Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 2: Computer Forensics Anddigital Detective Work

Full screen (f)
exit full mode
Question
________ is created when a file is created if it does not take up an entire sector.
Use Space or
up arrow
down arrow
to flip the card.
Question
In the case in which a hacker named Maxim broke into CD Universe credit card files,the FBI and company employees accessed original files to determine how the intrusion had occurred.What was the impact on the case of working with original files?

A)There was no impact on the case,because a correct chain of custody form was produced.
B)The case was nullified,because the last-access dates on the original files were changed.
C)There was no impact on the case,because the original files were copied correctly.
D)The case was nullified,because the FBI did not have permission to open the original files.
Question
What type of program is available to delete and overwrite data on a computer?

A)File-overwriting software
B)File-deleting software
C)File-wiping software
D)All of the above
Question
In 2005,the estimated number of e-mail users in the United States was

A)105 million
B)105 billion
C)1.5 million
D)1.5 billion
Question
Which of the following is NOT considered one of the five stages of a computer investigation?

A)Intelligence
B)Hypothesis
C)Conviction
D)Conclusion
Question
Which of the following is NOT considered an objective in ensuring probative information is recovered?

A)To protect the computer system during the actual investigation
B)To search for any and all malware that may have infected the system
C)To recover deleted,existing,hidden,and password protected files
D)To determine if steganography was used
Question
What unique piece of evidence finally gave police the break they'd needed in order to solve the BTK serial murderer case?

A)A phone number located within a computer
B)A USB drive with his deleted address
C)A floppy disk with his deleted address
D)A floppy disk with a deleted address of a church
Question
The chain of custody must include which of the following items?

A)Where the evidence was stored
B)The size of the containers used to store the evidence
C)How heavy the evidence was when acquired
D)The relevance of the evidence
Question
Hackers go after valuable content such as

A)Expensive applications
B)Links to terrorist Web sites
C)Pricing data
D)Malware scripts
Question
Criminal trials are often preceded by a(n)________ at which the admissibility of evidence is determined.
Question
________ is a term generally used to indicate a message is hidden within another file.
Question
The ________ is documentation that the evidence was handled and preserved properly.
Question
Evidence may be suppressed if which of the following occurs?

A)If the officer exceeds the limited right or scope
B)If the police do not have a warrant
C)If the officer takes more than is on the warrant
D)All of the above
Question
Robert Hanssen stored documents he was stealing from the FBI and selling to the Russians on a(n)

A)MP3 player
B)Palm III PDA
C)Laptop computer
D)Cell phone
Question
The emphasis on computer forensics as a(n)________ is important because it recognizes the field as a discipline with set principles.
Question
Which of the following traditional crimes are easier because of widespread computer access?

A)Breaking and entering
B)Money laundering
C)Armed robbery
D)Assault
Question
Evidence collected in violation of which amendment will cause the evidence to be excluded?

A)The Fourth Amendment
B)The First Amendment
C)The Ninth Amendment
D)The Tenth Amendment
Question
In what manner were e-commerce employees caught making online purchases using clients' credit card numbers?

A)Copies of credit card numbers were found in their desks.
B)Copies of transactions were found at their homes.
C)Saved files were stored in a hidden directory.
D)Credit card numbers,along with the name and address of person who placed order,were found in a hidden HTML coded file.
Question
In order to be legally defensible,methods used in the recovery of data must ensure that

A)The original evidence was not altered.
B)No data was added to the original.
C)No data was deleted from the original.
D)All of the above
Question
Which of the following is NOT considered one of the items e-evidence is currently being used for?

