Susan was looking at her credit report and noticed that several new credit cards had been opened lately in her name. Susan has not opened any of the credit card accounts herself.
Which type of cybercrime has been perpetrated against Susan?
A forensic investigator needs to know which file type to look for in order to find emails from a specific client.
Which file extension is used by Eudora?
Which universal principle must be observed when handling digital evidence?
An employee sends an email message to a fellow employee. The message is sent through the company's messaging server.
Which protocol is used to send the email message?
Which file system is supported by Mac?
An organization has identified a system breach and has collected volatile data from the system.
Which evidence type should be collected next?
Which type of information does a Windows SAM file contain?
The chief information officer of an accounting firm believes sensitive data is being exposed on the local network.
Which tool should the IT staff use to gather digital evidence about this security vulnerability?
Which description applies to the Advanced Forensic Format (AFF)?
The chief executive officer (CEO) of a small computer company has identified a potential hacking attack from an outside competitor.
Which type of evidence should a forensics investigator use to identify the source of the hack?
An organization is determined to prevent data leakage through steganography. It has developed a workflow that all outgoing data must pass through. The company will implement a tool as part of the workflow to check for hidden data.
Which tool should be used to check for the existence of steganographically hidden data?
A USB flash drive was seized as evidence to be entered into a trial.
Which type of evidence is this USB flash drive?
A cybercriminal communicates with his compatriots using steganography. The FBI discovers that the criminal group uses white space to hide data in photographs.
Which tool can the cybercriminals use to facilitate this type of communication?
Which law or guideline lists the four states a mobile device can be in when data is extracted from it?
Which operating system (OS) uses the NTFS (New Technology File System) file operating system?
Which principle of evidence collection states that access to evidence must be tracked from the time it is seized through its use in court?
After a company's single-purpose, dedicated messaging server is hacked by a cybercriminal, a forensics expert is hired to investigate the crime and collect evidence.
Which digital evidence should be collected?
What are the three basic tasks that a systems forensic specialist must keep in mind when handling evidence during a cybercrime investigation?
A computer involved in a crime is infected with malware. The computer is on and connected to the company's network. The forensic investigator arrives at the scene.
Which action should be the investigator's first step?
Which directory contains the system's configuration files on a computer running Mac OS X?
Which law requires both parties to consent to the recording of a conversation?
While collecting digital evidence from a running computer involved in a cybercrime, the forensic investigator makes a list of items that need to be collected.
Which piece of digital evidence should be collected first?
Which policy is included in the CAN-SPAM Act?