WGU D431 - Digital Forensics in Cybersecurity
Study online at https://quizlet.com/_e1cdsb
A set of codes defining all the various keystrokes you could make,
American Standard Code for Information Interchange (ASCII) including letters, numbers, characters, and even the spacebar and
return keys.
The process of sending an email message to an anonymizer. The
anonymizer strips identifying information from an email message
Anonymous remailing
before forwarding it with the anonymous mailing computer's IP
address.
The actions that perpetrators take to conceal their locations, ac-
Anti-forensics
tivities, or identities.
Cryptography wherein two keys are used: one to encrypt the
Asymmetric cryptography
message and another to decrypt it.
A high-speed connection technology that uses fixed-length,
Asynchronous transfer mode (ATM)
53-byte packets called calls.
Authenticate To verify the identity of a person, or to verify evidence.
The part of the cell network responsible for communications be-
Base transceiver station (BTS)
tween the mobile phone and the network switching system.
The basic instructions stored on a chip for booting up the comput-
Basic input/output system (BIOS)
er.
Information at the level of actual 1s and 0s stored in memory or
Bit-level information
on the storage device.
A form of cryptography that encrypts data in blocks; 64-bit blocks
Block cipher are quite common, although some algorithms (like AES) use larger
blocks.
A special program, such as U-Boot or RedBoot, that is stored in a
Bootstrap environment
special section of the flash memory.
An attack in which the attacker tries to decrypt a message by
Brute-force attack
simply applying every possible key in the keyspace.
A plan for maintaining minimal operations until the business can
Business continuity plan (BCP)
return to full normal operations.
An analysis of how specific incidents might impact the business
Business impact analysis (BIA)
operations.
The method of cryptography in which someone chooses a number
by which to shift each letter of a text in the alphabet and substitute
Caesar cipher
the new letter for the letter being encrypted. This is also known as
a monoalphabet, single-alphabet, or substitution cipher.
Carrier The signal, stream, or data file in which the payload is hidden.
Cell-phone forensics The process of searching the contents of cell phones.
The continuity of control of evidence that makes it possible to
Chain of custody account for all that has happened to evidence between its original
collection and its appearance in court, preferably unaltered.
The type of medium used to hide data in steganography. This may
Channel
be photos, video, sound files, or Voice over IP.
An environment that has a controlled level of contamination, such
Clean room
as from dust, microbes, and other particles.
The practice of delivering hosted services over the internet. This
Cloud computing can be software as a service, platform as a service, or infrastruc-
ture as a service.
The use of analytical and investigative techniques to identify,
Computer forensics collect, examine, and preserve computer-based material for pre-
sentation as evidence in a court of law.
A technique for file system repair that involves scanning a disk's
Consistency checking logical structure and ensuring that it is consistent with its specifi-
cation.
, WGU D431 - Digital Forensics in Cybersecurity
Study online at https://quizlet.com/_e1cdsb
A method of using techniques other than brute force to derive a
Cryptanalysis
cryptographic key.
An extensive document expounding one's experience and quali-
Curriculum vitae (CV) fications for a position, similar to a résumé but with more detail. In
academia and expert work, it is usually used rather than a résumé.
The use of electronic communications to harass or threaten an-
Cyberstalking
other person.
Data consistency The act of ensuring the data that is extracted is consistent.
The standard holding that only methods and tools widely accepted
Daubert standard
in the scientific community can be used in court.
Information that helps explain other evidence. An example is a
Demonstrative evidence
chart that explains a technical concept to the judge and jury.
An attack designed to overwhelm the target system so it can no
Denial-of-service (DoS) attack
longer reply to legitimate requests for connection.
Information that has been processed and assembled so that it
Digital evidence is relevant to an investigation and supports a specific finding or
determination.
Computer forensics expanded to include smartphones, smart
Digital forensics watches, and other current and forthcoming digital media and
devices.
Disaster recovery plan (DRP) A plan for returning the business to full normal operations.
The process of acquiring and analyzing information stored on
Disk forensics physical storage media, such as computer hard drives or smart-
phones.
Disk Operating System (DOS) A command-line operating system.
Distribution of data across multiple disk sectors to improve speed
Disk striping
(also called RAID 0).
An attack in which the attacker seeks to infect several machines,
Distributed denial-of-service (DDoS) attack and use those machines to overwhelm the target system to
achieve a denial of service.
Data stored in written form, on paper or in electronic files, such as
Documentary evidence email messages and telephone call-detail records. Investigators
must authenticate documentary evidence.
The functional dimensions of a drive in terms of the number of
Drive geometry
heads, cylinders, and sectors per track.
A complete copy of every bit of memory or cache recorded in
Dump
permanent storage or printed on paper.
A unique identification number developed by the U.S. Federal
Electronic serial number (ESN)
Communications Commission (FCC) to identify cell phones.
The study of the source and content of email as evidence, in-
Email forensics cluding the identification of the sender, recipient, date, time, and
origination location of an email message.
A technology that does not fit neatly into the 2G/3G/4G spectrum.
Enhanced data rates for GSM evolution (EDGE) It is technically considered pre-3G but was an improvement on
GSM (2G).
The total number of coprime numbers. Two numbers are consid-
Euler's Totient
ered coprime if they have no common factors.
A formal document prepared by a forensics specialist to document
an investigation, including a list of all tests conducted as well as
Expert report
the specialist's own curriculum vitae (CV). Anything the specialist
plans to testify about at a trial must be included in the expert report.
Expert testimony
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MEGAMINDS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £12.99. You're not tied to anything after your purchase.