



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A series of true/false questions and multiple-choice questions related to digital forensics and data recovery. It covers topics such as the fourth amendment, the triad of computing security, professional conduct, search warrants, evidence handling, and digital forensics labs. Answers to each question, making it a valuable resource for students studying digital forensics.
Typology: Exams
1 / 5
This page cannot be seen from the preview
Don't miss anything!
Digital forensics and data recovery refer to the same activities. True or False? -ANSWER False
Police in the United States must use procedures that adhere to which of the following? a. Third Amendment b. Fourth Amendment c. First Amendmentd. None of the above - ANSWER b. Fourth Amendment
The triad of computing security includes: -and risk management ANSWER Vulnerability/threat assessment Network intrusion detection and incident responseDigital investigation
What's the purpose of maintaining a network of digital forensics specialists? -ANSWER Not everyone knows everything, so having a network of digital forensics specialists to call on can help with a case you can't solve. Policies can address rules for which of the following? a. When you can log on to a company network from homeb. The Internet sites you can or can't access c. The amount of personal e-mail you can sendd. Any of the above - ANSWER d. Any of the above
Under normal circumstances, a private-sector investigator is considered an agent oflaw enforcement. True or False? - ANSWER False
List two types of digital investigations typically conducted in a business environment. -ANSWER Embezzlement Falsification of data What is professional conduct, and why is it important? -is ethics, morals, and standards of behavior, and is critical because it determines ANSWER Professional conduct credibility. What's the purpose of an affidavit? -a search warrant from a judge before seizing evidence. ANSWER The purpose of the affidavit is to request
What are the necessary components of a search warrant? -warrant includes a notarized affidavit and must include exhibits/evidence that support ANSWER The search the allegations to justify the warrant. What are some ways to determine the resources needed for an investigation? -ANSWER Based on the OS of the computer you're investigating, list the software you plan to use for the investigation, noting any other software, tools, or expert assistanceyou might need.
List three items that should be on an evidence custody form. -Investigating organization ANSWER Case number Investigator Why should you do a standard risk assessment to prepare for an investigation? -ANSWER To identify the risks before conducting the investigation, and then to identify how to minimize those risks.
The manager of a digital forensics' lab is responsible for which of the following? (Chooseall that apply.)
a. Making necessary changes in lab procedures and software b. Ensuring that staff members have enough training to the job c. Knowing the lab objectivesd. None of the above - ANSWER a. Making necessary changes in lab procedures and softwareb. Ensuring that staff members have enough training to the job c. Knowing the lab objectives To determine the types of operating systems needed in your lab, list two sources ofinformation you could use. - ANSWER Uniform crime Reports statistics for your area A list of cases handled in your company. List two popular certification programs for digital forensics. -(International Association of Computer Investigative Specialists) ANSWER IACIS EnCe (EnCase Certified Examiner) HTCN (High-Tech Crime Network)ACE (AccessData Certified Examiner)
Why is physical security so critical for digital forensics labs? -preserve the integrity of evidence. ANSWER It is critical to
If a visitor to your digital forensics lab is a friend, it's not necessary to have him or hersign the visitor's log. True or False? - ANSWER False
What three items should you research before enlisting in a certification program? -ANSWER Requirements Cost
Acceptability in your area of employment. Large digital forensics labs should have at least how many exits? - ANSWER 2 Which lab typically has a separate storage area or room for evidence? -Large/Regional labs, usually for FBI or state law enforcement. ANSWER
Digital forensics facilities always have windows. True or False? - ANSWER False Evidence storage containers should have several master keys. True or False? -ANSWER False
A forensic workstation should always have a direct broadband connection to theinternet. True or false? - ANSWER False
Which organization provides good information on safe storage containers? -NISPOM (National Industrial Security Program Operating Manual) ANSWER
Which organization has guidelines on how to operate a digital forensics lab? -ANSWER ASCLD (American Society of Crime Laboratory Directors)
What term refers to labs constructed to shield EMR emissions? - ANSWER TEMPEST