True/False
Indicate whether the sentence or statement is true
or false.
|
|
|
1.
|
Digital evidence poses special challenges for its admissibility in
court.
|
|
|
2.
|
A
good forensic analyst must be very much of a specialist.
|
|
|
3.
|
A
good toolkit must be prepared in advance of the need for forensic analysis.
|
|
|
4.
|
Collecting evidence may actually destroy other evidence.
|
|
|
5.
|
The
physical media on which the digital evidence is stored must be carefully guarded.
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
6.
|
What
explains the significance of collected evidence to recreate the methods used in a
breach? a. | logging | c. | toolkit | b. | analysis | d. | preparation | | | | |
|
|
|
7.
|
The
effort expended in training and developing tools for an effective and efficient forensic analysis is
called: a. | collection | c. | preparation | b. | vulnerability | d. | auditing | | | | |
|
|
|
8.
|
What
is a weakness associated with any condition or attribute of an asset which increases the probability
that a threat will result in a loss? a. | collection | c. | preparation | b. | vulnerability | d. | auditing | | | | |
|
|
|
9.
|
The
process of collecting auditing information and writing it to a security log is
called: a. | forensics | c. | audit
usage | b. | toolkit | d. | logging | | | | |
|
|
|
10.
|
The
use of science and technology to investigate and establish facts in criminal or civil courts of law
is called: a. | toolkit | c. | risk
management | b. | forensics | d. | digital evidence | | | | |
|
|
|
11.
|
What
is the use of encryption to prevent undetected modification of data? a. | forensics | c. | risk
management | b. | logging | d. | electronic signatures | | | | |
|
|
|
12.
|
The
analysis of assets, risks, and threats to determine system vulnerabilities and appropriate measures
to minimize exposure is called: a. | vulnerability | c. | risk management | b. | documentation | d. | None of the
above | | | | |
|
|
|
13.
|
If
you store evidence in an electronic format, it is called: a. | authentication | c. | electronic
signatures | b. | digital evidence | d. | auditing | | | | |
|
|
|
14.
|
Any
person, place, thing, or commodity, for which there is a safeguarding requirement is called
a(n): a. | toolkit | c. | asset | b. | documentation | d. | None of the above | | | | |
|
|
|
15.
|
A
forensics analysis activity where all steps of the process are carefully recorded is
called: a. | logging | c. | digital
evidence | b. | auditing | d. | documentation | | | | |
|
|
|
16.
|
What
do you call the mathematical validation that can be used to prove evidence has not been
modified? a. | toolkit | c. | digital
evidence | b. | authentication | d. | None of the above | | | | |
|
|
|
17.
|
Which
item is more volatile? a. | memory | c. | storage devices | b. | registry | d. | network
connections | | | | |
|
|
|
18.
|
A set
of software tools that are stored on a read-only media to be used during a forensic analysis is
called a(n): a. | digital
evidence | c. | toolkit | b. | risk management | d. | auditing | | | | |
|
|
|
19.
|
Which
of the following are steps in the forensic process? a. | preparation | c. | evidence
analysis | b. | evidence collection | d. | All of the above | | | | |
|
|
|
20.
|
What
must be carefully guarded as it relates to the storage of digital evidence? a. | physical
media | c. | computer
rooms | b. | computer users | d. | None of the above | | | | |
|
Matching
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | audit
escalation | e. | documentation | b. | risk management | f. | logging | c. | toolkit | g. | vulnerability | d. | chain of custody | h. | electronic signatures | | | | |
|
|
|
21.
|
Collecting auditing information and writing it to a security log.
|
|
|
22.
|
Use
of encryption to prevent undetected modification of data.
|
|
|
23.
|
A
record of all people who accessed any piece of data.
|
|
|
24.
|
Taking action based on the results of an audit.
|
|
|
25.
|
Analysis of assets, risks, and threats to determine system vulnerabilities and
appropriate measures to minimize exposure.
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | forensics | e. | preparation | b. | authentication | f. | asset | c. | collection | g. | auditing | d. | analysis | h. | audit usage | | | | |
|
|
|
26.
|
Any
person, place, thing, or commodity, for which there is a safeguarding requirement.
|
|
|
27.
|
Explains the significance of collected evidence to recreate the methods used in the
breach.
|
|
|
28.
|
Effort expended in training and developing tools for an effective and efficient
forensic analysis.
|
|
|
29.
|
Testing security procedures and monitoring their effectiveness.
|
|
|
30.
|
Mathematical validation that can be used to prove evidence has not been
modified.
|