Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
61 Cards in this Set
- Front
- Back
Where does the greatest risk of cybercrime come from?
|
Insiders
|
|
What are the five rules of evidence
|
AAACC
1) Be authentic 2) Be accurate 3) Be admissible 4) Be complete 5) Be convincing |
|
Computer forensics is really the marriage of computer science, information technology and engineering with:?
|
Law
|
|
What principle allows us to identify aspects of the person responsible for a crime , when whenever committing a a crime, the perpetrator takes something and leaves something behind?
|
Locard's principle of exchange
|
|
what is the biggest hinder to dealing with computer crime?
|
Activity associated with computer crime is truly international
|
|
What are the phases of incident response
|
1) Triage /Documentation
2) Investigation 3) Containment 4) Analysis & Tracking |
|
____ emphasizes the abstract concepts of law and is influenced by the writings of legal scholars and academics?
|
Civil Law
|
|
Which type of intellectual property covers the express of ideas rather than the ideas themselves?
|
Copyright
|
|
Which type of intellectual property protects the goodwill a merchant or vendor invests in its products
|
Trademark
|
|
Name the major legal systems
|
1) Common Law
2) Civil or code law 3) Customary Law 4) Religious law 5) Mixed Law |
|
Common law consists of what three branches
|
1) Criminal law
2) Tort law 3) administrative/regulatory law |
|
what organization oversees international patents and trademarks
|
World Intellectual Property Organization (WIPO)
|
|
Name three of the computer forensics models:
|
1) IOCE / International Orgnanization of Computer Evidence
2) SWGDE / Scientific Working Group on Digital Evidence 3) ACPO / Association of Chief Police Officers |
|
What are the 4 categories of software licensing?
|
1) Freeware
2) Shareware 3) Commercial 4) Academic |
|
What are the rights and obligations of individuals and organizations with respect to the collection, use, retention and disclosure of personal information related to?
|
privacy
|
|
Triage compasses:
|
1) detection
2) identification 3) notification |
|
Integrity of a forensic bit stream images of ten determined by:
|
comparing hash totals to the original source
|
|
When dealing with digital evidence, the crime scene:
|
Must have the least amount of contamination
|
|
A cashier who enters incorrect values in the cash register and keeps the remaining money has committed what kind of crime
|
Data Diddling
|
|
Why do different legal systems create a challenge in dealing with computer crime?
|
different interpretations of law,
different evidence requirments, lack of cooperations |
|
List the intellectual property laws
|
Patents, copyright, trademark, trade secrets
|
|
European Union Privacy principles
|
-Collecting data fairly and lawfully
-keeping data reasonable amt of time -ensuring its accuracy and security -consent to disclose to third parties -Person have right to make changes to their personal data |
|
concept that corporate officers and others with fiduciary responsibilities meet requirement to protect the company's assets
|
due care
|
|
involves implementing controls, ongoing risk assessment and documentation
|
due diligence
|
|
Computer forensics is primarily concerned with
|
Discovering evidenc
|
|
which of the following is true?
a) change evidence is inadmissible, but when returned to its orginal form might be allowed by the judge b) documenting change to evidenc protect its admissibility c) uncontrol modified evidence is always inadmiissible d) a chain of custody will preserved its admissibility |
C) uncontrolled evidence is always inadmissible
|
|
Hearsay is
|
statement that cannot be cross examined
|
|
Intellectual property law is primarily designed to:
|
protect intangible assets only
|
|
a __ afford the highest level of protection for intellectual property
|
Patent
|
|
Nike "swoosh" is a
|
trademark
|
|
Privacy can be defined as:
|
Rights and obligations of individuals and organizations with respect to the collection, use, retention and disclosure of personal information
|
|
Negligence can be defined as:
|
I) Acting without due care in a way that causes damages
II) Transfer of value without prior negotiation III) The shortfall between due diligence and best practice |
|
A incident can be defined as:
|
any event that has the potential to negatively impact the business or its assets
|
|
Categorization of an incident is used to determine
|
Potential risk of the incident
|
|
Computer forensics falls under
|
Digital Forensic Science
|
|
First step in a computer forensics investigation
|
Identification
|
|
Three main elements of incident response
|
1) detection
2) triage 3) response |
|
types of evidence
|
direct, real, physical, documentary, demonstrative
|
|
purpose of chain of custody
|
Assure the court that nothing was changed and that nothing could have been changed
|
|
Hash totals are used to establish the __ of evidence
|
accuracy and integrity
|
|
a principle tenant of computer forensic investigative process is
|
do not exceed one's own abilities
|
|
log analysis is part of what type of analysis
|
Network analysis
|
|
Primary goal of incident response
|
Mitigate damages caused by malicious activity
|
|
Primary goal of computer forensics
|
Obtain evidence of malicious activity
|
|
Extranet, VPNs and shared nets and external entities created what legal concern
|
downstream liability
|
|
in the absence of computer specific law, what laws are used to prosecute the computer criminals
|
Embezzlement, fraud and wiretapping
|
|
The Small Business Administration (SBA) and the Business Software Alliance (BSA) were formed to protect what type of organization
|
Software vendors
|
|
when are computer files admissible in court
|
if produced in the course of regular business hours
|
|
Legally and ethically making a system attractive to a potential attacker and logging the attacker's actions for use in future prosecution is called
|
Enticement
|
|
what is considered supporting evidence?
|
corroborative evidence
|
|
Civil cases hat to do with determining
|
liability
|
|
Ticking an intruder into accessing confidential info in order to prosecute him is an example of what
|
Entrapment
|
|
Administrative law deals with
|
violation of regulatory standards
|
|
avoide conflict of intereste is in ISC2 code of ethics
|
true
|
|
which form of law has stricter burden of proof and possible imprisonment
|
Criminal law
|
|
Most laws are drawn from
|
ethics
|
|
What type of law punished the individual with financial restitution instead of jail?
|
Tort
|
|
A witness testimony would be classified as what type of evidence
|
secondary/direct/testimony
|
|
a s/w program would be protected from illegal distrbution under what law?
|
Copyright
|
|
Which group states that the internet is a privilege and should be treated and used with respect
|
Internet Architecture Board
|
|
Which of the following prcess is concerne with not only identifying the root cause but also addressing the underlying issue?
|
problem management
|