lec 10 computing Flashcards
hardware
The physical components of a computer: case, keyboard, monitor,
motherboard, RAM, HDD, mouse,
and so on; generally speaking, if it
is a computer component you can
touch, it is hardware.
software
A set of instructions compiled
into a program that performs a
particular task; software consists
of programs and applications that
carry out a set of instructions on
the hardware.
motherboard
The main system board of a computer (and many other electronic
devices), which delivers power,
data, and instructions to the computer’s components; every component in the computer connects to
the motherboard, either directly or
indirectly.
central processing unit (CPU)
The main chip within the computer,
also referred to as the brain of the
computer, which handles most
of the operations (i.e., code and
instructions) of the computer.
random-access memory (RAM)
The volatile memory of a computer, where programs and instructions that are in use are stored;
when power is turned off, its contents are lost.
hard disk drive (HDD)
Typically the main storage location
within the computer, which consists
of magnetic platters contained in a
case (usually 3.5” long in a desktop
computer and 2.5” in a laptop)
and is usually where the operating
system, applications, and user data
are stored.
operating system (OS)
The software that provides the
bridge between the system hardware and the user; the OS lets the
user interact with the hardware
and manages the file system and
applications. Some examples are
Windows (XP, Vista, and Windows 7
and 8), Linux, and Mac OS
partition
A contiguous set of blocks that are
defined and treated as an independent disk.
sector
The smallest addressable unit of
data by a hard disk drive; generally
consists of 512 bytes.
byte
A group of eight bits.
bit
Short for binary digit; taking the
form of either a one or a zero, it is
the smallest unit of information on
a machine.
cluster
A group of sectors in multiples of
two; cluster size varies from file
system to file system and is typically the minimum space allocated
to a file.
Message Digest 5 (MD5)/Secure Hash Algorithm (SHA)
A software algorithm used to
“fingerprint” a file or contents of
a disk; used to verify the integrity
of data. In forensic analysis, it is
typically used to verify that an
acquired image of suspect data
was not altered during the process
of imaging.
visible data
All data that the operating system
is presently aware of and thus is
readily accessible to the user.
swap file
A file or defined space on the HDD
used to conserve RAM; data is
swapped, or paged, to this file or
space to free RAM for applications
that are in use
temporary files
Files temporarily written by an
application to perform a function
or to provide a “backup” copy of a
work product should the computer
experience a catastrophic failure.
latent data
Areas of files and disks that are
typically not apparent to the computer user (and often not to the
operating system) but contain data
nonetheless.
file slack
The area that begins at the end of
the last sector that contains logical
data and terminates at the end of
the cluster.
unallocated space
The unused area of the HDD that
the operating system file system
table sees as empty (i.e., containing no logical files) but that may
contain old data
Internet cache
Portions of visited web pages
placed on the local hard disk drive
to facilitate quicker retrieval when a
web page is revisited.
cookies
Files placed on a computer from
a visited website that are used to
track visits to and usage of that
site.
Internet history
An accounting of websites visited;
different browsers store this information in different ways.
bookmark
A feature that enables the user to
designate favorite sites for fast and
easy access.
hacking
A slang term frequently used to
refer to performing an unauthorized computer or network intrusion.
firewall
Hardware or software designed to
protect intrusions into an Internet
network.
a cluster is a group of ___ in multiples of ___
a. partitions, two
b. disks, four
c. cylinders, three
d. sectors, two
d. sectors, two
which of the following is NOT classified as software?
a. operating systems
b. word processors
c. web browsers
d. flash drives
d. flash drives
which of the following places would a computer forensic investigator look for latent data?
a. RAM slack
b. file slack
c. unallocated space
d. all of the above
d. all of the above
which of the following is NOT considered a hardware device?
a. monitor
b. hard disk drive
c. mouse
d. operating system
d. operating system
the first thing a crime scene investigator should do when encountering computer forensic evidence is
a. unplug every device from the CPU to preserve the hard disk drive
b. procure a warrant to search
c. remove the system to the laboratory for processing
d. document the scene
b. procure a warrant to search
when is it necessary to make a “fingerprint” of an HDD
before and after imaging its contents
a software algorithm used to create a “fingerprint” of a file or an entire HDD is called
MD5
which of the following actions taken at the crime scene involving a computer is incorrect?
a. upon arrival, sketching the overall layout as well as photographing it
b. photographing any running monitors
c. removing the plug from the back of the computer, not from the wall
d. none of these
d. none of these
the term ‘bit’ is short for
binary digit
if a file system defines a cluster as six sectors, how many bytes of info can be stored on each cluster?
a. 24,576
b. 512
c. 3,072
d. 307.2
c. 3,072
a motherboard
a. is the main circutboard within a computer
b. has a socket to accept RAM
c. connects to every device used by the system
d. all of these
d. all of these
the ___ is a complex network of wires that carry data from one hardware device to another
motherboard
the ultimate goal of obtaining an image of a hard disk drive is to..?
obtain information without altering the drive in any way
hard drive partitions are typically divided into
a. sectors
b. clusters
c. tracks
d. all of these
d. all of these