IS4670 SLIDES STUDY GUIDE

Question 1

1. ____Mechanisms for Sensitive Data Exposure

Answer 1

➢	Hacking
➢	Man-in-the-Middle attack
➢	Keylogging software
➢	Social engineering
➢	Insider attack, physical computer, and     
           media theft

Question 2

2. In Controls and Responses Network and computer security includes _____:

Answer 2

➢ Use defense in depth
➢ Use firewalls and intrusion detection or
prevention systems
➢ Monitor logs
➢ Harden the servers
➢ Install anti-malware software and keep it
up-to-date

Question 3

3. The Role of Computers in Crimes is ____:

Answer 3

➢	Target
➢	Instrument
➢	Evidence
➢	Instrument > Evidence Repository
➢	Evidence Repository > Instrument

Question 4

4. The Three A’s of Digital Forensics is ____:

Answer 4

➢ Acquire
➢ Authenticate
➢ Analyze

Question 5

5. Law Firms need experienced forensics professionals to ___:

Answer 5

➢ Conduct investigations

➢ Testify as expert witnesses

Question 6

6. Criminal Prosecutors use digital evidence when working with ___:

Answer 6

➢ Incriminating documents

Question 7

7. Evidence Transport must include ____:

Answer 7

➢ Photograph or videotape the scene from premises to transport vehicle
➢ Photograph or videotape the scene from vehicle to lab
➢ Transport computer to a secure location

Question 8

8. Photograph or videotape the scene from premises to transport vehicle, photograph or videotape the scene from vehicle to lab and Transport computer to a secure location are all a part of ____?

Answer 8

➢ Evidence Transport

Question 9

9. The Evidence Life Cycle include ____:

Answer 9

➢ Collect or seize evidence
➢ Transport evidence
➢ Protect or store evidence
➢ Analyze evidence

Question 10

10. Collect or seize evidence, Transport evidence, Protect or store evidence, and Analyze evidence are all steps of the _____:

Answer 10

➢ Evidence Life Cycle

Question 11

11. Secure erasure or ____ completely overwrites sensitive data.

Answer 11

➢ Drive wiping or wiping

Question 12

12. Secure erasures or wiping applies to:

Answer 12

➢ Slack space
➢ Unused sectors,
➢ Entire disk space

Question 13

13. Why analyze data packets?

Answer 13

➢ Detect network problems, i.e.
bottlenecks
➢ Detect network intrusions
➢ Gather network statistics

Question 14

14. What does a protocol analyzer do?

Answer 14

➢ Captures and decodes data packets
traveling on a network
➢ Allow you to read and analyze data
packets

Question 15

15. Binary Data often means picking apart binary formats such as ____?

Answer 15

➢	Windows 32-bit files
➢	DOS.com and .exe formats
➢	Linux Executable and Linking Format 
           (ELF) formats
➢	Uniplexed Information and Computing 
           System (UNIX) a.out format

Question 16

16. Windows 32-bit files, DOS.com and .exe formats, Linux Executable and Linking Format (ELF) formats, and Uniplexed Information and Computing System (UNIX) a.out format are all steps picking apart _____.

Answer 16

➢ binary formats

Question 17

17. File Carving is best defined as _____?

Answer 17

➢ Reassembling files from fragments
➢ Generally “carve” out data between file
headers and footers

Question 18

18. Popular tools of File Carving are _____?

Answer 18

➢ Foremost

➢ Scalpel

Question 19

19. Reassembling files from fragments, and “carve” out data between file headers and footers are steps in _____?

Answer 19

➢ File Carving

Question 20

20. Disk, Email, Network, Internet, Software, and Live system are types of _____?

Answer 20

➢ Forensic Investigations

Question 21

21. Types of Investigations for the Forensic Professional include ___?

Answer 21

➢	Disk forensics
➢	Software forensics
➢	Network forensics
➢	Email forensics
➢	Live system forensics
➢	Internet forensics

Question 22

22. The Investigative Process includes ___?

Answer 22

➢ Forensic Investigation which then leads

to Legal Proceedings

Question 23

23. True or False – Obsession with law and judicial rules may inhibit an investigation.

Answer 23

➢ TRUE