Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

61 Cards in this Set

  • Front
  • Back
Where does the greatest risk of cybercrime come from?
What are the five rules of evidence
1) Be authentic
2) Be accurate
3) Be admissible
4) Be complete
5) Be convincing
Computer forensics is really the marriage of computer science, information technology and engineering with:?
What principle allows us to identify aspects of the person responsible for a crime , when whenever committing a a crime, the perpetrator takes something and leaves something behind?
Locard's principle of exchange
what is the biggest hinder to dealing with computer crime?
Activity associated with computer crime is truly international
What are the phases of incident response
1) Triage /Documentation
2) Investigation
3) Containment
4) Analysis & Tracking
____ emphasizes the abstract concepts of law and is influenced by the writings of legal scholars and academics?
Civil Law
Which type of intellectual property covers the express of ideas rather than the ideas themselves?
Which type of intellectual property protects the goodwill a merchant or vendor invests in its products
Name the major legal systems
1) Common Law
2) Civil or code law
3) Customary Law
4) Religious law
5) Mixed Law
Common law consists of what three branches
1) Criminal law
2) Tort law
3) administrative/regulatory law
what organization oversees international patents and trademarks
World Intellectual Property Organization (WIPO)
Name three of the computer forensics models:
1) IOCE / International Orgnanization of Computer Evidence
2) SWGDE / Scientific Working Group on Digital Evidence
3) ACPO / Association of Chief Police Officers
What are the 4 categories of software licensing?
1) Freeware
2) Shareware
3) Commercial
4) Academic
What are the rights and obligations of individuals and organizations with respect to the collection, use, retention and disclosure of personal information related to?
Triage compasses:
1) detection
2) identification
3) notification
Integrity of a forensic bit stream images of ten determined by:
comparing hash totals to the original source
When dealing with digital evidence, the crime scene:
Must have the least amount of contamination
A cashier who enters incorrect values in the cash register and keeps the remaining money has committed what kind of crime
Data Diddling
Why do different legal systems create a challenge in dealing with computer crime?
different interpretations of law,
different evidence requirments, lack of cooperations
List the intellectual property laws
Patents, copyright, trademark, trade secrets
European Union Privacy principles
-Collecting data fairly and lawfully
-keeping data reasonable amt of time
-ensuring its accuracy and security
-consent to disclose to third parties
-Person have right to make changes to their personal data
concept that corporate officers and others with fiduciary responsibilities meet requirement to protect the company's assets
due care
involves implementing controls, ongoing risk assessment and documentation
due diligence
Computer forensics is primarily concerned with
Discovering evidenc
which of the following is true?
a) change evidence is inadmissible, but when returned to its orginal form might be allowed by the judge
b) documenting change to evidenc protect its admissibility
c) uncontrol modified evidence is always inadmiissible
d) a chain of custody will preserved its admissibility
C) uncontrolled evidence is always inadmissible
Hearsay is
statement that cannot be cross examined
Intellectual property law is primarily designed to:
protect intangible assets only
a __ afford the highest level of protection for intellectual property
Nike "swoosh" is a
Privacy can be defined as:
Rights and obligations of individuals and organizations with respect to the collection, use, retention and disclosure of personal information
Negligence can be defined as:
I) Acting without due care in a way that causes damages
II) Transfer of value without prior negotiation
III) The shortfall between due diligence and best practice
A incident can be defined as:
any event that has the potential to negatively impact the business or its assets
Categorization of an incident is used to determine
Potential risk of the incident
Computer forensics falls under
Digital Forensic Science
First step in a computer forensics investigation
Three main elements of incident response
1) detection
2) triage
3) response
types of evidence
direct, real, physical, documentary, demonstrative
purpose of chain of custody
Assure the court that nothing was changed and that nothing could have been changed
Hash totals are used to establish the __ of evidence
accuracy and integrity
a principle tenant of computer forensic investigative process is
do not exceed one's own abilities
log analysis is part of what type of analysis
Network analysis
Primary goal of incident response
Mitigate damages caused by malicious activity
Primary goal of computer forensics
Obtain evidence of malicious activity
Extranet, VPNs and shared nets and external entities created what legal concern
downstream liability
in the absence of computer specific law, what laws are used to prosecute the computer criminals
Embezzlement, fraud and wiretapping
The Small Business Administration (SBA) and the Business Software Alliance (BSA) were formed to protect what type of organization
Software vendors
when are computer files admissible in court
if produced in the course of regular business hours
Legally and ethically making a system attractive to a potential attacker and logging the attacker's actions for use in future prosecution is called
what is considered supporting evidence?
corroborative evidence
Civil cases hat to do with determining
Ticking an intruder into accessing confidential info in order to prosecute him is an example of what
Administrative law deals with
violation of regulatory standards
avoide conflict of intereste is in ISC2 code of ethics
which form of law has stricter burden of proof and possible imprisonment
Criminal law
Most laws are drawn from
What type of law punished the individual with financial restitution instead of jail?
A witness testimony would be classified as what type of evidence
a s/w program would be protected from illegal distrbution under what law?
Which group states that the internet is a privilege and should be treated and used with respect
Internet Architecture Board
Which of the following prcess is concerne with not only identifying the root cause but also addressing the underlying issue?
problem management