Which of the following is true regarding computer forensics? - Answer-Computer forensics deals with the process of finding evidence related to a digital crime to find the culprits and initiate legal action against them.
Which of the following is NOT a objective of computer forensics? - Answer-Do...
WGU C702 CHFI AND OA
Which of the following is true regarding computer forensics? - Answer-Computer
forensics deals with the process of finding evidence related to a digital crime to find the
culprits and initiate legal action against them.
Which of the following is NOT a objective of computer forensics? - Answer-Document
vulnerabilities allowing further loss of intellectual property, finances, and reputation
during an attack.
Which of the following is true regarding Enterprise Theory of Investigation (ETI)? -
Answer-It adopts a holistic approach toward any criminal activity as a criminal operation
rather as a single criminal act.
Forensic readiness refers to: - Answer-An organization's ability to make optimal use of
digital evidence in a limited time period and with minimal investigation costs.
Which of the following is NOT a element of cybercrime? - Answer-Evidence smaller in
size.
Which of the following is true of cybercrimes? - Answer-Investigators, with a warrant,
have the authority to forcibly seize the computing devices.
Which of the following is true of cybercrimes? - Answer-The initial reporting of the
evidence is usually informal.
Which of the following is NOT a consideration during a cybercrime investigation? -
Answer-Value or cost to the victim.
Which of the following is a user-created source of potential evidence? - Answer-Address
book.
Which of the following is a computer-created source of potential evidence? - Answer-
Swap file.
Which of the following is NOT where potential evidence may be located? - Answer-
Processor.
Under which of the following conditions will duplicate evidence NOT suffice? - Answer-
When original evidence is in possession of the originator.
Which of the following Federal Rules of Evidence governs proceedings in the courts of
the United States? - Answer-Rule 101.
Which of the following Federal Rules of Evidence ensures that the truth may be
ascertained and the proceedings justly determined? - Answer-Rule 102.
,Which of the following Federal Rules of Evidence contains rulings on evidence? -
Answer-Rule 103
Which of the following Federal Rules of Evidence states that the court shall restrict the
evidence to its proper scope and instruct the jury accordingly? - Answer-Rule 105
Which of the following refers to a set of methodological procedures and techniques to
identify, gather, preserve, extract, interpret, document, and present evidence from
computing equipment in such a manner that the discovered evidence is acceptable
during a legal and/or administrative proceeding in a court of law? - Answer-Computer
Forensics.
Computer Forensics deals with the process of finding _____ related to a digital crime to
find the culprits and initiate legal action against them. - Answer-Evidence.
Minimizing the tangible and intangible losses to the organization or an individual is
considered an essential computer forensics use. - Answer-True.
Cybercrimes can be classified into the following two types of attacks, based on the line
of attack. - Answer-Internal and External.
Espionage, theft of intellectual property, manipulation of records, and trojan horse
attacks are examples of what? - Answer-Insider attack or primary attacks.
External attacks occur when there are inadequate information-security policies and
procedures. - Answer-True.
Which type of cases involve disputes between two parties? - Answer-Civil.
A computer forensic examiner can investigate any crime as long as he or she takes
detailed notes and follows the appropriate processes. - Answer-False.
________ is the standard investigative model used by the FBI when conducting
investigations against major criminal organizations. - Answer-Enterprise Theory of
Investigation (ETI).
Forensic readiness includes technical and nontechnical actions that maximize an
organization's competence to use digital evidence. - Answer-True.
Which of the following is the process of developing a strategy to address the occurrence
of any security breach in the system or network? - Answer-Incident Response.
Digital devices store data about session such as user and type of connection. - Answer-
True.
, Codes of ethics are the principles stated to describe the expected behavior of an
investigator while handling a case. Which of the following is NOT a principle that a
computer forensic investigator must follow? - Answer-Provide personal or prejudiced
opinions.
What must an investigator do in order to offer a good report to a court of law and ease
the prosecution? - Answer-Preserve the evidence.
What is the role of an expert witness? - Answer-To educate the public and court.
Which of the following is NOT a legitimate authorizer of a search warrant? - Answer-
First Responder.
Under which of the following circumstances has a court of law allowed investigators to
perform searches without a warrant? - Answer-Delay in obtaining a warrant may lead to
the destruction of evidence and hamper the investigation process.
Which of the following should be considered before planning and evaluating the budget
for the forensic investigation case? - Answer-Breakdown of costs into daily and annual
expenditure.
Which of the following should be physical location and structural design considerations
for forensics labs? - Answer-Lab exteriors should have no windows.
Which of the following should be work area considerations for forensics labs? - Answer-
Examiner station has an area of about 50-63 square feet.
Which of the following is NOT part of the Computer Forensics Investigation
Methodology? - Answer-Testify as an expert defendant.
Which of the following is NOT part of the Computer Forensics Investigation
Methodology? - Answer-Destroy the evidence.
Investigators can immediately take action after receiving a report of a security incident. -
Answer-False.
In forensics laws, "authenticating or identifying evidences" comes under which rule? -
Answer-Rule 901.
Courts call knowledgable persons to testify to the accuracy of the investigative process.
These people who tesify are known as the: - Answer-Expert witnesses.
A chain of custody is a critical document in the computer forensics investigation process
because the document provides legal validation of appropriate evidence handling. -
Answer-True.
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper GEEKA. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €12,20. Je zit daarna nergens aan vast.