You work in a police department forensics lab where you examine computers for evidence of crimes. Your workis vital to the success of the prosecution of criminals.
One day you receive a laptop and are part of a two man team responsible for examining it together. However, it
is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.
What critical step in forensic evidence have you forgotten?

Configuration Management is a requirement for the following level(s) of the Orange Book?

This type of control is used to ensure that transactions are properly entered into the system once. Elements of
this type of control may include counting data and time stamping it with the date it was entered or edited?

Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally
or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering
the system?

Which of the following is NOT a component of an Operations Security “triples”?

Which of the following are the two commonly defined types of covert channels?

Which of the following is an unintended communication path that is NOT protected by the system’s normal
security mechanisms?

Which of the following security controls might force an operator into collusion with personnel assigned
organizationally within a different function in order to gain access to unauthorized data?

Which of the following is used to interrupt the opportunity to use or perform collusion to subvert operation for
fraudulent purposes?

You are a criminal hacker and have infiltrated a corporate network via a compromised host and a
misconfigured firewall. You find many targets inside the network but all appear to be hardened except for one. It
has several notable vulnerable services and it therefore seems out of place with an otherwise secured network.
(Except for the misconfigured firewall, of course)
What is it that you are likely seeing here?