What term is used to describe a cryptographic technique for embedding information into something else for the
What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the investigation. You must maintain an unbiased opinion and be objective in your entire fact finding process. Therefore you report this evidence. This type of evidence is known as:
If you discover a criminal act while investigating a corporate policy abuse, it becomes a public- sector inves
If you discover a criminal act while investigating a corporate policy abuse, it becomes a public- sector investigation and should be referred to law enforcement?
What binary coding is used most often for e-mail purposes?
What binary coding is used most often for e-mail purposes?
gz on a Linux system while doing an investigation, what can you conclude?
If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?
From the following spam mail header, identify the host IP that sent this spam?
From the following spam mail header, identify the host IP that sent this spam?
From jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001 Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk (8.11.6/8.11.6) with ESMTP id
fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT) Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1)
with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT) Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk
From: “china hotel web”
To: “Shlam”
Subject: SHANGHAI (HILTON HOTEL) PACKAGE
Date: Tue, 27 Nov 2001 17:25:58 +0800 MIME-Version: 1.0 X-Priority: 3 X-MSMail-
Priority: Normal
Reply-To: “china hotel web”
you do not contaminate or alter data on the suspect’s hard drive by booting to the hard drive
If you plan to startup a suspect’s computer, you must modify the ___________ to ensure that you do not contaminate or alter data on the suspect’s hard drive by booting to the hard drive.
How many law-enforcement computer investigators should you request to staff the lab?
You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics lab. How many law-enforcement computer investigators should you request to staff the lab?
When obtaining a warrant it is important to:
When obtaining a warrant it is important to:
What is Terri trying to accomplish by sending this IP packet?
Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri’s duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company’s switches with ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?