IS4670 SLIDES STUDY GUIDE Flashcards
- ____Mechanisms for Sensitive Data Exposure
➢ Hacking
➢ Man-in-the-Middle attack
➢ Keylogging software
➢ Social engineering
➢ Insider attack, physical computer, and
media theft- In Controls and Responses Network and computer security includes _____:
➢ Use defense in depth
➢ Use firewalls and intrusion detection or
prevention systems
➢ Monitor logs
➢ Harden the servers
➢ Install anti-malware software and keep it
up-to-date
- The Role of Computers in Crimes is ____:
➢ Target ➢ Instrument ➢ Evidence ➢ Instrument > Evidence Repository ➢ Evidence Repository > Instrument
- The Three A’s of Digital Forensics is ____:
➢ Acquire
➢ Authenticate
➢ Analyze
- Law Firms need experienced forensics professionals to ___:
➢ Conduct investigations
➢ Testify as expert witnesses
- Criminal Prosecutors use digital evidence when working with ___:
➢ Incriminating documents
- Evidence Transport must include ____:
➢ Photograph or videotape the scene from premises to transport vehicle
➢ Photograph or videotape the scene from vehicle to lab
➢ Transport computer to a secure location
- Photograph or videotape the scene from premises to transport vehicle, photograph or videotape the scene from vehicle to lab and Transport computer to a secure location are all a part of ____?
➢ Evidence Transport
- The Evidence Life Cycle include ____:
➢ Collect or seize evidence
➢ Transport evidence
➢ Protect or store evidence
➢ Analyze evidence
- Collect or seize evidence, Transport evidence, Protect or store evidence, and Analyze evidence are all steps of the _____:
➢ Evidence Life Cycle
- Secure erasure or ____ completely overwrites sensitive data.
➢ Drive wiping or wiping
- Secure erasures or wiping applies to:
➢ Slack space
➢ Unused sectors,
➢ Entire disk space
- Why analyze data packets?
➢ Detect network problems, i.e.
bottlenecks
➢ Detect network intrusions
➢ Gather network statistics
- What does a protocol analyzer do?
➢ Captures and decodes data packets
traveling on a network
➢ Allow you to read and analyze data
packets
- Binary Data often means picking apart binary formats such as ____?
➢ Windows 32-bit files
➢ DOS.com and .exe formats
➢ Linux Executable and Linking Format
(ELF) formats
➢ Uniplexed Information and Computing
System (UNIX) a.out format- Windows 32-bit files, DOS.com and .exe formats, Linux Executable and Linking Format (ELF) formats, and Uniplexed Information and Computing System (UNIX) a.out format are all steps picking apart _____.
➢ binary formats
- File Carving is best defined as _____?
➢ Reassembling files from fragments
➢ Generally “carve” out data between file
headers and footers
- Popular tools of File Carving are _____?
➢ Foremost
➢ Scalpel
- Reassembling files from fragments, and “carve” out data between file headers and footers are steps in _____?
➢ File Carving
- Disk, Email, Network, Internet, Software, and Live system are types of _____?
➢ Forensic Investigations
- Types of Investigations for the Forensic Professional include ___?
➢ Disk forensics ➢ Software forensics ➢ Network forensics ➢ Email forensics ➢ Live system forensics ➢ Internet forensics
- The Investigative Process includes ___?
➢ Forensic Investigation which then leads
to Legal Proceedings
- True or False – Obsession with law and judicial rules may inhibit an investigation.
➢ TRUE
