CJUS 363 Quiz 3

CJUS 363 Quiz 3 Liberty University

Set 1

  1. State public disclosure laws apply to state records, but FOIA allows citizens to request copies of public documents created by federal agencies.​
  2. To investigate employees suspected of improper use of company digital assets, a company policy statement about misuse of digital assets allows corporate investigators to conduct covert surveillance with little or no cause, and access company computer systems and digital devices without a warrant.​
  3. An emergency situation under the PATRIOT Act is defined as the immediate risk of death or personal ​injury, such as finding a bomb threat in an e-mail.
  4. Computer-stored records are data the system maintains, such as system log files and proxy server logs​.
  5. The Fourth Amendment states that only warrants “particularly describing the place to be searched and the persons ​or things to be seized” can be issued. The courts have determined that this phrase means a warrant can authorize a search of a specific place for ​anything.
  6. The physical data copy subfunction exists under the ______________ function.​
  7. Physically copying the entire drive is the only type of data-copying method used in software acquisitions.
  8. What option below is an example of a platform specific encryption tool?
  9. In what temporary location below might passwords be stored? ​
  10. Reconstructing fragments of files that have been deleted from a suspect drive, is known as ____________ in North America.​
  11. Passwords are typically stored as one-way _____________ rather than in plaintext.​
  12. In general, what would a lightweight forensics workstation consist of?​
  13. ​What algorithm is used to decompress Windows files?
  14. In what mode do most write-blockers run?​
  15. All forensics acquisition tools have a method for verification of the data-copying process that compares the original drive ​with the image.
  16. Which of the following options is not a subfunction of extraction?​
  17. ​Software forensics tools are grouped into command-line applicationsand GUI applications
  18. What program serves as the GUI front end for accessing Sleuth Kit’s tools?​
  19. A keyword search is part of the ​analysis process within what forensic function?
  20. What hex value is the standard indicator for jpeg graphics files?​
  21. ISO standard 27037 sta​tes that the most important factors in data acquisition are the DEFR’s competency and the use of validated tools.
  22. ​The ProDiscover utility makes use of the proprietary _______________ file format.
  23. Making a logical acquisition of a drive with whole disk encryption can result in unreadable files.​
  24. What is the goal of the NSRL project, created by NIST?​
  25. _______________ proves that two sets of data are identical by calculating hash values or using another similar method.​

Set 2

  1. State public disclosure laws apply to state records, but FOIA allows citizens to request copies of public documents created by federal agencies.
  2. Computer­stored records are data the system maintains, such as system log files and proxy server logs.
  3. An emergency situation under the PATRIOT Act is defined as the immediate risk of death or personal injury, such as finding a bomb threat in an e­mail.
  4. To investigate employees suspected of improper use of company digital assets, a company policy statement about misuse of digital assets allows corporate investigators to conduct covert surveillance with little or no cause, and access company computer systems and digital devices without a warrant.
  5. The Fourth Amendment states that only warrants “particularly describing the place to be searched and the persons or things to be seized” can be issued. The courts have determined that this phrase means a warrant can authorize a search of a specific place for
  6. Physically copying the entire drive is the only type of data­copying method used in software acquisitions.
  7. A keyword search is part of the analysis process within what forensic function?
  8. What program serves as the GUI front end for accessing Sleuth Kit’s tools?
  9. Software forensics tools are grouped into command­line applications and GUI applications
  10. What hex value is the standard indicator for jpeg graphics files?
  11. In general, what would a lightweight forensics workstation consist of?
  12. When performing disk acquisition, the raw data format is typically created with the UNIX/Linux _____________ command.
  13. Reconstructing fragments of files that have been deleted from a suspect drive, is known as ____________ in North America.
  14. What tool below was written for MS­DOS and was commonly used for manual digital investigations?
  15. Passwords are typically stored as one­way _____________ rather than in plaintext.
  16. Making a logical acquisition of a drive with whole disk encryption can result in unreadable files.
  17. In what mode do most write­blockers run?
  18. What option below is an example of a platform specific encryption tool?
  19. All forensics acquisition tools have a method for verification of the data­copying process that compares the original drive with the image.
  20. Which of the following options is not a subfunction of extraction?
  21. What algorithm is used to decompress Windows files?
  22. What is the goal of the NSRL project, created by NIST?
  23. The __________ Linux Live CD includes tools such as Autopsy and Sleuth Kit, ophcrack, dcfldd, MemFetch, and MBoxGrep, and utilizes a KDE interface.
  24. The physical data copy subfunction exists under the ______________ function.
  25. What is the purpose of the reconstruction function in a forensics investigation?
$2.99
Buy Answer Key

has been added to your cart!

have been added to your cart!

Files Included - Liberty University
  1. CJUS 363 Quiz 3
  2. CJUS 363 Quiz 3 Set 2