8/23/24, 2:31 WGU C702 Flashcards |
AM Quizlet
WGU C702
Leave the first rating
Students also studied
D 04
FI
Teacher40 terms Teacher45 terms Teacher86 terms Teacher
4
Preview Preview Preview
Practice questions for this set
Learn 1 /7 Study with Learn
Fraud and related activity in connection with access devices
Choose matching term
118 USC 1029 2Paraben's Chat Stick
3RoadMASSter-3 X2 4Tasklist
Don't know?
Terms in this set (264)
A set of methodological procedures and techniques that help identify, gather,
Computer Forensics preserve, extract, interpret, document, and present evidence from computers in a way
that is legally admissible
Any illegal act involving a computing device, network, its systems, or its
Cyber Crime
applications. Both internal and external
Enterprise Theory of Investigation (ETI) Methodology for investigating criminal activity
Types of Cyber Crime Civil, Criminal, Administrative
Involve disputes between two parties. Brought for violation of contracts and lawsuits
Civil Cases where a guilty outcome generally results in monetary damages to the plaintiff
WGU C702
https://quizlet.com/898631207/wgu-c702- 1
, 8/23/24, WGU C702 Flashcards |
Brought by law enforcement agencies in response to a suspected violation of law
Criminal Cases
where a guilty outcome results in monetary damages, imprisonment, or both
An internal investigation by an organization to discover if its
employees/clients/partners are abiding by the rules or policies (Violation of company
Administrative Cases
policies). Non-criminal in nature and are related to misconduct or activities of an
employee
Safeguard the integrity of the evidence and render it acceptable in a court of law.
The forensic examiner must make duplicate copies of the original evidence. The
duplicate copies must be accurate replications of the originals, and the forensic
Rules of Forensic Investigation
examiner must also authenticate the duplicate copies to avoid questions about the
integrity of the evidence. Must not continue with the investigation if the examination
is going to be
beyond his or her knowledge level or skill level.
1.Identify the computer crime 2.Collect preliminary evidence 3.Obtain court warrant
dor discovery/seizure of evidence 4.Perform first responder procedures 5.Seize
evidence at the crime scene 6. Transport evidence to lab 7.Create two bitstream
Cyber Crime Investigation
copies of the evidence 8. Generate MD5 checksum of the images 9. Maintain chain of
Methodology/Steps
custody 10.
Store original evidence in secure location 11. Analyze the image copy for evidence
12. Prepare a forensic report 13. Submit a report to client 14. Testify in course as an
expert witness
Anyone of anything, entering a crime scene takes something of the scene with
Locard's Exchange Principle
them and leaves something of themselves behind when they leave.
Volatile Data
Types of Digital Data
Non-volatile Data
Temporary information on a device that requires a constant power supply and
Volatile Data
is deleted if the power supply is interrupted
Secondary storage of data. Long-term, persistent data.
Non-Volatile Data Permanent data stored on secondary storage devices, such as hard disks and
memory cards.
1. Be Relevant
2.Be probative
3. Be authentic
Characteristics of Digital Evidence 4. Be accurate
5. Be complete
6.Be convincing
7.Be admissible
Evidence that can be legally and properly introduced in a civil or criminal
Admissible evidence
trial. Evidence is relevant to the case
Evidence that is in its original or genuine state.
Authentic Evidence Investigators must provide supporting documents regarding the authenticity,
accuracy, and integrity of the evidence
Complete Evidence Evidence must either prove or disprove the fact
evidence that possesses a sufficient degree of likelihood that it is true and
Reliable Evidence
accurate Evidence must be proven dependable when the evidence was extracted
Evidence must be presented in a clear manner and expert opinions must be
Believable Evidence
obtained where necessary
Rules of Evidence Rules governing the admissibility of evidence in trial courts.
WGU C702
https://quizlet.com/898631207/wgu-c702- 2
AM Quizlet
WGU C702
Leave the first rating
Students also studied
D 04
FI
Teacher40 terms Teacher45 terms Teacher86 terms Teacher
4
Preview Preview Preview
Practice questions for this set
Learn 1 /7 Study with Learn
Fraud and related activity in connection with access devices
Choose matching term
118 USC 1029 2Paraben's Chat Stick
3RoadMASSter-3 X2 4Tasklist
Don't know?
Terms in this set (264)
A set of methodological procedures and techniques that help identify, gather,
Computer Forensics preserve, extract, interpret, document, and present evidence from computers in a way
that is legally admissible
Any illegal act involving a computing device, network, its systems, or its
Cyber Crime
applications. Both internal and external
Enterprise Theory of Investigation (ETI) Methodology for investigating criminal activity
Types of Cyber Crime Civil, Criminal, Administrative
Involve disputes between two parties. Brought for violation of contracts and lawsuits
Civil Cases where a guilty outcome generally results in monetary damages to the plaintiff
WGU C702
https://quizlet.com/898631207/wgu-c702- 1
, 8/23/24, WGU C702 Flashcards |
Brought by law enforcement agencies in response to a suspected violation of law
Criminal Cases
where a guilty outcome results in monetary damages, imprisonment, or both
An internal investigation by an organization to discover if its
employees/clients/partners are abiding by the rules or policies (Violation of company
Administrative Cases
policies). Non-criminal in nature and are related to misconduct or activities of an
employee
Safeguard the integrity of the evidence and render it acceptable in a court of law.
The forensic examiner must make duplicate copies of the original evidence. The
duplicate copies must be accurate replications of the originals, and the forensic
Rules of Forensic Investigation
examiner must also authenticate the duplicate copies to avoid questions about the
integrity of the evidence. Must not continue with the investigation if the examination
is going to be
beyond his or her knowledge level or skill level.
1.Identify the computer crime 2.Collect preliminary evidence 3.Obtain court warrant
dor discovery/seizure of evidence 4.Perform first responder procedures 5.Seize
evidence at the crime scene 6. Transport evidence to lab 7.Create two bitstream
Cyber Crime Investigation
copies of the evidence 8. Generate MD5 checksum of the images 9. Maintain chain of
Methodology/Steps
custody 10.
Store original evidence in secure location 11. Analyze the image copy for evidence
12. Prepare a forensic report 13. Submit a report to client 14. Testify in course as an
expert witness
Anyone of anything, entering a crime scene takes something of the scene with
Locard's Exchange Principle
them and leaves something of themselves behind when they leave.
Volatile Data
Types of Digital Data
Non-volatile Data
Temporary information on a device that requires a constant power supply and
Volatile Data
is deleted if the power supply is interrupted
Secondary storage of data. Long-term, persistent data.
Non-Volatile Data Permanent data stored on secondary storage devices, such as hard disks and
memory cards.
1. Be Relevant
2.Be probative
3. Be authentic
Characteristics of Digital Evidence 4. Be accurate
5. Be complete
6.Be convincing
7.Be admissible
Evidence that can be legally and properly introduced in a civil or criminal
Admissible evidence
trial. Evidence is relevant to the case
Evidence that is in its original or genuine state.
Authentic Evidence Investigators must provide supporting documents regarding the authenticity,
accuracy, and integrity of the evidence
Complete Evidence Evidence must either prove or disprove the fact
evidence that possesses a sufficient degree of likelihood that it is true and
Reliable Evidence
accurate Evidence must be proven dependable when the evidence was extracted
Evidence must be presented in a clear manner and expert opinions must be
Believable Evidence
obtained where necessary
Rules of Evidence Rules governing the admissibility of evidence in trial courts.
WGU C702
https://quizlet.com/898631207/wgu-c702- 2
