تكلم مع الذكاء الاصطناعي
Deck 1: Understanding the Digital Forensics Profession and Investigations
ملء الشاشة (f)
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
فتح الحزمة
قم بالتسجيل لفتح البطاقات في هذه المجموعة!
Unlock Deck
Unlock Deck
1/50
العب
ملء الشاشة (f)
Deck 1: Understanding the Digital Forensics Profession and Investigations
1
_______ is not one of the functions of the investigations triad.
A)Digital investigations
B)Data recovery
C)Vulnerability/ threat assessment and risk management
D)Network intrusion detection and incident response
A)Digital investigations
B)Data recovery
C)Vulnerability/ threat assessment and risk management
D)Network intrusion detection and incident response
B
2
The _______ is not one of the three stages of a typical criminal case.
A)complaint
B)investigation
C) civil suit
D) prosecution
A)complaint
B)investigation
C) civil suit
D) prosecution
C
3
All suspected industrial espionage cases should be treated as civil case investigations.
False
4
In what year was the Computer Fraud and Abuse Act passed?
A)1976
B)1980
C)1986
D)1996
A)1976
B)1980
C)1986
D)1996
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
5
Most digital investigations in the private sector involve misuse of computing assets.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
6
After a judge approves and signs a search warrant, the _______ is responsible for the collection of evidence as defined by the warrant.
A)Digital Evidence Recorder
B)Digital Evidence Specialist
C)Digital Evidence First Responder
D)Digital Evidence Scene Investigator
A)Digital Evidence Recorder
B)Digital Evidence Specialist
C)Digital Evidence First Responder
D)Digital Evidence Scene Investigator
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
7
Within a computing investigation, the ability to perform a series of steps again and again to produce the same results is known as _______.
A)repeatable findings
B)reloadable steps
C)verifiable reporting
D)evidence reporting
A)repeatable findings
B)reloadable steps
C)verifiable reporting
D)evidence reporting
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
8
The _______ is responsible for analyzing data and determining when another specialist should be called in to assist with analysis.
A)Digital Evidence First Responder
B)Digital Evidence Specialist
C)Digital Evidence Analyst
D)Digital Evidence Examiner
A)Digital Evidence First Responder
B)Digital Evidence Specialist
C)Digital Evidence Analyst
D)Digital Evidence Examiner
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
9
After the evidence has been presented in a trial by jury, the jury must deliver a(n) _______.
A)exhibit
B)affidavit
C)allegation
D)verdict
A)exhibit
B)affidavit
C)allegation
D)verdict
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
10
What tool, currently maintained by the IRS Criminal Investigation Division and limited to use by law enforcement, can analyze and read special files that are copies of a disk?
A)AccessData Forensic Toolkit
B)DeepScan
C)ILook
D)Photorec
A)AccessData Forensic Toolkit
B)DeepScan
C)ILook
D)Photorec
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
11
Which Microsoft OS below is the least intrusive to disks in terms of changing data?
A)Windows 95
B)Windows XP
C)Windows 7
D)MS-DOS 6.22
A)Windows 95
B)Windows XP
C)Windows 7
D)MS-DOS 6.22
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
12
A chain-of-evidence form, which is used to document what has and has not been done with the original evidence and forensic copies of the evidence, is also known as a(n) _______.
A)single-evidence form
B)multi-evidence form
C)evidence custody form
D)evidence tracking form
A)single-evidence form
B)multi-evidence form
C)evidence custody form
D)evidence tracking form
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
13
User groups for a specific type of system can be very useful in a forensics investigation.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
14
An evidence custody form does not usually contain _______.
A)the nature of the case
B)a description of evidence
C)vendor names for computer components
D)a witness list
A)the nature of the case
B)a description of evidence
C)vendor names for computer components
D)a witness list
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
15
Which option below is not a standard systems analysis step?
A)Determine a preliminary design or approach to the case.
B)Obtain and copy an evidence drive.
C)Share evidence with experts outside of the investigation.
D)Mitigate or minimize the risks.
A)Determine a preliminary design or approach to the case.
B)Obtain and copy an evidence drive.
C)Share evidence with experts outside of the investigation.
D)Mitigate or minimize the risks.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
16
According to the National Institute of Standards and Technology (NIST), digital forensics involves scientifically examining and analyzing data from computer storage media so that it can be used as evidence in court.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
17
If a police officer or investigator has sufficient cause to support a search warrant, the prosecuting attorney might direct him or her to submit a(n) _______.
A)exhibit
B)verdict
C)affidavit
D)memo
A)exhibit
B)verdict
C)affidavit
D)memo
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
18
If you turn evidence over to law enforcement and begin working under their direction, you have become an agent of law enforcement, and are subject to the same restrictions on search and seizure as a law enforcement agent.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
19
Which amendment to the U.S. Constitution protects everyone's right to be secure in their person, residence, and property from search and seizure?
