CTI2 Study Guide: Enclosure D
4 - ANS-how many basic phases are in the forensic process?
chain of custody - ANS-what is used to avoid allegations of handling or tampering with
evidence, and increases the probability of the evidence being entered into a court proceeding?
computer forensics - ANS-what is considered the application of science to the identification,
collection, examination and analysis of data while preserving the integrity of the information and
maintaining a strict chain of custody?
data analysis - ANS-network analysis comprises data sources, data collection, along with what
else?
full package capture - ANS-which type of data can provide complete insight and network
transactions that occurred between hosts?
incident analysis - ANS-what seeks to identify the root cause or causes of an incident and is
required to fully understand the scope, potential implications, and extended damage resulting
from the incident?
JMC - ANS-what must any malware, that is uncovered throughout the malware incident
response process, be cataloged to?
malware - ANS-what is defined as software designed and/or deployed by adversaries without
the consent or knowledge of the user in support of adversarial missions?
malware analysis - ANS-what is defined as the process of identifying, analyzing and
characterizing reported software artifacts suspected of being adversarial trade graph to help
defensive graph mitigation actions and strategies , CI activities and LE activities?
NIST SP 800-86 - ANS-which publication can guides be found on integrating forensic
techniques into incident response?
persistent - ANS-which type of data is stored in the IS's hard drives and removable storage
media that will not be changed when the IS is powered off?
reverse engineering - ANS-what is the most in depth form of malware analysis?
run time - ANS-which type of analysis is the controlled execution of the malware sample in an
isolated environment to monitor, observe and record run time behavior without impacting
mission critical systems and infrastructure?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller CHichii. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.