PRELIM

Question 1

tools and techniques that frustrate forensic tools, investigations,
and investigators

Answer 1

ANTI FORENSICS

Question 2

a model that enables customers to be in control of their
computing resource needs and add computing resources as they
wish through a highly automated and responsive set of processes.

Answer 2

CLOUD COMPUTING

Question 3

any device capable of performing logical, arithmetic, routing, or
storage facility, or equipment or communications facility or
equipment directly to or operating in conjunction with such
device

Answer 3

COMPUTER

Question 4

-
any representation of facts, information, or concepts in
a local computer system or online

Answer 4

COMPUTER DATA

Question 5

refers to any device or group of interconnected or related devices, one or more of which, pursuant to a
program, performs automated processing data

Answer 5

COMPUTER SYSTEM

Question 6

application of scientific principles to the process of discovering information from a digital device

Answer 6

DIGITAL FORENSICS

Question 7

stores and provides relatively quick access to large amounts of data on an electromagnetically charged surface

Answer 7

HARD DISK/ DISK DRIVE/HARD DRIVE/HARD DISK DRIVE

Question 8

physical components of a computer

Answer 8

HARDWARE

Question 9

involves the application of scientific principles to the process of discovering information from mobile devices which include cell phones, smartphones, and table devices.

Answer 9

MOBILE FORENSICS

Question 10

involves capturing, recording, and analysis of network events to discover source of security attack

Answer 10

NETWORK FORENSICS

Question 11

a set of instructions compiled into a program that performs a particular task

Answer 11

SOFTWARE

Question 12

criminal act committed via computer

Answer 12

Computer Crime

Question 13

criminal activities in which a
computer was peripherally/incidentally involved

Answer 13

Computer Related Crime

Question 14

a criminal activity which has been committed through, or facilitated by the Internet.

Answer 14

Cybercrime

Question 15

any criminal activity which involves the
unauthorized access, dissemination, manipulation, destruction, or corruption of electronically stored data

Answer 15

Digital Crime

Question 16

application of investigation and analysis techniques to gather
and preserve evidence from a particular computing device in a
way that is suitable for presentation in a court of law

Answer 16

COMPUTER FORENSICS

Question 17

Computer Forensic is concerns in the process of

Answer 17

a. obtaining
b. processing and analyzing
c. storing digital information

for criminal, civil and administrative cases

Question 18

USES OF COMPUTER FORENSICS IN LAW ENFORCEMENT

Answer 18

1. recovering deleted files
2. searching unallocated space
3. tracing artifacts
4. processing hidden files
5. running a string
   search

Question 19

COMPUTER FORENSICS ASSISTANCE TO HUMAN RESOURCES /
EMPLOYMENT PROCEEDINGS

Answer 19

employer safeguard program

Question 20

COMPUTER FORENSICS SERVICES

Answer 20

1. data seizure
2. data duplication/preservation
3. data recovery
4. document searches
5. media conversion
6. expert witness services
7. Computer evidence service options
8. Other miscellaneous services

Question 21

data duplication/preservation

• When one party must seize data from another, two concerns must be
  addressed:

Answer 21

a. the data must not be altered in any way
b. the seizure must not put an undue burden on the
responding party

Question 22

Computer evidence service options

• various levels of service, each designed to suit your individual
  investigative needs

Answer 22

a. Standard service
b. On site service
c. Emergency service
d. Priority service
e. Weekend service

Question 23

Other miscellaneous services

Answer 23

1. On-site seizure of computer data in criminal investigations
2. Analysis of computers and data in civil litigations
3. On-site seizure of computer data in civil litigations
4. Analysis of company computers to determine employee activity
5. Assistance in preparing electronic discovery requests
6. Reporting in a comprehensive and readily understandable manner
7. Court-recognized computer expert witness testimony
8. Computer forensics on both PC and Mac platforms
9. Fast turnaround time.