A)To prove intent
B)To imply motive
C)To provide alibis
D)All listed are currently being used
Question
The ________ states that evidence collected in violation of the Fourth Amendment cannot be used in a trial.
Question
Care,control,and chain of custody are called the ________ of evidence.
Question
A(n)________ is a reasonable belief that a person has committed a crime.
Question
One of the more popular theories is that a person could actually commit ________ by changing a patient's medication data.
Question
If evidence items are released to auditors or authorities,the ________ should be recorded.
Question
According to a 2003 survey,________ and China had the highest piracy rates.
Question
________ is the blending of accounting,auditing,and investigative skills.
Question
Criminals whose purpose is ________ need to brag about their exploits because they are motivated by a desire for fame or notoriety.
Question
Match between columns
Premises:
Responses:
Illegal gambling
Computer is the crime instrument
Illegal gambling
New crime generated by prevalence of computers
Illegal gambling
Computer is the crime target
Illegal gambling
Computer is incidental to traditional crime
Theft of intellectual property
Computer is the crime instrument
Theft of intellectual property
New crime generated by prevalence of computers
Theft of intellectual property
Computer is the crime target
Theft of intellectual property
Computer is incidental to traditional crime
Fraud from computer billings
Computer is the crime instrument
Fraud from computer billings
New crime generated by prevalence of computers
Fraud from computer billings
Computer is the crime target
Fraud from computer billings
Computer is incidental to traditional crime
Software piracy
Computer is the crime instrument
Software piracy
New crime generated by prevalence of computers
Software piracy
Computer is the crime target
Software piracy
Computer is incidental to traditional crime
Question
Match between columns
Premises:
Responses:
Techno-vandalism
Phony Web sites
Techno-vandalism
Unauthorized access causes damage
Techno-vandalism
Criminal trespass
Techno-vandalism
Gives the user Admin rights
Root access
Phony Web sites
Root access
Unauthorized access causes damage
Root access
Criminal trespass
Root access
Gives the user Admin rights
Spoofing
Phony Web sites
Spoofing
Unauthorized access causes damage
Spoofing
Criminal trespass
Spoofing
Gives the user Admin rights
Techno-trespass
Phony Web sites
Techno-trespass
Unauthorized access causes damage
Techno-trespass
Criminal trespass
Techno-trespass
Gives the user Admin rights
Question
Match between columns
Premises:
Responses:
Sector
Smallest unit that can be accessed on a disk
Sector
Space not currently used to store an active file
Sector
Remnant area at the end of a file
Sector
Fixed block of data such as 1024 bytes
Unallocated space
Smallest unit that can be accessed on a disk
Unallocated space
Space not currently used to store an active file
Unallocated space
Remnant area at the end of a file
Unallocated space
Fixed block of data such as 1024 bytes
Slack space
Smallest unit that can be accessed on a disk
Slack space
Space not currently used to store an active file
Slack space
Remnant area at the end of a file
Slack space
Fixed block of data such as 1024 bytes
Cluster
Smallest unit that can be accessed on a disk
Cluster
Space not currently used to store an active file
Cluster
Remnant area at the end of a file
Cluster
Fixed block of data such as 1024 bytes
Question
Match between columns
Premises:
Responses:
John Allen Mohammad
Digital recordings on a device in car
John Allen Mohammad
E-mail communication between criminal and victim
John Allen Mohammad
GPS data from car and cell phone
John Allen Mohammad
Evidence of child pornography on computer
Lisa Montgomery
Digital recordings on a device in car
Lisa Montgomery
E-mail communication between criminal and victim
Lisa Montgomery
GPS data from car and cell phone
Lisa Montgomery
Evidence of child pornography on computer
Alejandro Avila
Digital recordings on a device in car
Alejandro Avila
E-mail communication between criminal and victim
Alejandro Avila
GPS data from car and cell phone
Alejandro Avila
Evidence of child pornography on computer
Scott Peterson
Digital recordings on a device in car
Scott Peterson
E-mail communication between criminal and victim
Scott Peterson
GPS data from car and cell phone
Scott Peterson
Evidence of child pornography on computer
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/32
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 2: Computer Forensics Anddigital Detective Work
1
________ is created when a file is created if it does not take up an entire sector.
File slack
2
In the case in which a hacker named Maxim broke into CD Universe credit card files,the FBI and company employees accessed original files to determine how the intrusion had occurred.What was the impact on the case of working with original files?

A)There was no impact on the case,because a correct chain of custody form was produced.
B)The case was nullified,because the last-access dates on the original files were changed.
C)There was no impact on the case,because the original files were copied correctly.
D)The case was nullified,because the FBI did not have permission to open the original files.
B
3
What type of program is available to delete and overwrite data on a computer?

A)File-overwriting software
B)File-deleting software
C)File-wiping software
D)All of the above
C
4
In 2005,the estimated number of e-mail users in the United States was

A)105 million
B)105 billion
C)1.5 million
D)1.5 billion
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following is NOT considered one of the five stages of a computer investigation?

A)Intelligence
B)Hypothesis
C)Conviction
D)Conclusion
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is NOT considered an objective in ensuring probative information is recovered?

A)To protect the computer system during the actual investigation
B)To search for any and all malware that may have infected the system
C)To recover deleted,existing,hidden,and password protected files
D)To determine if steganography was used
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
7
What unique piece of evidence finally gave police the break they'd needed in order to solve the BTK serial murderer case?

A)A phone number located within a computer
B)A USB drive with his deleted address
C)A floppy disk with his deleted address
D)A floppy disk with a deleted address of a church
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
8
The chain of custody must include which of the following items?

A)Where the evidence was stored
B)The size of the containers used to store the evidence
C)How heavy the evidence was when acquired
D)The relevance of the evidence
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
9
Hackers go after valuable content such as

A)Expensive applications
B)Links to terrorist Web sites
C)Pricing data
D)Malware scripts
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
10
Criminal trials are often preceded by a(n)________ at which the admissibility of evidence is determined.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
11
________ is a term generally used to indicate a message is hidden within another file.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
12
The ________ is documentation that the evidence was handled and preserved properly.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
13
Evidence may be suppressed if which of the following occurs?

A)If the officer exceeds the limited right or scope
B)If the police do not have a warrant
C)If the officer takes more than is on the warrant
D)All of the above
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
14
Robert Hanssen stored documents he was stealing from the FBI and selling to the Russians on a(n)

A)MP3 player
B)Palm III PDA
C)Laptop computer
D)Cell phone
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
15
The emphasis on computer forensics as a(n)________ is important because it recognizes the field as a discipline with set principles.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following traditional crimes are easier because of widespread computer access?

