Sectors in hard disks typically contain how many bytes?
Answer :
512
Why should you note all cable connections for a computer you want to seize as evidence?
Answer :
to know what outside connections existed
Which federal computer crime law specifically refers to fraud and related activity in connection with access devices like routers?
Answer :
18 U.S.C. 1029
When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?
Answer :
a write-blocker
When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?
Answer :
in the DHCP Server log files
With Regard to using an Antivirus scanner during a computer forensics investigation, You should:
Answer :
Scan your Forensics workstation before beginning an investigation
Which of the following is NOT a graphics file?
Answer :
Picture3.nfo
In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.
Answer :
Computer Forensics
While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?
Answer :
Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge
