MIDTERM STUDY SET ITSY 2343
The file where the bit-stream copy is stored Correct Answer: Bit stream image
The decision returned by a jury Correct Answer: Verdict
The legal act of acquiring evidence for an investigation Correct Answer: Search and Seizure
A professional who secures dig...
MIDTERM STUDY SET ITSY 2343
The file where the bit-stream copy is stored Correct Answer: Bit stream image
The decision returned by a jury Correct Answer: Verdict
The legal act of acquiring evidence for an investigation Correct Answer: Search and Seizure
A professional who secures digital evidence at the scene and ensures its viability while transporting it to
the lab Correct Answer: Digital Evidence First Responder
Evidence that indicates a suspect is guilty of the crime with which he or she is charged Correct Answer:
Inculpatory Evidence
The order in which people or positions are notified of a problem; these people or positions have the
legal right to initiate an investigation, take possession of evidence, and have access to evidence Correct
Answer: Line of Authrity
Text displayed on computer screens when people log on to a company computer; this text states
ownership of the computer and specifies appropriate use of the machine or Internet access Correct
Answer: Warning Banner
A form that dedicates a page for each item retrieved for a case; it allows investigators to add more detail
about exactly what was done to the evidence each time it was taken from the storage locker Correct
Answer: Single Evidence Form
In a private-sector environment, the person who has the right to request an investigation, such as the
chief security officer or chief intelligence officer Correct Answer: Authorized Requester
An expert who analyzes digital evidence and determines whether additional specialists are needed
Correct Answer: DES Digital Evidence Specialist
Digital forensics and data recovery refer to the same activities. True or False? Correct Answer: False
2. Police in the United States must use procedures that adhere to which of the following? Correct
Answer: Fourth Amendment
3. The triad of computing security includes which of the following? Correct Answer: Vulnerability/threat
assessment, intrusion detection and incident response, and digital investigation
4. What's the purpose of maintaining a network of digital forensics specialists? Correct Answer: To
develop a list of colleagues who specialize in areas different from your own specialties in case youneed
help on an investigation.
6. List two items that should appear on a warning banner. Correct Answer: Statements that the
organization has the right to monitor what users do, that their e-mail is not personal, and so on
, 7. Under normal circumstances, a private-sector investigator is considered an agent of law enforcement.
True or False? Correct Answer: False
8. List two types of digital investigations typically conducted in a business environment. Correct Answer:
Fraud, embezzlement, insider trading, espionage, and e-mail harassment
9. What is professional conduct, and why is it important? Correct Answer: Professional conduct includes
ethics, morals, and standards of behavior. It affects your credibility.
10. What's the purpose of an affidavit? Correct Answer: To provide facts in support of evidence of a
crime to submit to a judge when requesting a search warrant
11. What are the necessary components of a search warrant? Correct Answer: must specify who, what,
when, and where—that is, specifics on place, time, items being searched for, and so forth—and include
any supporting materials (affidavits and exhibits, for example). In addition,it must be signed by an
impartial judicial officer. In many cases, it can also limit the scope of what can be seized.
12. What are some ways to determine the resources needed for an investigation? Correct Answer:
Determine the OS of the suspect computer and list the software needed for the examination.
13. List three items that should be on an evidence custody form. Correct Answer: case number, name of
the investigator assigned to the case, nature of the case, location where evidence was obtained,
description of the evidence, and so on.
14. Why should you do a standard risk assessment to prepare for an investigation? Correct Answer: To
list problems that might happen when conducting an investigation, which can help in planning your case
15. You should always prove the allegations made by the person who hired you. True or False? Correct
Answer: False
16. For digital evidence, an evidence bag is typically made of antistatic material. True or False? Correct
Answer: True
17. Why should evidence media be write-protected? Correct Answer: To make sure data isn't altered
18. List three items that should be in your case report. Correct Answer: explanation of basic computer
and network processes, a narrative of what steps you took, a description of your findings, and log files
generated from your analysis tools.
19. Why should you critique your case after it's finished? Correct Answer: To improve your work
20. What do you call a list of people who have had physical possession of the evidence? Correct Answer:
Chain of custody
21. Data collected before an attorney issues a memo for an attorney-client privilege case is protected
under the confidential work product rule. True or False? Correct Answer: False. All data collected before
an attorney issues notice of attorney-client privilege is subject to discovery by opposing counsel.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ElonMusk. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
