Sectors in hard disks typically contain how many bytes?

What does the superblock in Linux define?

When obtaining a warrant it is important to:

You are working for a local police department that services a population of 1,000,000 people and
you have been given the task of building a computer forensics laB. How many law-enforcement
computer investigators should you request to staff the lab?

From the following spam mail header, identify the host IP that sent this spam? From
jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001 Received: from
viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk (8.11.6/8.11.6) with
ESMTP id fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT) Received: from
mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by viruswall.ie.cuhk.edu.hk
(8.12.1/8.12.1) with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT)
Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk
From: “china hotel web”
To: “Shlam”
Subject: SHANGHAI (HILTON HOTEL) PACKAGE Date: Tue, 27 Nov 2001 17:25:58 +0800
MIME-Version: 1.0 X-Priority: 3 X-MSMail- Priority: Normal ReplyTo: “china hotel web”

If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation,
what can you conclude?

What binary coding is used most often for e-mail purposes?

If you discover a criminal act while investigating a corporate policy abuse, it becomes a publicsector investigation and should be referred to law enforcement?

During the course of an investigation, you locate evidence that may prove the innocence of the
suspect of the investigation. You must maintain an unbiased opinion and be objective in your
entire fact finding process. Therefore you report this evidence. This type of evidence is known as:

What term is used to describe a cryptographic technique for embedding information into
something else for the sole purpose of hiding that information from the casual observer?