Security Tools Part 6 (Forensics) Flashcards

1
Q

What command-line utility is used to copy disk images using a bit by bit copying process?

A

dd

Note: You use dd to copy a disk image of evidense so that you can use the copy to conduct your investigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What data preview and imaging tool allows you to quickly assess electronic evidence to determine if it needs further analysis?

A

FTK Imager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What Linux command-line utility dumps system memory to the standard output stream, skipping over holes in memory maps?

A

Memdump

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What commercial disk editor and universal hexadecimal editor is used for data recovery and digital forensics?

A

WinHex

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What digital forensics platform uses a graphical interface to The Sleuth Kit and other digital forensics tools?

A

Autopsy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly