Quantitative Risk Analysis - ANSWER ==-
Computer Forensics - ANSWER ==A set of methodological procedures and
techniques that help identify, gather,
... [Show More] preserve, extract, interpret, document, and present
evidence from computers in a way that is legally admissible
Cyber Crime - ANSWER ==Any illegal act involving a computing device, network, its
systems, or its applications. Both internal and external
Enterprise Theory of Investigation (ETI) - ANSWER ==Methodology for investigating
criminal activity
Types of Cyber Crime - ANSWER ==Civil, Criminal, Administrative
Civil Cases - ANSWER ==Involve disputes between two parties. Brought for violation
of contracts and lawsuits where a guilty outcome generally results in monetary damages
to the plaintiff
Criminal Cases - ANSWER ==Brought by law enforcement agencies in response to a
suspected violation of law where a guilty outcome results in monetary damages,
imprisonment, or both
Administrative Cases - ANSWER ==An internal investigation by an organization to
discover if its employees/clients/partners are abiding by the rules or policies (Violation of
company policies). Non-criminal in nature and are related to misconduct or activities of
an employee
Rules of Forensic Investigation - ANSWER ==Safeguard the integrity of the evidence
and render it acceptable in a court of law. The forensic examiner must make duplicate
copies of the original evidence. The duplicate copies must be accurate replications of
the originals, and the forensic examiner must also authenticate the duplicate copies to
avoid questions about the integrity of the evidence. Must not continue with the
investigation if the examination is going to be beyond his or her knowledge level or skill
level.
Cyber Crime Investigation Methodology/Steps - ANSWER ==1.Identify the computer
crime 2.Collect preliminary evidence 3.Obtain court warrant dor discovery/seizure of
evidence 4.Perform first responder procedures 5.Seize evidence at the crime scene 6.
Transport evidence to lab 7.Create two bitstream copies of the evidence 8. Generate
MD5 checksum of the images 9. Maintain chain of custody 10. Store original evidence
in secure location 11. Analyze the image copy for evidence 12. Prepare a forensic
report 13. Submit a report to client 14. Testify in course as an expert witness
Locard's Exchange Principle - ANSWER ==Anyone of anything, entering a crime
scene takes something of the scene with them and leaves something of themselves
behind when they leave.
Types of Digital Data - ANSWER ==Volatile Data
Non-volatile Data
Volatile Data - ANSWER ==Temporary information on a device that requires a
constant power supply and is deleted if the power supply is interrupted
Non-Volatile Data - ANSWER ==Secondary storage of data. Long-term, persistent
data.
Permanent data stored on secondary storage devices, such as hard disks and memory
cards.
Characteristics of Digital Evidence - ANSWER ==1. Be Relevant
2. Be probative
3. Be authentic
4. Be accurate
5. Be complete
6. Be convincing
7. Be admissible
Admissible evidence - ANSWER ==Evidence that can be legally and properly
introduced in a civil or criminal trial.
Evidence is relevant to the case
Authentic Evidence - ANSWER ==Evidence that is in its original or genuine state.
Investigators must provide supporting documents regarding the authenticity, accuracy,
and integrity of the evidence
Complete Evidence - ANSWER ==Evidence must either prove or disprove the fact
Reliable Evidence - ANSWER ==evidence that possesses a sufficient degree of
likelihood that it is true and accurate
Evidence must be proven dependable when the evidence was extracted
Believable Evidence - ANSWER ==Evidence must be presented in a clear manner
and expert opinions must be obtained where necessary
Rules of Evidence - ANSWER ==Rules governing the admissibility of evidence in trial
courts. [Show Less]