FOR 3705 DIGITAL
FORENSICS EXAM 1
QUESTIONS WITH
CORRECT ANSWERS
, FOR 3705 DIGITAL FORENSICS EXAM 1 QUESTIONS WITH
CORRECT ANSWERS
___ created search-warrant programs - -Answer--IRS
____ command lists, creates, deletes, and verifies partitions in Linux - -Answer--fdisk
______ was formed in 1984 to handle cases involving digital evidence - -Answer--FBI Computer
Analysis and Response Team (CART)
_______ command formats a FAT file system from Linux - -Answer--mkfs.msdos
_______ protects everyone's right to be secure from search and seizure - -Answer--The Fourth
Amendment to the U.S. Constitution
-Separate search warrants might not be necessary for digital evidence
________ updates information on computer search and seizure regularly - -Answer--The
Department of Justice (DOJ)
(Attorney-Client Privilege Investigations) steps of conducting the case - -Answer---Request a
memorandum from the attorney directing you to start the investigation
-Request a list of keywords of interest to the investigation
-Initiate the investigation and analysis
-For disk drive examinations, make two bit-stream images using different tools for each image
-Compare hash signatures on all files on the original and re-created disks
(Email abuse investigation) To conduct an investigation you need: - -Answer---An electronic
copy of the offending e-mail that contains message header data
-If available, e-mail server log records
-For e-mail systems that store users' messages on a central server, access to the server
-Access to the computer so that you can perform a forensic analysis on it
-Your preferred computer forensics analysis tool
(Internet Abuse Investigation) To conduct an investigation you need: - -Answer---Organization's
Internet proxy server logs
-Suspect computer's IP address
-Suspect computer's disk drive
-Your preferred computer forensics analysis tool
•Non-government organizations (NGO) must comply with state _______ and federal ________
laws - -Answer--public disclosure;
Freedom of Information Act (FOIA)
•The media you use to store digital evidence usually depends on how long you need to keep it -
-Answer--CDs, DVDs
- Lifespan: 2 to 5 years
Solid-state USB drives
- Optimum choice, More durable
FORENSICS EXAM 1
QUESTIONS WITH
CORRECT ANSWERS
, FOR 3705 DIGITAL FORENSICS EXAM 1 QUESTIONS WITH
CORRECT ANSWERS
___ created search-warrant programs - -Answer--IRS
____ command lists, creates, deletes, and verifies partitions in Linux - -Answer--fdisk
______ was formed in 1984 to handle cases involving digital evidence - -Answer--FBI Computer
Analysis and Response Team (CART)
_______ command formats a FAT file system from Linux - -Answer--mkfs.msdos
_______ protects everyone's right to be secure from search and seizure - -Answer--The Fourth
Amendment to the U.S. Constitution
-Separate search warrants might not be necessary for digital evidence
________ updates information on computer search and seizure regularly - -Answer--The
Department of Justice (DOJ)
(Attorney-Client Privilege Investigations) steps of conducting the case - -Answer---Request a
memorandum from the attorney directing you to start the investigation
-Request a list of keywords of interest to the investigation
-Initiate the investigation and analysis
-For disk drive examinations, make two bit-stream images using different tools for each image
-Compare hash signatures on all files on the original and re-created disks
(Email abuse investigation) To conduct an investigation you need: - -Answer---An electronic
copy of the offending e-mail that contains message header data
-If available, e-mail server log records
-For e-mail systems that store users' messages on a central server, access to the server
-Access to the computer so that you can perform a forensic analysis on it
-Your preferred computer forensics analysis tool
(Internet Abuse Investigation) To conduct an investigation you need: - -Answer---Organization's
Internet proxy server logs
-Suspect computer's IP address
-Suspect computer's disk drive
-Your preferred computer forensics analysis tool
•Non-government organizations (NGO) must comply with state _______ and federal ________
laws - -Answer--public disclosure;
Freedom of Information Act (FOIA)
•The media you use to store digital evidence usually depends on how long you need to keep it -
-Answer--CDs, DVDs
- Lifespan: 2 to 5 years
Solid-state USB drives
- Optimum choice, More durable
