WGU C840 Digital Forensics in Cybersecurity

Document Content and Description Below

WGU C840 Digital Forensics in Cybersecurity The Computer Security Act of 1987 Correct Answer: Passed to improve the security and privacy of sensitive information in federal computer systems. The l... aw requires the establishment of minimum acceptable security practices, creation of computer security plans, and training of system users or owners of facilities that house sensitive information. The Foreign Intelligence Surveillance Act of 1978 (FISA) Correct Answer: A law that allows for collection of "foreign intelligence information" between foreign powers and agents of foreign powers using physical and electronic surveillance. A warrant is issued by a special court created by this Act for actions under this Act. The Child Protection and Sexual Predator Punishment Act of 1998 Correct Answer: Requires service providers that become aware of the storage or transmission of child pornography to report it to law enforcement. The Children's Online Privacy Protection Act of 1998 (COPPA) Correct Answer: Protects children 13 years of age and under from the collection and use of their personal information by Web sites. This act replaces the Child Online Protection Act of 1988 (COPA), which was determined to be unconstitutional. The Communications Decency Act of 1996 Correct Answer: Designed to protect persons 18 years of age and under from downloading or viewing material considered indecent. This act has been subject to court cases that subsequently changed some definitions and penalties The Telecommunications Act of 1996 Correct Answer: Includes many provisions relative to the privacy and disclosure of information in motion through and across telephony and computer networks. The Wireless Communications and Public Safety Act of 1999 Correct Answer: Allows for collection and use of "empty" communications, which means nonverbal and nontext communications, such as GPS information. The USA Patriot Act Correct Answer: The primary law under which a wide variety of Internet and communications information content and metadata is currently collected. Provisions exist within the Act to protect the identity and privacy of U.S. citizens The Sarbanes-Oxley Act of 2002 (SOX) Correct Answer: Contains many provisions about record-keeping and destruction of electronic records relating to the management and operation of publicly held companies. Anti-forensics Correct Answer: The actions that perpetrators take to conceal their locations, activities, or identities. Cell-phone forensics Correct Answer: The process of searching the contents of cell phones. Chain of custody Correct Answer: The continuity of control of evidence that makes it possible to account for all that has happened to evidence between its original collection and its appearance in court, preferably unaltered Computer forensics Correct Answer: The use of analytical and investigative techniques to identify, collect, examine and preserve computer-based material for presentation as evidence in a court of law Curriculum Vitae (CV) Correct Answer: An extensive document expounding one's experience and qualifications for a position, similar to a resume but with more detail. In academia and expert work, a CV is usually used rather than a resume Daubert Standard Correct Answer: The standard holding that only methods and tools widely accepted in the scientific community can be used in court. Demonstrative Evidence Correct Answer: Information that helps explain other evidence. And example is a chart that explains a technical concept to the judge and jury Digital Evidence Correct Answer: Information that has been processed and assembled so that it is relevant to an investigation and supports a specific finding or determination Disk Forensics Correct Answer: The process of acquiring and analyzing information stored on physical storage media, such as computer hard drives or smartphones Documentary Evidence Correct Answer: Data stored in written form, on paper or in electronic files, such as email messages and telephone call-detail records. Investigators must authenticate documentary evidence. Email Forensics Correct Answer: The study of the source and content of email as evidence, including the identification of the sender, recipient, date, time, and origination location of an email message. Expert Report Correct Answer: A formal document prepared by a forensics specialist to document an investigation, including a list of all tests conducted as well as the specialist's own Curriculum Vitae (CV). Anything the specialist plans to testify about at a trial must be included in the expert report. Expert Testimony Correct Answer: The testimony of an expert witness, one who testifies on the basis of scientific or technical knowledge relevant to a case, rather than personal experience. Internet Forensics Correct Answer: The process of piecing together where and when a user has been on the Internet Live System Forensics Correct Answer: The process of searching memory in real-time, typically for working with compromised hosts or to identify system abuse. Network Forensics Correct Answer: The process of examining network traffic, including transaction logs and real-time monitoring. Real Evidence Correct Answer: Physical objects that can be touched, held, or directly observed, such as a laptop with a suspect's fingerprints on it, or a handwritten note. Software Forensics Correct Answer: The process of examining malicious computer code Testimonial Evidence Correct Answer: Information that forensic specialists use to support or interpret real or documentary evidence; for example, to demonstrate that the fingerprints found on a keyboard are those of a specific individual Volatile Memory Correct Answer: Computer Memory that requires power to maintain the data it holds, and can be changed. RAM is highly volatile; EEPROM is very non-volatile. The payload Correct Answer: is the data covertly communicated. The carrier Correct Answer: is the signal, stream, or data file that hides the payload The channel Correct Answer: which typically means the type of input, such as a JPEG image Sometimes called the package, stego file, or covert message Correct Answer: The resulting signal, stream, or data file Encoding Density Correct Answer: The proportion of bytes, samples, or other signal elements modified to encode the payload. Is typically expressed as a number between 0 and 1. How the instructions in a computer's BIOS are stored? Correct Answer: EEPROM The most common computer hard drives today are __________. Correct Answer: SATA The term that is given to testimony taken from a witness or party to a case before a trial is known as what? Correct Answer: Deposition Computer forensics begins with a thorough understanding of what? Correct Answer: Computer Hardware Which of the following was the first file system created specifically for Linux? Correct Answer: Extended file system (Ext) Data about information, such as disk partition structures, and file tables, is called what? Correct Answer: Metadata A(n) __________ is the concatenatio [Show More]

Last updated: 2 years ago

Preview 1 out of 14 pages