1 of 76
Term
The term testimonial evidence refers to the process of examining
malicious computer code.
Give this one a try later!
Shut down according to recommended Secret Service procedure. If it is on, do
not start searching through the computer. Instead, properly shut down the
computer and prepare it for transport as evidence.
, True: RAM is volatile memory and it stores the programs and data you currently
have open, but only for as long as the computer has power supplied to it.
However, that level of knowledge is inadequate for forensics.
False: At one time, all forensics, including computer forensics, was the exclusive
domain of law enforcement. That is no longer the case. Today, the following
entities are also involved in and actively using computer forensics: the military,
government agencies, law firms, academia, corporations, insurance companies
and individuals are some examples.
False: Testimonial evidence is information that forensic specialists use to
support or interpret real or documentary evidence. For example, they may
employ testimonial evidence to demonstrate that the fingerprints found on
a keyboard are those of a specific individual. Or system access controls
might show that a particular user stored specific photographs on a
desktop.
Don't know?
2 of 76
Term
If the computer is turned on when you arrive, what does the Secret
Service recommend you do?
Give this one a try later!
Preserve evidence integrity. The objective in computer forensics is to recover,
analyze, and present computer-based material in such a way that it can be used
as evidence in a court of law.
, Shut down according to recommended Secret Service procedure. If it is
on, do not start searching through the computer. Instead, properly shut
down the computer and prepare it for transport as evidence.
True: Other types of Programmable read-only memory are:Erasable
programmable read-only memory (EPROM)—Data is not lost when power is
removed andElectronically erasable programmable read-only memory
(EEPROM)—This is how the instructions in your computer's BIOS are stored.
Chain of custody
Don't know?
3 of 76
Term
Volatile memory is computer memory that requires power to
maintain the data it holds, and can be changed.
Give this one a try later!
True: RAM is volatile memory and it stores the programs and data you
currently have open, but only for as long as the computer has power
supplied to it. However, that level of knowledge is inadequate for
forensics.
False: Testimonial evidence is information that forensic specialists use to support
or interpret real or documentary evidence. For example, they may employ
testimonial evidence to demonstrate that the fingerprints found on a keyboard
are those of a specific individual. Or system access controls might show that a
particular user stored specific photographs on a desktop.
, False: Information includes raw numbers, pictures, and other "stuff" that may or
may not have relevance to a particular event or incident under investigation.
Digital evidence is information that has been processed and assembled so that it
is relevant to an investigation and supports a specific finding or determination.
True: The objective in computer forensics is to recover, analyze, and present
computer-based material in such a way that it can be used as evidence in a court
of law. In computer forensics, as in any other branch of forensic science, the
emphasis must be on the integrity and security of evidence. A forensic specialist
must adhere to stringent guidelines and avoid taking shortcuts.
Don't know?
4 of 76
Term
Which United States law requires telecommunications equipment
manufacturers to provide built-in surveillance capabilities for federal
agencies?
Give this one a try later!
Internet privacy protection act Telecommunications equipment
(ippa) compliance act (teca)
Communication Assistance to
Federal surveillance enhancement
Law Enforcement Act
act (fsea)
(CALEA)
Term
The term testimonial evidence refers to the process of examining
malicious computer code.
Give this one a try later!
Shut down according to recommended Secret Service procedure. If it is on, do
not start searching through the computer. Instead, properly shut down the
computer and prepare it for transport as evidence.
, True: RAM is volatile memory and it stores the programs and data you currently
have open, but only for as long as the computer has power supplied to it.
However, that level of knowledge is inadequate for forensics.
False: At one time, all forensics, including computer forensics, was the exclusive
domain of law enforcement. That is no longer the case. Today, the following
entities are also involved in and actively using computer forensics: the military,
government agencies, law firms, academia, corporations, insurance companies
and individuals are some examples.
False: Testimonial evidence is information that forensic specialists use to
support or interpret real or documentary evidence. For example, they may
employ testimonial evidence to demonstrate that the fingerprints found on
a keyboard are those of a specific individual. Or system access controls
might show that a particular user stored specific photographs on a
desktop.
Don't know?
2 of 76
Term
If the computer is turned on when you arrive, what does the Secret
Service recommend you do?
Give this one a try later!
Preserve evidence integrity. The objective in computer forensics is to recover,
analyze, and present computer-based material in such a way that it can be used
as evidence in a court of law.
, Shut down according to recommended Secret Service procedure. If it is
on, do not start searching through the computer. Instead, properly shut
down the computer and prepare it for transport as evidence.
True: Other types of Programmable read-only memory are:Erasable
programmable read-only memory (EPROM)—Data is not lost when power is
removed andElectronically erasable programmable read-only memory
(EEPROM)—This is how the instructions in your computer's BIOS are stored.
Chain of custody
Don't know?
3 of 76
Term
Volatile memory is computer memory that requires power to
maintain the data it holds, and can be changed.
Give this one a try later!
True: RAM is volatile memory and it stores the programs and data you
currently have open, but only for as long as the computer has power
supplied to it. However, that level of knowledge is inadequate for
forensics.
False: Testimonial evidence is information that forensic specialists use to support
or interpret real or documentary evidence. For example, they may employ
testimonial evidence to demonstrate that the fingerprints found on a keyboard
are those of a specific individual. Or system access controls might show that a
particular user stored specific photographs on a desktop.
, False: Information includes raw numbers, pictures, and other "stuff" that may or
may not have relevance to a particular event or incident under investigation.
Digital evidence is information that has been processed and assembled so that it
is relevant to an investigation and supports a specific finding or determination.
True: The objective in computer forensics is to recover, analyze, and present
computer-based material in such a way that it can be used as evidence in a court
of law. In computer forensics, as in any other branch of forensic science, the
emphasis must be on the integrity and security of evidence. A forensic specialist
must adhere to stringent guidelines and avoid taking shortcuts.
Don't know?
4 of 76
Term
Which United States law requires telecommunications equipment
manufacturers to provide built-in surveillance capabilities for federal
agencies?
Give this one a try later!
Internet privacy protection act Telecommunications equipment
(ippa) compliance act (teca)
Communication Assistance to
Federal surveillance enhancement
Law Enforcement Act
act (fsea)
(CALEA)
