running processes on a live computer. It is memory that is highly sensitive to system usage, such as registers, memory, and cache. Such data is lost whenever a system is used.
A

Volatile data