Exam (elaborations)
CHFI Module 1 Questions & Answers | Latest update 100% Solved
- Course
- Institution
CHFI Module 1 Questions & Answers | Latest update 100% Solved
[Show more]
Content preview
CHFI Module 1 Questions & Answers | Latest update100% Solved
Objectives of computer forensics - ✔✔The objective of computer forensic is to detect a
computer incident, identify the intruder, and prosecute the perpetrator in a court of law. As
the computer crime incidents escalate from theft of intellectual property to cyber terrorism, its
objectives become more pervasive in nature. The primary objectives of computer forensics
are summarized below:
It recovers, analyzes, and preserves the computer and associated materials in such a way
that they can be presented as evidences in a court of law.
It identifies the evidences in a short amount of time, estimates the potential impact of the
malicious activity on the victim, and evaluates the purpose and identity of the person who is
behind this activity.
Benefits of computer forensics - ✔✔Computer forensics provides the following benefits:
It ensures the integrity and continuous existence of computer system and network
infrastructure of an organization.
If the organization's computer systems or networks do get compromised, it helps in
capturing important information that helps with prosecuting the case.
It extracts, processes, and interprets the actual evidences to prove the attacker's activities and
the organization's innocence in court.
It efficiently tracks down cyber criminals and terrorists from different parts of the world.
IP addresses are used to determine the geographical position of terrorists.
It saves the organization capital and precious time.
It tracks complicated cases, such as child pornography and e-mail spamming.
Forensic readiness - ✔✔Forensic readiness attempts to achieve the following goals:
,It gathers critical evidences in a forensically sound manner without interfering the
regular business processes.
It gathers evidences representing potential criminal activities or disputes that affect an
organization.
It allows an investigation to proceed while keeping cost proportional to the cost of the incident.
It makes sure that the collected evidences can have a positive impact on the outcome of any
legal proceeding.
Benefits of forensic readiness - ✔✔The benefits of forensic readiness are as follows:
Evidence can be gathered to act in the defense of company if subject to a lawsuit.
In case of major incident, a fast and efficient investigation can be conducted and
corresponding actions can be followed with minimal disruption to the business.
The target of information security can be extended to the wider threat form cybercrime.
Fixed and structured approach for storage of evidence can reduce the cost and time of an
internal investigation.
Law enforcement interface can be improved and simplified.
In case of a major incident, proper and in-depth investigation can be conducted.
Forensic readiness planning - ✔✔Define the business scenarios that might require the
collection of digital evidence
Identify the potential available evidence
Determine the evidence collection requirement
Designate procedures for securely collecting evidence that meets the defined requirement in a
forensically acceptable manner
,Establish a policy for securely handling and storing the collected evidence
Ensure that the monitoring process is designed to detect and prevent unexpected or
adverse incidents
Ensure that investigative staff members are properly trained and capable of completing any
task related to evidence collection and preservation
Create step-by-step documentation of all activities performed and their impact
Ensure authorized review to facilitate action in response to the incident
Cybercrimes - ✔✔Computer crime, or cybercrime, refers to any crime that involves a computer
and a network. The computer is used in the commission of a crime, or it is the target. Physical
presence of anyone is not important for the cybercrime to take a place. The requirements to
commit cybercrimes are few, compared to the possible repercussions caused and easy to get as
programs and software are available on the Internet. Cybercrimes generate threats to the
nation's security and the personal financial health. They also affect privacy when confidential
information is lost or intercepted, lawfully or otherwise.
Computer facilitated crimes - ✔✔Dependency on the computer has offered a way to new
crimes. Computer-facilitated crimes develop new challenges for investigators because of their
speed, anonymity, and fleeting nature of evidence.
Modes of attacks - ✔✔Based on the line of attack, cybercrime can be categorized as follows:
1. Insider attack: An insider attack is an attack originating from inside a protected network. It
usually refers to an attack by a trusted member of the community, such as an employee.
Insider attacks are particularly insidious and difficult to protect because these attackers not
only get immediate access to the network, but they also require such access in order to serve
their functions.
, 2. External attack: In an external attack, attacker is hired by an insider or by an external entity
to destroy the reputation of the competitor.
Examples of Cybercrime - ✔✔Cybercrime involves illegal exploitation of computer
technologies. Cybercrimes usually use the Internet to commit crimes, such as fraud, identity
theft, sharing of information, and embezzlement. The following are some examples of
computer crime:
Fraud
Spamming
Unauthorized access
Intellectual property theft
Industrial espionage
Identity theft
Computer viruses or worms
Salami slicing
Denial-of-service attacks
Child pornography
Various computer crimes - ✔✔The first computer crime was reported in 1969. Today's
computer crimes pose new challenges for investigators by reason of their speed, anonymity, and
the fleeting nature of evidence.
Dependence on the computer provides the new ways of committing crimes. Computers crimes
include spamming, corporate espionage, identity theft, writing or spreading computer viruses and
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75323 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now