Secure Coding and Digital Forensics Flashcards
To what does the “chain of custody” apply?
A. Maximum assigned privilege assignments
B. Digital signatures
C. Evidence
D. Encryption
C. Evidence
The “chain of custody” refers to the process of documenting the handling, control, transfer, and storage of evidence, ensuring that it remains unaltered and is admissible in legal proceedings. It tracks the movement of evidence from the time it is collected until it is presented in court, ensuring the integrity and authenticity of the evidence.
Which software development methodology fits best with CI/CD?
A. SDLC
B. Waterfall
C. Agile
D. PKI
C. Agile
The Agile methodology fits best with CI/CD (Continuous Integration/Continuous Deployment) because it emphasizes iterative development, rapid feedback, and frequent releases. CI/CD supports Agile practices by enabling automated testing, integration, and deployment, allowing development teams to quickly integrate code changes and deliver updates more frequently. This aligns with the Agile focus on delivering value in short cycles and responding to change efficiently.
Which type of digital evidence is considered the most volatile?
A. Temporary swap files
B. Files on a USB thumb drive
C. Files on DVDs
D. RAM contents
D. RAM contents
RAM (Random Access Memory) contents are considered the most volatile type of digital evidence. This is because data stored in RAM is temporary and is lost as soon as the computer is powered off or rebooted. Since RAM holds active processes, encryption keys, and potentially critical data, it is extremely time-sensitive and must be preserved immediately if needed as evidence.
You are using Git for file version control. You need to create a standalone copy of a repository. What should you do?
A. Create a branch
B. Create a clone
C. Create a fork
D. Create a new repository
C. Create a fork
Creating a fork is the correct action if you’re working on a platform like GitHub, GitLab, or another Git hosting service. Forking creates a standalone copy of the repository under your own account. This is especially useful if you want to contribute to a project but do not want to modify the original repository directly. You can make changes to your fork and later submit pull requests to the original repository.
You are exploring a suspect disk image using Autopsy. You have come across a handful of files that you would like to revisit easily. What should you do?
A. Tag the files
B. Make a list of the file names
C. Export each file
D. Copy file hashes to the clipboard
A. Tag the files
In Autopsy, you can tag files to mark them for easy reference or further analysis later. Tagging allows you to add labels to specific files or evidence, making it much easier to revisit them as you continue your investigation. This method helps keep track of important files without the need to export or copy them right away.
Which COBIT maturity level represents an effective and refined set of governance practices?
A. 1
B. 0
C. 3
D. 5
D. 5
In the COBIT (Control Objectives for Information and Related Technologies) framework, maturity level 5 represents an optimized or refined set of governance practices. At this level, governance processes are continuously improved, fully integrated into the organization, and are considered to be well-established and effective. These practices are typically aligned with business goals, and improvements are made based on data-driven insights.
Here’s a brief overview of the maturity levels in COBIT:
Level 0 (Incomplete): Processes are either nonexistent or not effectively implemented.
**Level 1 (Performed) **: Processes are ad-hoc or reactive, but some performance is achieved.
Level 3 (Defined): Processes are well-defined, standardized, and institutionalized within the organization.
Level 5 (Optimized): Processes are optimized and continuously improved to support business goals efficiently.
Therefore, Level 5 is the maturity level that represents an effective and refined set of governance practices.
You are attempting to remove a legal hold policy that you have enabled for an Azure storage account container, but when you edit the policy, you cannot save changes to it. What is the problem?
A. You lack the correct permissions
B. You must wait for the legal hold time frame to expire
C. Legal hold tags have not been deleted
D. Legal hold policies can never be removed after they have been set
C. Legal hold tags have not been deleted
In Azure, legal holds are applied using legal hold tags. If a legal hold tag is still active on the data, the legal hold policy cannot be removed until those tags are deleted. Therefore, the issue you’re encountering — not being able to save changes when trying to remove a legal hold — is likely due to legal hold tags still being present.
Steps to resolve:
Check for legal hold tags applied to the data in the container.
Delete any legal hold tags that are still in place.
Once the tags are deleted, you should be able to edit or remove the legal hold policy.
This is the most common reason why changes to a legal hold policy cannot be saved.
A software developer needs to modify code but would like to ensure that other developers cannot modify that same segment of code. What should the developer do?
A. Check the code out
B. Export the code
C. Check the code in
D. Digitally sign the code
A. Check the code out
When a software developer wants to modify code but ensure that no other developers can modify the same segment of code simultaneously, they should check the code out from the version control system. Checking the code out typically locks the code or creates a working copy that the developer can modify. Other developers are prevented from making changes to that code until it is checked back in.
