BFOR 201 Midterm Exam With Complete Solutions (A+)
Forensics - ANSWER Application of scientific knowledge to crime investigation
Computer Forensics - ANSWER Examination, analysis, and evaluation of digital evidence
Acquisition - ANSWER Duplication, copying, and imaging of digital evidence
Original Evidence - ANSWER Physical/data items seized
Examination - ANSWER Technical review making evidence visible & suitable for
analysis, determine presence/absence of specific data
Data Extraction - ANSWER Process of identifying & recovering info. not immediately
apparent
Analysis - ANSWER Evaluating significance & probative value of exam. results
Data Analysis - ANSWER Assessment of info contained within the media
Digital Evidence - ANSWER Information of probative value, stored or transmitted in
binary form
Chain of Custody - ANSWER Chronological documentation of movement, location, and
possession of evidence
Basic Input Output System (BIOS) - ANSWER Set of routines stored in read-only memory
that enables the computer to start the operating system and to communicate the with
,the various devices in the system
Archiving - ANSWER Data storage process ideal for long term availability/retrieval
File Slack - ANSWER Data between logical end of the file and end of the last storage unit
Free Space - ANSWER Available storage area; may contain previously stored
information
Unallocated Space - ANSWER The same as free space; Allocation units not assigned to
active files within file system
digital forensics lab - ANSWER where you conduct your investigation
store evidence
house your equipment, hardware, software
includes permanent, temporary, and mobile facilities
include all personnel
ISO 17025 - ANSWER international lab standards
American Society of Crime Lab Directors- Lab Accreditation Board (ASCLD-LAB) -
ANSWER Offers standards and recommendations for
managing a lab through effective quality management
acquiring an official certification/accreditation
auditing lab function and procedures
criminal justice labs only (private and public)
, Scientific Working Group on Digital Evidence (SWGDE) - ANSWER Offers standards and
recommendations as a supplemental or alternative to ASCLD/LAB.
Lab Budget Planning - ANSWER estimate the number of computer cases your lab
expects to examine
take into account changes in technology
use statistics to determine what kind of computer crimes are more likely to occur
use this info to plan ahead your lab requirements and costs
acquiring certification and training - ANSWER update your skills through appropriate
training (thoroughly research the requirements, costs, and acceptability in your area of
employment)
international association of computer investigative specialists (IACIS) - ANSWER
created by police officers who wanted to formalize credentials in computing
investigations
ISC^2 Certified Cyber Forensics Professional (CCFP) - ANSWER requires knowledge of:
digital forensics
malware analysis
incident response
e-discovery
other disciplines related to cyber investigation
High Teach Crime Network (HTCN) - ANSWER certified computer crime investigator,
basic and advanced
certified computer forensic technician, basic and advanced
EnCase Certified Examiner (EnCE) Certification - ANSWER open to public and private
sections
Forensics - ANSWER Application of scientific knowledge to crime investigation
Computer Forensics - ANSWER Examination, analysis, and evaluation of digital evidence
Acquisition - ANSWER Duplication, copying, and imaging of digital evidence
Original Evidence - ANSWER Physical/data items seized
Examination - ANSWER Technical review making evidence visible & suitable for
analysis, determine presence/absence of specific data
Data Extraction - ANSWER Process of identifying & recovering info. not immediately
apparent
Analysis - ANSWER Evaluating significance & probative value of exam. results
Data Analysis - ANSWER Assessment of info contained within the media
Digital Evidence - ANSWER Information of probative value, stored or transmitted in
binary form
Chain of Custody - ANSWER Chronological documentation of movement, location, and
possession of evidence
Basic Input Output System (BIOS) - ANSWER Set of routines stored in read-only memory
that enables the computer to start the operating system and to communicate the with
,the various devices in the system
Archiving - ANSWER Data storage process ideal for long term availability/retrieval
File Slack - ANSWER Data between logical end of the file and end of the last storage unit
Free Space - ANSWER Available storage area; may contain previously stored
information
Unallocated Space - ANSWER The same as free space; Allocation units not assigned to
active files within file system
digital forensics lab - ANSWER where you conduct your investigation
store evidence
house your equipment, hardware, software
includes permanent, temporary, and mobile facilities
include all personnel
ISO 17025 - ANSWER international lab standards
American Society of Crime Lab Directors- Lab Accreditation Board (ASCLD-LAB) -
ANSWER Offers standards and recommendations for
managing a lab through effective quality management
acquiring an official certification/accreditation
auditing lab function and procedures
criminal justice labs only (private and public)
, Scientific Working Group on Digital Evidence (SWGDE) - ANSWER Offers standards and
recommendations as a supplemental or alternative to ASCLD/LAB.
Lab Budget Planning - ANSWER estimate the number of computer cases your lab
expects to examine
take into account changes in technology
use statistics to determine what kind of computer crimes are more likely to occur
use this info to plan ahead your lab requirements and costs
acquiring certification and training - ANSWER update your skills through appropriate
training (thoroughly research the requirements, costs, and acceptability in your area of
employment)
international association of computer investigative specialists (IACIS) - ANSWER
created by police officers who wanted to formalize credentials in computing
investigations
ISC^2 Certified Cyber Forensics Professional (CCFP) - ANSWER requires knowledge of:
digital forensics
malware analysis
incident response
e-discovery
other disciplines related to cyber investigation
High Teach Crime Network (HTCN) - ANSWER certified computer crime investigator,
basic and advanced
certified computer forensic technician, basic and advanced
EnCase Certified Examiner (EnCE) Certification - ANSWER open to public and private
sections
