100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CHFI Final Exam Study Guide Questions and Answers 100% Solved $17.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. CHFI
  4.  
  5. CHFI

Exam (elaborations)

CHFI Final Exam Study Guide Questions and Answers 100% Solved
 0 view  0 purchase
  • Course
  • CHFI
  • Institution
  • CHFI

CHFI Final Exam Study Guide Questions and Answers 100% Solved

Preview 4 out of 57  pages

Document information

  • October 22, 2024
  • 57
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • chfi final exam study guide questions and answers

Written for

  • CHFI
  • CHFI

Seller

avatar-seller
TheeGrades

Reviews received

Content preview

CHFI Final Exam Study Guide Questions
and Answers 100% Solved

Computer records fall into what 3 categories? - ✔✔1. Computer Generated.

Computer Stored.

Both Generated and Stored



They require authentication.




Plain View Policy - ✔✔Officer or agent has the ability to seize objects without a warrant, when
they are somewhere they have legal authority to be, and they immediately recognize the object as
illegal.




4th Amendment - ✔✔Right or expectation of Privacy

Governs the lawful search of a person, place, or thing.




Digital Evidence is defined as: - ✔✔Information of "probative value" that is stored or
transmitted in digital form.

Anti-Digital Forensic techniques: - ✔✔Overwriting data (Wiping).

Exploitation of bugs in forensic tools.

Obfuscation.

Hiding Data (Steganography, Cryptography, low-tech...)

,Volatile Data - ✔✔Can be modified, rapidly.


Non-Volatile data - ✔✔Secondary storage of data.

Long term, persistent data.




Transient Data - ✔✔Programs that reside in memory and cache data. (i.e. network connection,
user logout, ...)




Fragile Data - ✔✔Data temporarily saved to the hard disk and can be changed. (i.e. time stamps,
access times...)




Temporarily-Accessible Data - ✔✔Stored on hard disk and are accessible for a certain amount of
time.




Active Data - ✔✔Data used for daily operations.




Archival Data - ✔✔long term storage of data.




Backup Data - ✔✔Copy of system data, used for the recovery process.




Residual Data - ✔✔Data stored on a computer. in unassigned storage space, after it is deleted.

,Metadata - ✔✔data about a particular document.




Rules for allowing duplicate evidence. - ✔✔Original evidence is not available, due to: -
Evidence destroyed due to an uncontrollable event (Fire/ Flood).

-Evidence destroyed in normal course of business.

-Original evidence in possession of a third party.




Sources of data for digital evidence. - ✔✔Server.

Storage devices.

Logs.

Internal hardware.




Swap file - ✔✔space on a hard disk, used as the virtual memory extension of a computer's real
memory (RAM).




Key steps for Forensic Investigation - ✔✔1. Identify the Computer Crime.

Collect Primary Evidence.

Obtain court warrant for seizure (if required).

Perform first responder Procedures.

Seize evidence at the crime scene.

Transport Evidence to the forensic laboratory.

Create 2-bit stream copies of the evidence.

, Generate MD5 checksum on the images.

Chain of Custody.

Store the original evidence in a secure location.

Analyze the image copy for evidence.

Prepare a forensics report.

Submit the report to the client.

Attend Court and testify as an expert witness. (if necessary)




Modes of attack. - ✔✔Internal

External




Enterprise Theory of Investigation (ETI) - ✔✔Individuals commit crime, to further the Criminal
Enterprise (sindicate) itself.

Law Enforcement targets and dismantles the entire criminal enterprise.




What year did the FBI establish the first forensic Laboratory? - ✔✔1932




4 reasons for increase of computers in criminal activity? - ✔✔1. Expense

Speed.

Anonymity.

Fleeting nature of digital evidence.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller TheeGrades. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

83750 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$17.99
  • (0)
  Add to cart