CSIA 135 FINAL EXAM QUESTIONS AND ANSWERS
Before signing on to a system, what does a user usually read that describes the user's responsibilities while using the system? - Answer- Warning banner
In a forensic investigation, what documents the evidence-gathering process and includes the history and possession of a sample from the time of its collection to its final disposition? - Answer- Chain of custody
What command displays the mappings between different layers of the network architecture? - Answer- arp
What disk-forensic tool creates direct disk-to-disk forensic duplicates and can copy a range of sectors within or between drives? - Answer- DriveSpy
What is a written order issued by a judge that directs a law enforcement officer to search for a particular piece of evidence at a particular location? - Answer- Search warrant
What process can contribute to associating events that occurred on a computer with a particular individual? - Answer- Time-frame analysis
What represents the space that exists between the end of the file and the end of the last
cluster used by that file? - Answer- Slack space
What term defines an event that threatens the security of a computer system or network
in an organization? - Answer- Incident
What term defines is defined as an empirically proven set of methods for performing a task in the best and most efficient way? - Answer- Best practices
Which of the following refers to a bit-by-bit copy of the original storage medium? - Answer- Bit-stream copy
A chain of custody document contains the following information about the obtained evidence: - Answer- Location where obtained
How should electronic devices gathered at a crime scene be treated? - Answer- as potential evidence
What is the term that measures of how perishable electronically stored data is? - Answer- Volatility
What procedure requires evidence to be marked using the format aaa/ddmmyy/nnnn/zz? - Answer- exhibit numbering What should a first responder do immediately after arriving at a crime scene? - Answer- identify the scene
Which of the following is NOT a potential source for electronic evidence? - Answer- File cabinet
identify the scene - Answer- it should be photographed
Which of the following is a set of tested tools designed to help in collecting genuine presentable evidence? - Answer- first responder toolkit
Which of the following is a written description created by individuals who are responsible for the evidence from the beginning until the end of the case? - Answer- chain of custody
Which term refers to a person who first arrives at a crime scene and accesses the victim's computer system once the incident has been reported? - Answer- first responder
In what type of incident might the perpetrator modify Web links so that whenever anyone uses one of the links, they are redirected to an unrelated Web address? - Answer- Subversion
In which type of incident does a person or program, acting on behalf of another person, perform an invalid action? - Answer- Repudiation
To which type of attack are DSL and cable modems more exposed due to the connections usually being open? - Answer- reconnaissance
What type of incident forces the victim to pay money to the attacker by threatening to reveal information that could lead to a severe loss for the victim? - Answer- extortion
Which incident-prevention strategy might involve the review of Internet Security and Acceleration (ISA) Server logs? - Answer- detecting intrusions
Which of the following involves not only responding to incidents but also triggering alerts
to prevent potential risks and threats? - Answer- Incident management
Which of the following is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activities? - Answer- CSIRT
Which of the following is an example of a low-level incident? - Answer- misuse of computer peripherals
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Greaterheights. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £10.15. You're not tied to anything after your purchase.