C431 - All Chapters WITH 100% correct answers

Cyberstalking The use of electronic communications to harass or threaten another person. Electronic Communications Privacy Act (ECPA) Restricts government access to stored emails and communications from ISPs and networks. Communication Assistance to Law Enforcement Act - CALEA (1994) Telecom design for lawful surveillance. Monitor phone, internet, VoIP in real-time. Essential for forensic investigators. Requires telecom carriers and manufacturers to design equipment with built-in surveillance capabilities. CAN-SPAM Act The CAN-SPAM Act (2003) governs unsolicited emails, requiring unsubscribe options and prohibiting deceptive sender practices. It aims to curb spam. 18 U.S.C 2252B Penalizes the use of misleading domain names associated with obscenity, especially content harmful to minors. Think of a misleading web signpost veering towards an "off-limits" area. Denial of service (DoS) attack An attack designed to overwhelm the target system so it can no longer reply to legitimate requests for connection. Distributed denial of service (DDoS) attack An attack in which the attacker seeks to infect several machines, and use those machines to overwhelm the target system to achieve a denial of service. Fraud A broad category of crime that can encompass many different activities, but essentially, any attempt to gain financial reward through deception. Identity theft Any use of another person's identity. Logic bomb Malware that executes its damage when a specific condition is met. Rainbow table Type of password crackers that work with precalculated hashes of all passwords available within a certain character space. Three-way handshake The process of connecting to a server that involves three packets being exchanged. Virus Any software that self-replicates. Anti-forensics The actions that perpetrators take to conceal their locations, activities, or identities. Cell-phone forensics The process of searching the contents of cell phones. Chain of Custody The continuity of control of evidence that makes it possible to account for all that has happened to evidence between its original collection and its appearance in court, preferably unaltered. computer forensics The use of analytical and investigative techniques to identify, collect, examine and preserve computer-based material for presentation as evidence in a court of law. Curriculum vitae (CV) An extensive document expounding one's experience and qualifications for a position, similar to a resume but with more detail. In academia and expert work, a CV is usually used rather than a resume. Daubert standard The standard holding that only methods and tools widely accepted in the scientific community can be used in court. Demonstrative evidence Information that helps explain other evidence. An example is a chart that explains a technical concept to the judge and jury. Digital evidence Information that helps explain other evidence. An example is a chart that explains a technical concept to the judge and jury. Disk forensics Information that has been processed and assembled so that it is relevant to an investigation and supports a specific finding or determination. Documentary evidence The process of acquiring and analyzing information stored on physical storage media, such as computer hard drives or smartphones. E-mail forensics Data stored in written form, on paper or in electronic files, such as e-mail messages, and telephone call-detail records. Investigators must authenticate documentary evidence. Expert report The study of the source and content of e-mail as evidence, including the identification of the sender, recipient, date, time, and origination location of an e-mail message. Expert testimony A formal document prepared by a forensics specialist to document an investigation, including a list of all tests conducted as well as the specialist's own curriculum vitae (CV). Anything the specialist plans to testify about at a trial must be included in the expert report. Internet forensics The testimony of an expert witness, one who testifies on the basis of scientific or technical knowledge relevant to a case, rather than personal experience. Live system forensics The process of searching memory in real time, typically for working with compromised hosts or to identify system abuse. Network forensics The process of examining network traffic, including transaction logs and real-time monitoring. Real evidence Physical objects that can be touched, held, or directly observed, such as a laptop with a suspect's fingerprints on it, or a handwritten note. Software forensics The process of examining malicious computer code. Testimonial evidence Information that forensic specialists use to support or interpret real or documentary evidence; for example, to demonstrate that the fingerprints found on a keyboard are those of a specific individual. Volatile memory Computer memory that requires that requires power to maintain the data it holds, and can be changed. RAM is highly volatile; EEPROM is very non-volatile. American Standard Code for Information Interchange (ASCII) A set of codes defining all the various keystrokes you could make, including letters, numbers, characters, and even the spacebar and return keys. ISO9660 A file system used with CDs. Unicode The international standard for information encoding. Universal Disk Format (UDF) A file system used with DVDs. Base transceiver station (BTS) Base Transceiver Station (BTS): Cellular network component for wireless signal transmission and reception to/from mobile devices. Electronic Serial Number (ESN) A unique identification number developed by the United States Federal Communications Commission (FCC) to identify cell phones. Enhanced Data Rates for GSM Evolution (EDGE) A technology that does not fit neatly into the 2G/3G/4G spectrum. It is technically considered pre-3G but was an improvement on GSM (2G). Global System for Mobile (GSM) A standard developed by the European Telecommunications Standards Institute (ETSI). Basically, GSM is the 2G network. Home location register (HLR) The database used by the MSC for subscriber data and service information. Integrated circuit card identifier (ICCID) A unique serial number that identifies each SIM. These numbers are engraved on the SIM during manufacturing. International Mobile Equipment Identity (IMEI) A unique number identifying GSM, LTE, and other types of phones. The first 8 bits of the ESN identify the manufacturer, and the subsequent 24 bits uniquely identify the phone. Long Term Evolution (LTE) A standard for wireless communication of high-speed data for mobile devices. This is what is commonly called 4G. Mobile switching center (MSC) A switching system for a cellular network. Personal identification number (PIN) An ID number for a cell phone user.