A)First Amendment
B)Second Amendment
C)Fourth Amendment
D)Fifth Amendment
A)First Amendment
B)Second Amendment
C)Fourth Amendment
D)Fifth Amendment
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
20
_______ is not recommended for a digital forensics workstation.
A)A text editor tool
B)A write-blocker device
C)An SCSI card
D)Remote access software
A)A text editor tool
B)A write-blocker device
C)An SCSI card
D)Remote access software
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
21
A(n) _______________ notifies end users that the organization owning the computer equipment reserves the right to inspect or search computer systems and network traffic at will.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
22
In 1987, the ____________ was introduced with an external EasyDrive hard disk with 60 MB of storage.
a.Authorized requester
a.Authorized requester
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
23
Match the following terms with the correct definitions below:
-A professional who secures digital evidence at the scene and ensures its viability while transporting it to the lab
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-A professional who secures digital evidence at the scene and ensures its viability while transporting it to the lab
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
24
Match the following terms with the correct definitions below:
-The decision returned by a jury
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-The decision returned by a jury
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
25
When conducting a digital forensics analysis under _______________ rules for an attorney, you must keep all findings confidential.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
26
Match the following terms with the correct definitions below:
-?A form that dedicates a page for each item retrieved for a case; it allows investigators to add more detail about exactly what was done to the evidence each time it was taken from the storage locker
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?A form that dedicates a page for each item retrieved for a case; it allows investigators to add more detail about exactly what was done to the evidence each time it was taken from the storage locker
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
27
Match the following terms with the correct definitions below:
-?Evidence that indicates a suspect is guilty of the crime with which he or she is charged
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?Evidence that indicates a suspect is guilty of the crime with which he or she is charged
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
28
Signed into law in 1973, the _______ was/ were created to ensure consistency in federal proceedings.
A)Federal Proceedings Law
B)Federal Rules of Evidence
C)Federal Consistency Standards
D)Federal Proceedings Rules
A)Federal Proceedings Law
B)Federal Rules of Evidence
C)Federal Consistency Standards
D)Federal Proceedings Rules
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
29
_______ describes an accusation of fact that a crime has been committed.
A)?Attrition
B)?Attribution
C)Allegation
D)Assignment
A)?Attrition
B)?Attribution
C)Allegation
D)Assignment
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
30
Match the following terms with the correct definitions below:
-?An expert who analyzes digital evidence and determines whether additional specialists are needed
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?An expert who analyzes digital evidence and determines whether additional specialists are needed
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
31
The sale of sensitive or confidential company information to a competitor is known as _______.
A)industrial sabotage
B)industrial espionage
C)industrial collusion
D)industrial betrayal
A)industrial sabotage
B)industrial espionage
C)industrial collusion
D)industrial betrayal
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
32
Match the following terms with the correct definitions below:
-The file where the bit-stream copy is stored
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-The file where the bit-stream copy is stored
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
33
_______ must be included in an affidavit to support an allegation in order to justify a warrant.
A)Verdicts
B)Witnesses
C)Exhibits
D)Subpoenas
A)Verdicts
B)Witnesses
C)Exhibits
D)Subpoenas
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
34
A(n) ________________ states who has the legal right to initiate an investigation, who can take possession of evidence, and who can have access to evidence.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
35
The term _______ describes a database containing informational records about crimes that have been committed previously by a criminal.
A)police ledger
B)police blotter
C)police blogger
D)police recorder
A)police ledger
B)police blotter
C)police blogger
D)police recorder
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
36
Match the following terms with the correct definitions below:
-?In a private-sector environment, the person who has the right to request an investigation, such as the chief security officer or chief intelligence officer
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?In a private-sector environment, the person who has the right to request an investigation, such as the chief security officer or chief intelligence officer
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
37
Match the following terms with the correct definitions below:
-?The legal act of acquiring evidence for an investigation
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?The legal act of acquiring evidence for an investigation
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
38
Match the following terms with the correct definitions below:
-?Text displayed on computer screens when people log on to a company computer; this text states ownership of the computer and specifies appropriate use of the machine or Internet access
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?Text displayed on computer screens when people log on to a company computer; this text states ownership of the computer and specifies appropriate use of the machine or Internet access
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
39
Match the following terms with the correct definitions below:
-?The order in which people or positions are notified of a problem; these people or positions have the legal right to initiate an investigation, take possession of evidence, and have access to evidence
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
-?The order in which people or positions are notified of a problem; these people or positions have the legal right to initiate an investigation, take possession of evidence, and have access to evidence
A)defense in depth (DiD)
B)distributed denial-of-service (DDoS) attacks
C)honeypot
D)honeywalls
E)layered network defense strategy
F)network forensics
G)type 1 hypervisor
H)type 2 hypervisor
I)zero day attacks
J)zombies
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
40
Typically, the _____________ requires a bootable DVD or USB flash drive that runs an independent OS in a suspect computer's RAM, with the goal of preserving data during an acquisition.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
41
What questions should someone consider prior to assisting in an interview or interrogation?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
42
Why is it important to maintain specific temperature and humidity ranges within a forensics lab?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
43
What must be done if data is found in the form of binary files, such as CAD drawings?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
44
What is a bit-stream image?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
45
Basic report writing involves answering the six Ws. What are they?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
46
Why is it important to have a well-defined policy, especially when investigators and forensics examiners are involved?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
47
What is the difference between a Digital Evidence First Responder (DEFR) and a Digital Evidence Specialist (DES)?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
48
What is the difference between an interview and an interrogation?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
49
Why must all evidence that is collected be treated with the highest level of security and accountability, even if the evidence is regarding an internal abuse investigation within an organization?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
50
Why is confidentiality critical in a corporate environment during and after an investigation of a terminated employee?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
