Lesson 10 Flashcards
The collection part of the computer forensic expert’s job includes all of the following EXCEPT:
Penning a written report of digital data.
Which of these is a component of the presentation portion of computer forensics?
Writing a comprehensive report of findings.
How does computer forensics differ from traditional forensics?
It is focused solely on digital evidence.
A computer forensic expert’s analysis should be all of these things EXCEPT:
Cursory
Computer forensic experts work with two primary types of data. What are they?
Computer forensic experts work to retrieve both visible and latent, or hidden, digital data.
Missteps made in the _____ process can cause valuable evidence to be discarded or thrown out of court.
collection
Which of these is a common tactic investigators use to preserve data during the digital forensics process?
They make copies of files or images.
This stage of the digital forensics process touches all other stages in the process:
The documentation stage of the digital forensics process is a step performed throughout the investigation. This covers everything from how evidence is collected using a search warrant to how conclusions about that evidence are made.
Which of these might represent what the analysis stage of the digital forensics process entails?
Making conclusions about data.
Before you can collect evidence in the digital forensics process, you must first work to _____ potential relevant sources.
identify
Which of the following is not an EnCase certification track?
CFCE is not an EnCase certification track.
Examples of digital forensic tools include _____.
Digital forensic tool examples: Disk Investigator, Digital Detective, EnCase, and ComputerCOP.
Digital Detective tool offers experts _____.
Digital detective offers no certification track.
ComputerCOP is particularly designed to address _____.
ComputerCOP is particularly designed to address child safety on the internet.
Digital Forensics entails _____.
the identification, preservation, recovery, restoration and presentation of digital evidence from systems and devices
Which of the following best describes what data recovery is?
It refers to the act of recovering data which has been lost, corrupted, or deleted.
Which of the following data recovery tools utilizes a system’s command prompt in order to operate?
TestDisk
Which of the following best describes Guaranteed Recovery, a useful feature found in Disk Drill?
Guaranteed Recovery is a feature found in Disk Drill. It works by creating a copy of a deleted file and saving that copy in a folder specified by the user. In essence, it creates a duplicate trash folder that can make it easy for a user to recover a file should they accidentally empty out their trash folder.
What is a limitation of EaseUS?
A limitation of EaseUS is that some features are locked behind a paywall. The free version of EaseUS only lets you know what files it recovered but it does not allow the user to retrieve those files for use.
Which file types does Disk Drill struggle to recover?
Video and audio files
An email can be faked using _____.
An email can be faked using SMTP server or Website mailer
The key factor that enables fake emails is _____.
The key factor that enables fake emails is the ability for impostors to deliver mails by altering the sender’s email information to whatever they want.
E-Mail spoofing is defined as _____
the process of manipulating the contents of an email in a way that makes the email appear to originate from a source other than the actual sender
____ is not a server needed for delivery on the Internet:
an email client
The main difference between the POP and IMAP e-mail protocols is that _____.
The main difference between the POP and IMAP e-mail protocols is that with POP emails are only accessed from the download device while with IMAP emails can be accessed from any device anywhere
Which of the following best defines machine vision?
Machine vision refers to when computers are used to perform facial recognition scans on people. This technology has recently been employed by China to aid in the capture of wanted suspects.
What is one difference between how data was stored in the 90s and early 2000s to how it is stored now?
It was common for data in the 90s and early 2000s to be stored on tapes, whereas today you are more likely to store data on different media, such as SSDs and flash drives.
Which of the following refers to the study of creating machines that have the ability to think at a level equal to a human being?
Artificial Intelligence
Forensic investigators benefit from using Li-Fi in their operations because it is more secure than Wi-Fi. In what way is Li-Fi more secure than Wi-Fi?
Data traveling through Li-Fi is not broadcast to the surrounding area and is only confined to its transmission route. As such, it is harder for a malicious actor to access this data.
Read Answer Explanation
From the given options, which is the cause of the renewed challenges facing security practitioners today?
Earth’s population growth and rise in the number of people using digital devices
