Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Name:
Class:
Date:
chapter 2
Indicate whether the statement is true or false.
1. A disaster recovery plan ensures that workstations and file servers can be restored to their original condition in the
event of a catastrophe.
a.
True
b.
False
2. The recording of all updates made to a workstation or machine is referred to as configuration management.
a.
True
b.
False
3. Because they are outdated, ribbon cables should not be considered for use within a forensics lab.
a.
True
b.
False
4. Linux Live CDs and WinFE disks do not automatically mount hard drives, but can be used to view file systems.
a.
True
b.
False
5. The shielding of sensitive computing systems and prevention of electronic eavesdropping of any computer emissions is
known as FAUST by the U.S. Department of Defense.
a.
True
b.
False
Indicate the answer choice that best completes the statement or answers the question.
6. Which option below is not one of the recommended practices for maintaining a keyed padlock?
a.
Appoint a key custodian.
b.
Take inventory of all keys when the custodian changes.
c.
Use a master key.
d.
Change locks and keys annually.
7. In order to qualify for the Certified Computer Forensic Technician, Basic Level certification, how many hours of
computer forensics training are required?
a.
10
b.
20
c.
30
d.
40
8. Which option below is not a recommendation for securing storage containers?
a.
The container should be located in a restricted area.
b.
Only authorized access should be allowed, and it should be kept to a minimum.
c.
Evidence containers should remain locked when they aren't under direct supervision.
d.
Rooms with evidence containers should have a secured wireless network.
9. _______ is responsible for creating and monitoring lab policies for staff, and provides a safe and secure workplace for
Name:
Class:
Date:
chapter 2
staff and evidence.
a.
The lab manager
b.
The lab investigator
c.
The lab secretary
d.
The lab steward
10. Which tool below is not recommended for use in a forensics lab?
a.
2.5-inch adapters for drives
b.
FireWire and USB adapters
c.
SCSI cards
d.
Degausser
11. In order to qualify for the Certified Computer Crime Investigator, Basic Level certification, candidates must provide
documentation of at least _______ cases in which they participated.
a.
5
b.
10
c.
15
d.
20
12. Candidates who complete the IACIS test successfully are designated as a _______.
a.
Certified Forensic Computer Examiner (CFCE)
b.
Certified Forensics Investigator (CFI)
c.
Certified Investigative Forensics Examiner (CIFE)
d.
Certified Investigative Examiner (CIE)
13. A TEMPEST facility is designed to accomplish which of the following goals?
a.
Prevent data loss by maintaining consistent backups.
b.
Shield sensitive computing systems and prevent electronic eavesdropping of computer emissions.
c.
Ensure network security from the Internet using comprehensive security software.
d.
Protect the integrity of data.
14. Which file system below is utilized by the Xbox gaming system?
a.
NTFS
b.
ReFS
c.
EXT
d.
FATX
15. In order to qualify for the Advanced Certified Computer Forensic Technician certification, a candidate must have
_______ years of hands-on experience in computer forensics investigations.
a.
two
b.
three
c.
five
d.
six
Name:
Class:
Date:
chapter 2
16. What certification program, sponsored by ISC2, requires knowledge of digital forensics, malware analysis, incident
response, e-discovery, and other disciplines related to cyber investigations?
a.
Certified Computer Crime Investigator
b.
Certified Forensic Computer Examiner
c.
Certified Cyber Forensics Professional
d.
EnCase Certified Examiner
17. _______ describes the characteristics of a safe storage container.
a.
ISO2960
b.
NISPOM
c.
SSO 990
d.
STORSEC
18. Which operating system listed below is not a distribution of the Linux OS?
a.
Minix
b.
Debian
c.
Slackware
d.
Fedora
19. _______ is a specialized viewer software program.
a.
FastView
b.
IrfanView
c.
ThumbsLoader
d.
ABSee
20. _______ can be used to restore backup files directly to a workstation.
a.
Belarc Advisor
b.
Norton Ghost
c.
ProDiscover
d.
Photorec
21. Which ISO standard below is followed by the ASCLD?
a.
17025:2005
b.
17026:2007
c.
12075:2007
d.
12076:2005
22. How long are computing components designed to last in a normal business environment?
a.
12 to 16 months
b.
14 to 26 months
c.
18 to 36 months
d.
36 to 90 months
23. How often should hardware be replaced within a forensics lab?
Name:
Class:
Date:
chapter 2
a.
Every 6 to 12 months
b.
Every 12 to 18 months
c.
Every 18 to 24 months
d.
Every 24 to 30 months
24. What percentage of consumers utilize Intel and AMD PCs?
a.
60
b.
70
c.
80
d.
90
25. Which of the following scenarios should be covered in a disaster recovery plan?
a.
damage caused by lightning strikes
b.
damage caused by flood
c.
damage caused by a virus contamination
d.
all of the above
Enter the appropriate word(s) to complete the statement.
26. A(n) _______________ acts as an evidence locker or safe to preserve the integrity of evidence.
27. The ________________________ provides guidelines to members for managing a forensics lab and acquiring crime
and forensics lab accreditation.
28. As part of a business case, _______________ requires researching different products to determine which one is the
best and most cost effective.
29. _______________ are generated at the federal, state, and local levels to show the types and frequency of crimes
committed.
30. A(n) ______________ is a plan that can be used to sell your services to management or clients, in which a
justification is made for acquiring newer and better resources to investigate digital forensics cases.
a.
Business case
b.
Certified Computer Examiner (CCE)
c.
Certified Cyber Forensics Professional (CCFP)
d.
Certified Forensic Computer Examiner (CFCE)
e.
Configuration management
f.
Digital forensics lab
g.
High Tech Crime Network (HTCN)
h.
Risk management
i.
Secure facility
j.
TEMPEST
31. A certification from the International Society of Forensic Computer Examiners
32. A lab dedicated to computing investigations; typically, it has a variety of computers, OSs, and forensics software
33. A certification from ISC2 for completing the education and work experience and passing the exam
Name:
Class:
Date:
chapter 2
34. A facility that can be locked and allows limited access to the room's contents
35. The process of keeping track of all upgrades and patches you apply to your computer's OS and applications
36. A term referring to facilities that have been hardened so that electrical signals from computers, the computer network,
and telephone systems can't be monitored or accessed easily by someone outside the facility
37. A national organization that provides certification for computer crime investigators and digital forensics technicians
38. A certificate awarded by IACIS at completion of all portions of the exam
39. The process of determining how much risk is acceptable for any process or operation, such as replacing equipment
40. A document that provides justification to upper management or a lender for purchasing new equipment, software, or
other tools when upgrading your facility
41. What can be done to help prevent the buildup of static electricity?
42. What should be included as part of the approval process?
43. What information should be recorded every time an evidence container is opened and closed?
44. When creating a new forensics lab, what are some questions that should be considered when calculating the budget
required? List at least three questions.
45. List at least three things that should be included in an audit of a digital forensics lab.
46. What are three questions that should be asked when performing the justification step?
47. List three practices that should be followed when using a keyed padlock.
48. A forensics lab should maintain a paper or electronic sign-in log for all visitors. What information should be in this
log?
49. What is a business case used for?
50. How should backups be stored and maintained?
Name:
Class:
Date:
chapter 2
Answer Key
Name:
Class:
Date:
chapter 2
Name:
Class:
Date:
chapter 2
Name:
Class:
Date:
chapter 2
