Page | 1
FORENSICS MIDTERM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
The term _______ describes a database containing informational records
about crimes that have been committed previously by a criminal. Ans:
police blotter
Within a computing investigation, the ability to perform a series of steps
again and again to produce the same results is known as _______. Ans:
repeatable findings
What tool, currently maintained by the IRS Criminal Investigation
Division and limited to use by law enforcement, can analyze and read
special files that are copies of a disk? Ans: ILook
The _______ is not one of the three stages of a typical criminal case.
Ans: civil suit
hich amendment to the U.S. Constitution protects everyone's right to be
secure in their person, residence, and property from search and seizure?
Ans: Fourth Amendment
After the evidence has been presented in a trial by jury, the jury must
deliver a Ans: verdict
In what year was the Computer Fraud and Abuse Act passed? Ans: 1986
After a judge approves and signs a search warrant, the _______ is
responsible for the collection of evidence as defined by the warrant.
Ans: Digital Evidence First Responder
The sale of sensitive or confidential company information to a competitor
Ans: industrial espionage
is not recommended for a digital forensics workstation. Ans: Remote
access software
, Page | 2
The _______ is responsible for analyzing data and determining when
another specialist should be called in to assist with analysis. Ans: Digital
Evidence Specialist
must be included in an affidavit to support an allegation in order to justify
a warrant Ans: Exhibits
describes an accusation of fact that a crime has been committed. Ans:
Allegation
If a police officer or investigator has sufficient cause to support a search
warrant, the prosecuting attorney might direct him or her to submit a(n)
_______. Ans: affidavit
Which option below is not a standard systems analysis step? Ans: Share
evidence with experts outside of the investigation.
Which Microsoft OS below is the least intrusive to disks in terms of
changing data? Ans: MS-DOS 6.22
An evidence custody form does not usually contain _______. Ans: a
witness list
_______ is not one of the functions of the investigations triad. Ans: data
recovery
Signed into law in 1973, the _______ was/were created to ensure
consistency in federal proceedings Ans: Federal Rules of Evidence
A chain-of-evidence form, which is used to document what has and has
not been done with the original evidence and forensic copies of the
evidence, is also known as a(n) _______. Ans: evidence custody form
What percentage of consumers utilize Intel and AMD PCs? Ans: 90%
Which ISO standard below is followed by the ASCLD? Ans: 17025:2005
Which option below is not one of the recommended practices for
maintaining a keyed padlock? Ans: Use a master key
FORENSICS MIDTERM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
The term _______ describes a database containing informational records
about crimes that have been committed previously by a criminal. Ans:
police blotter
Within a computing investigation, the ability to perform a series of steps
again and again to produce the same results is known as _______. Ans:
repeatable findings
What tool, currently maintained by the IRS Criminal Investigation
Division and limited to use by law enforcement, can analyze and read
special files that are copies of a disk? Ans: ILook
The _______ is not one of the three stages of a typical criminal case.
Ans: civil suit
hich amendment to the U.S. Constitution protects everyone's right to be
secure in their person, residence, and property from search and seizure?
Ans: Fourth Amendment
After the evidence has been presented in a trial by jury, the jury must
deliver a Ans: verdict
In what year was the Computer Fraud and Abuse Act passed? Ans: 1986
After a judge approves and signs a search warrant, the _______ is
responsible for the collection of evidence as defined by the warrant.
Ans: Digital Evidence First Responder
The sale of sensitive or confidential company information to a competitor
Ans: industrial espionage
is not recommended for a digital forensics workstation. Ans: Remote
access software
, Page | 2
The _______ is responsible for analyzing data and determining when
another specialist should be called in to assist with analysis. Ans: Digital
Evidence Specialist
must be included in an affidavit to support an allegation in order to justify
a warrant Ans: Exhibits
describes an accusation of fact that a crime has been committed. Ans:
Allegation
If a police officer or investigator has sufficient cause to support a search
warrant, the prosecuting attorney might direct him or her to submit a(n)
_______. Ans: affidavit
Which option below is not a standard systems analysis step? Ans: Share
evidence with experts outside of the investigation.
Which Microsoft OS below is the least intrusive to disks in terms of
changing data? Ans: MS-DOS 6.22
An evidence custody form does not usually contain _______. Ans: a
witness list
_______ is not one of the functions of the investigations triad. Ans: data
recovery
Signed into law in 1973, the _______ was/were created to ensure
consistency in federal proceedings Ans: Federal Rules of Evidence
A chain-of-evidence form, which is used to document what has and has
not been done with the original evidence and forensic copies of the
evidence, is also known as a(n) _______. Ans: evidence custody form
What percentage of consumers utilize Intel and AMD PCs? Ans: 90%
Which ISO standard below is followed by the ASCLD? Ans: 17025:2005
Which option below is not one of the recommended practices for
maintaining a keyed padlock? Ans: Use a master key
