Name:     ID: 
 
    Email: 

CNG 131 Chapter 17

True/False
Indicate whether the sentence or statement is true or false.
 

 1. 

Digital evidence poses special challenges for its admissibility in court.
 

 2. 

A good forensic analyst must be very much of a specialist.
 

 3. 

A good toolkit must be prepared in advance of the need for forensic analysis.
 

 4. 

Collecting evidence may actually destroy other evidence.
 

 5. 

The physical media on which the digital evidence is stored must be carefully guarded.
 

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.
 

 6. 

What explains the significance of collected evidence to recreate the methods used in a breach?
a.
logging
c.
toolkit
b.
analysis
d.
preparation
 

 7. 

The effort expended in training and developing tools for an effective and efficient forensic analysis is called:
a.
collection
c.
preparation
b.
vulnerability
d.
auditing
 

 8. 

What is a weakness associated with any condition or attribute of an asset which increases the probability that a threat will result in a loss?
a.
collection
c.
preparation
b.
vulnerability
d.
auditing
 

 9. 

The process of collecting auditing information and writing it to a security log is called:
a.
forensics
c.
audit usage
b.
toolkit
d.
logging
 

 10. 

The use of science and technology to investigate and establish facts in criminal or civil courts of law is called:
a.
toolkit
c.
risk management
b.
forensics
d.
digital evidence
 

 11. 

What is the use of encryption to prevent undetected modification of data?
a.
forensics
c.
risk management
b.
logging
d.
electronic signatures
 

 12. 

The analysis of assets, risks, and threats to determine system vulnerabilities and appropriate measures to minimize exposure is called:
a.
vulnerability
c.
risk management
b.
documentation
d.
None of the above
 

 13. 

If you store evidence in an electronic format, it is called:
a.
authentication
c.
electronic signatures
b.
digital evidence
d.
auditing
 

 14. 

Any person, place, thing, or commodity, for which there is a safeguarding requirement is called a(n):
a.
toolkit
c.
asset
b.
documentation
d.
None of the above
 

 15. 

A forensics analysis activity where all steps of the process are carefully recorded is called:
a.
logging
c.
digital evidence
b.
auditing
d.
documentation
 

 16. 

What do you call the mathematical validation that can be used to prove evidence has not been modified?
a.
toolkit
c.
digital evidence
b.
authentication
d.
None of the above
 

 17. 

Which item is more volatile?
a.
memory
c.
storage devices
b.
registry
d.
network connections
 

 18. 

A set of software tools that are stored on a read-only media to be used during a forensic analysis is called a(n):
a.
digital evidence
c.
toolkit
b.
risk management
d.
auditing
 

 19. 

Which of the following are steps in the forensic process?
a.
preparation
c.
evidence analysis
b.
evidence collection
d.
All of the above
 

 20. 

What must be carefully guarded as it relates to the storage of digital evidence?
a.
physical media
c.
computer rooms
b.
computer users
d.
None of the above
 

Matching
 
 
Please match the best term from the list below to the most appropriate concept.
a.
audit escalation
e.
documentation
b.
risk management
f.
logging
c.
toolkit
g.
vulnerability
d.
chain of custody
h.
electronic signatures
 

 21. 

Collecting auditing information and writing it to a security log.
 

 22. 

Use of encryption to prevent undetected modification of data.
 

 23. 

A record of all people who accessed any piece of data.
 

 24. 

Taking action based on the results of an audit.
 

 25. 

Analysis of assets, risks, and threats to determine system vulnerabilities and appropriate measures to minimize exposure.
 
 
Please match the best term from the list below to the most appropriate concept.
a.
forensics
e.
preparation
b.
authentication
f.
asset
c.
collection
g.
auditing
d.
analysis
h.
audit usage
 

 26. 

Any person, place, thing, or commodity, for which there is a safeguarding requirement.
 

 27. 

Explains the significance of collected evidence to recreate the methods used in the breach.
 

 28. 

Effort expended in training and developing tools for an effective and efficient forensic analysis.
 

 29. 

Testing security procedures and monitoring their effectiveness.
 

 30. 

Mathematical validation that can be used to prove evidence has not been modified.
 



 
Submit          Reset Help