Volatile information can be easily modified or lost when the system is shut down or rebooted. It
helps to determine a logical timeline of the security incident and the users who would be
responsible.

A steganographic file system is a method to store the files in a way that encrypts and hides the
data without the knowledge of others

Which device in a wireless local area network (WLAN) determines the next network point to which
a packet should be forwarded toward its destination?

Data Acquisition is the process of imaging or otherwise obtaining information from a digital device
and its peripheral equipment and media

LBA (Logical Block Address) addresses data by allotting a ___________to each sector of the hard
disk.

Buffer Overflow occurs when an application writes more data to a block of memory, or buffer, than
the buffer is allocated to hold. Buffer overflow attacks allow an attacker to modify the

_______________in order to control the process execution, crash the process and modify internal
variables.

Physical security recommendations: There should be only one entrance to a forensics lab?

File signature analysis involves collecting information from the __________ of a file to determine
the type and function of the file

You should always work with original evidence

When a system is compromised, attackers often try to disable auditing, in Windows 7;
modifications to the audit policy are recorded as entries of Event ID____________.