A)Breaking and entering
B)Money laundering
C)Armed robbery
D)Assault
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
17
Evidence collected in violation of which amendment will cause the evidence to be excluded?

A)The Fourth Amendment
B)The First Amendment
C)The Ninth Amendment
D)The Tenth Amendment
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
18
In what manner were e-commerce employees caught making online purchases using clients' credit card numbers?

A)Copies of credit card numbers were found in their desks.
B)Copies of transactions were found at their homes.
C)Saved files were stored in a hidden directory.
D)Credit card numbers,along with the name and address of person who placed order,were found in a hidden HTML coded file.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
19
In order to be legally defensible,methods used in the recovery of data must ensure that

A)The original evidence was not altered.
B)No data was added to the original.
C)No data was deleted from the original.
D)All of the above
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following is NOT considered one of the items e-evidence is currently being used for?

A)To prove intent
B)To imply motive
C)To provide alibis
D)All listed are currently being used
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
21
The ________ states that evidence collected in violation of the Fourth Amendment cannot be used in a trial.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
22
Care,control,and chain of custody are called the ________ of evidence.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
23
A(n)________ is a reasonable belief that a person has committed a crime.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
24
One of the more popular theories is that a person could actually commit ________ by changing a patient's medication data.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
25
If evidence items are released to auditors or authorities,the ________ should be recorded.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
26
According to a 2003 survey,________ and China had the highest piracy rates.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
27
________ is the blending of accounting,auditing,and investigative skills.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
28
Criminals whose purpose is ________ need to brag about their exploits because they are motivated by a desire for fame or notoriety.
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
29
Match between columns
Premises:
Responses:
Illegal gambling
Computer is the crime instrument
Illegal gambling
New crime generated by prevalence of computers
Illegal gambling
Computer is the crime target
Illegal gambling
Computer is incidental to traditional crime
Theft of intellectual property
Computer is the crime instrument
Theft of intellectual property
New crime generated by prevalence of computers
Theft of intellectual property
Computer is the crime target
Theft of intellectual property
Computer is incidental to traditional crime
Fraud from computer billings
Computer is the crime instrument
Fraud from computer billings
New crime generated by prevalence of computers
Fraud from computer billings
Computer is the crime target
Fraud from computer billings
Computer is incidental to traditional crime
Software piracy
Computer is the crime instrument
Software piracy
New crime generated by prevalence of computers
Software piracy
Computer is the crime target
Software piracy
Computer is incidental to traditional crime
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
30
Match between columns
Premises:
Responses:
Techno-vandalism
Phony Web sites
Techno-vandalism
Unauthorized access causes damage
Techno-vandalism
Criminal trespass
Techno-vandalism
Gives the user Admin rights
Root access
Phony Web sites
Root access
Unauthorized access causes damage
Root access
Criminal trespass
Root access
Gives the user Admin rights
Spoofing
Phony Web sites
Spoofing
Unauthorized access causes damage
Spoofing
Criminal trespass
Spoofing
Gives the user Admin rights
Techno-trespass
Phony Web sites
Techno-trespass
Unauthorized access causes damage
Techno-trespass
Criminal trespass
Techno-trespass
Gives the user Admin rights
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
31
Match between columns
Premises:
Responses:
Sector
Smallest unit that can be accessed on a disk
Sector
Space not currently used to store an active file
Sector
Remnant area at the end of a file
Sector
Fixed block of data such as 1024 bytes
Unallocated space
Smallest unit that can be accessed on a disk
Unallocated space
Space not currently used to store an active file
Unallocated space
Remnant area at the end of a file
Unallocated space
Fixed block of data such as 1024 bytes
Slack space
Smallest unit that can be accessed on a disk
Slack space
Space not currently used to store an active file
Slack space
Remnant area at the end of a file
Slack space
Fixed block of data such as 1024 bytes
Cluster
Smallest unit that can be accessed on a disk
Cluster
Space not currently used to store an active file
Cluster
Remnant area at the end of a file
Cluster
Fixed block of data such as 1024 bytes
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
32
Match between columns
Premises:
Responses:
John Allen Mohammad
Digital recordings on a device in car
John Allen Mohammad
E-mail communication between criminal and victim
John Allen Mohammad
GPS data from car and cell phone
John Allen Mohammad
Evidence of child pornography on computer
Lisa Montgomery
Digital recordings on a device in car
Lisa Montgomery
E-mail communication between criminal and victim
Lisa Montgomery
GPS data from car and cell phone
Lisa Montgomery
Evidence of child pornography on computer
Alejandro Avila
Digital recordings on a device in car
Alejandro Avila
E-mail communication between criminal and victim
Alejandro Avila
GPS data from car and cell phone
Alejandro Avila
Evidence of child pornography on computer
Scott Peterson
Digital recordings on a device in car
Scott Peterson
E-mail communication between criminal and victim
Scott Peterson
GPS data from car and cell phone
Scott Peterson
Evidence of child pornography on computer
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 32 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree