Which starting-point forensic certification covers the general principles and techniques
of forensics, but not specific tools such as EnCase or FTK? - Ans EC Council Certified
Hacking Forensic Investigator
This forensic certification is open to both the public and private sectors and is specific to the
use and mastery of FTK. Requirements for taking the exam include completing the boot
camp and Windows forensic courses. - Ans AccessData Certified Examiner
Which of the following is the definition of hash? - Ans a function that is nonreversible,
takes variable-length input, produces fixed-length output, and has few or no collisions
What is meant by temporary data? - Ans data that an operating system creates and overwrites
without the computer user taking a direct action to save this data
The area of a hard drive that has never been allocated for file storage is the definition of
__________. - Ans unallocated space
Which of the following is the definition of steganalysis? - Ans the determination of whether
a file or communication hides other information
What name is given to the art and science of writing hidden messages? - Ans steganography
Which of the following use microchips that retain data in non-volatile memory chips and
contain no moving parts? - Ans SSDs
Blu-ray discs are the successor to the DVD and store up to __________ per layer. - Ans 25GB
, The U.S. Internal Revenue Service (IRS) invented the __________ proprietary file format used
by the iLook tool, which is restricted to law enforcement and government use only. -
Ans IXimager
__________ is the data to be covertly communicated. In other words, it is the message you
want to hide. - Ans Payload
The __________ cipher is the simplest single-alphabet substitution cipher. It is really just a
permutation of the Caesar cipher. All characters are rotated 13 characters through
the alphabet. - Ans ROT13
__________ is cryptography wherein two keys are used: one to encrypt the message and
another to decrypt it. - Ans asymmetric cryptography
What name is given to a method of attacking polyalphabetic substitution ciphers? This method
can be used to deduce the length of the keyword used in a polyalphabetic substitution cipher. -
Ans Kasiski examination
Those methods where the same key is used to encrypt and decrypt the plaintext is
the definition of: - Ans symmetric cryptography
The method of changing some part of the plaintext for some matching part of ciphertext in
cryptography is known as? - Ans substitution
There are two fundamental files that are part of NTFS that are of most interest. These are
the Master File Table (MFT), and the __________. - Ans cluster bitmap
The Linux/UNIX command __________ can be used to search for files, contents of files, and just
about anything else. - Ans grep
A popular Linux/UNIX search tool is: - Ans grep
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KenAli. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.79. You're not tied to anything after your purchase.