Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

NWIT 263 Midterms Chapter 1 and 2 Exam: Digital Forensics and Data Recovery, Exams of Forensics

A series of true/false questions and multiple-choice questions related to digital forensics and data recovery. It covers topics such as the fourth amendment, the triad of computing security, professional conduct, search warrants, evidence handling, and digital forensics labs. Answers to each question, making it a valuable resource for students studying digital forensics.

Typology: Exams

2024/2025

Available from 02/12/2025

lyudmila-hanae
lyudmila-hanae 🇺🇸

1

(2)

7.8K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
NWIT 263 Midterms Chapter 1 and 2 Exam 100% Verified
Digital forensics and data recovery refer to the same activities. True or False? -
ANSWER False
Police in the United States must use procedures that adhere to which of the following?
a. Third Amendment
b. Fourth Amendment
c. First Amendment
d. None of the above - ANSWER b. Fourth Amendment
The triad of computing security includes: - ANSWER Vulnerability/threat assessment
and risk management
Network intrusion detection and incident response
Digital investigation
What's the purpose of maintaining a network of digital forensics specialists? -
ANSWER Not everyone knows everything, so having a network of digital forensics
specialists to call on can help with a case you can't solve.
Policies can address rules for which of the following?
a. When you can log on to a company network from home
b. The Internet sites you can or can't access
c. The amount of personal e-mail you can send
d. Any of the above - ANSWER d. Any of the above
pf3
pf4
pf5

Partial preview of the text

Download NWIT 263 Midterms Chapter 1 and 2 Exam: Digital Forensics and Data Recovery and more Exams Forensics in PDF only on Docsity!

NWIT 263 Midterms Chapter 1 and 2 Exam 100% Verified

Digital forensics and data recovery refer to the same activities. True or False? -ANSWER False

Police in the United States must use procedures that adhere to which of the following? a. Third Amendment b. Fourth Amendment c. First Amendmentd. None of the above - ANSWER b. Fourth Amendment

The triad of computing security includes: -and risk management ANSWER Vulnerability/threat assessment Network intrusion detection and incident responseDigital investigation

What's the purpose of maintaining a network of digital forensics specialists? -ANSWER Not everyone knows everything, so having a network of digital forensics specialists to call on can help with a case you can't solve. Policies can address rules for which of the following? a. When you can log on to a company network from homeb. The Internet sites you can or can't access c. The amount of personal e-mail you can sendd. Any of the above - ANSWER d. Any of the above

Under normal circumstances, a private-sector investigator is considered an agent oflaw enforcement. True or False? - ANSWER False

List two types of digital investigations typically conducted in a business environment. -ANSWER Embezzlement Falsification of data What is professional conduct, and why is it important? -is ethics, morals, and standards of behavior, and is critical because it determines ANSWER Professional conduct credibility. What's the purpose of an affidavit? -a search warrant from a judge before seizing evidence. ANSWER The purpose of the affidavit is to request

What are the necessary components of a search warrant? -warrant includes a notarized affidavit and must include exhibits/evidence that support ANSWER The search the allegations to justify the warrant. What are some ways to determine the resources needed for an investigation? -ANSWER Based on the OS of the computer you're investigating, list the software you plan to use for the investigation, noting any other software, tools, or expert assistanceyou might need.

List three items that should be on an evidence custody form. -Investigating organization ANSWER Case number Investigator Why should you do a standard risk assessment to prepare for an investigation? -ANSWER To identify the risks before conducting the investigation, and then to identify how to minimize those risks.

The manager of a digital forensics' lab is responsible for which of the following? (Chooseall that apply.)

a. Making necessary changes in lab procedures and software b. Ensuring that staff members have enough training to the job c. Knowing the lab objectivesd. None of the above - ANSWER a. Making necessary changes in lab procedures and softwareb. Ensuring that staff members have enough training to the job c. Knowing the lab objectives To determine the types of operating systems needed in your lab, list two sources ofinformation you could use. - ANSWER Uniform crime Reports statistics for your area A list of cases handled in your company. List two popular certification programs for digital forensics. -(International Association of Computer Investigative Specialists) ANSWER IACIS EnCe (EnCase Certified Examiner) HTCN (High-Tech Crime Network)ACE (AccessData Certified Examiner)

Why is physical security so critical for digital forensics labs? -preserve the integrity of evidence. ANSWER It is critical to

If a visitor to your digital forensics lab is a friend, it's not necessary to have him or hersign the visitor's log. True or False? - ANSWER False

What three items should you research before enlisting in a certification program? -ANSWER Requirements Cost

Acceptability in your area of employment. Large digital forensics labs should have at least how many exits? - ANSWER 2 Which lab typically has a separate storage area or room for evidence? -Large/Regional labs, usually for FBI or state law enforcement. ANSWER

Digital forensics facilities always have windows. True or False? - ANSWER False Evidence storage containers should have several master keys. True or False? -ANSWER False

A forensic workstation should always have a direct broadband connection to theinternet. True or false? - ANSWER False

Which organization provides good information on safe storage containers? -NISPOM (National Industrial Security Program Operating Manual) ANSWER

Which organization has guidelines on how to operate a digital forensics lab? -ANSWER ASCLD (American Society of Crime Laboratory Directors)

What term refers to labs constructed to shield EMR emissions? - ANSWER TEMPEST