Question 24

BENEFITS OF PROFESSIONAL
FORENSIC METHODOLOGY

Answer 24

1. No possible evidence is damaged, destroyed, or otherwise compromised by the procedures used to investigate the computer.
2. No possible computer virus is introduced to a subject computer during the analysis process.
3. Extracted and possibly relevant evidence is properly handled and protected from later mechanical or electromagnetic damage.
4. A continuing chain of custody is established and maintained.
5. Business operations are affected for a limited amount of time, if at all.
6. Any client attorney information that is inadvertently acquired
   during a forensic exploration is ethically and legally respected
   and not divulged

Question 25

STEPS TAKEN BY COMPUTER FORENSICS SPECIALISTS

Answer 25

1. protect 2. discover 3. recover 4. reveal 5. access 6. analyze 7. print out 8. provide

Question 26

CHALLENGES FACED BY INVESTIGATORS OF ELECTRONIC EVIDENCE

Answer 26

1. evidence may be difficult to detect 2. degree of anonymity 3. electronic evidence are quite fragile 4. global nature of evidence

Question 27

CYBERCRIME CLASSIFICATIONS (Inside or OUtside)

Answer 27

1. Against Individuals 2. Against Property 3. Against Organizations 4. Against Society

Question 28

Against Individuals

Answer 28

1. e-mail spoofing, 2. spamming, 3. cyber defamation, 4. cyber harassment and cyberstalking.

Question 29

which the e-mail header is forged so that the mail appears to originate from one source but actually has been sent from another source.

Answer 29

e-mail spoofing

Question 30

sending multiple copies of unsolicited mails or mass e-mails such as chain letters.

Answer 30

Spamming

Question 31

This occurs when defamation takes place with the help of computers and/or the Internet

Answer 31

Cyber Defamation

Question 32

following an individual's activity over internet

Answer 32

Cyber Harassments and Cyber Stalking

Question 33

Against Property

Answer 33

1. credit card frauds 2. internet time theft 3. intellectual property crimes.

Question 34

the usage of the Internet hours by an unauthorized person which is actually paid by another person

Answer 34

internet time theft

Question 35

intellectual property crimes - includes the following:

Answer 35

1. Software piracy 2. Copyright infringement 3. Trademark violations 4. Theft of computer source code

Question 36

Illegal copying of programs, distribution of copies of software.

Answer 36

Software piracy

Question 37

Using copyrighted material without proper permission

Answer 37

Copyright infringement

Question 38

Using trademarks and associated rights without permission of the actual holder.

Answer 38

Trademarks violations

Question 39

Stealing, destroying, or misusing the source code of a computer.

Answer 39

Theft of computer source code

Question 40

Against Organizations

Answer 40

1. unauthorized accessing of computer 2. denial of service 3. computer contamination/virus attack 4. e-mail bombing 5. salami attack 6. logic bomb 7. trojan horse 8. data diddling.

Question 41

Accessing the computer/network without permission from the owner

Answer 41

Unauthorized accessing of computer

Question 42

The criminal reads or copies confidential or proprietary information, but the data is neither deleted nor changed

Answer 42

Computer voyeur

Question 43

When Internet server is flooded with continuous bogus requests so as to denying legitimate users to use the server or to crash the server.

Answer 43

Denial of service

Question 44

a computer program that can infect other programs with virus

Answer 44

Computer contamination / Virus attack

Question 45

sending large number of mails to the individual or company or mail servers ultimately resulting into crashing

Answer 45

e-mail bombing

Question 46

financial crimes committed when negligible amounts are removed and accumulated into something larger

Answer 46

Salami attack

Question 47

an event dependent program designated to crash the computer

Answer 47

Logic bomb

Question 48

a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious

Answer 48

Trojan horse

Question 49

altering of raw data before it is processed by a computer and then changing it back after the process was completed

Answer 49

Data diddling

Question 50

Against Society

Answer 50

1. Forgery 2. Cyber Terrorism 3. Web Jacking

Question 51

hackers gain access and control over a website of another even changing the content of website

Answer 51

Web Jacking

Question 52

no physical or geographic boundaries

Answer 52

cybercrime

Question 53

committed in a certain place to a certain target / victim at a time

Answer 53

traditional crime

Question 54

Reasons why cybercrimes continue to exist despite creation of anti cybercrime laws:

Answer 54

1. Inherent vulnerability of computer networks/ internet. 2. The enormous number of computers connected to the internet gives cybercriminals a wide array of target. 3.The internet is an effective medium for running automated systems, thus leading to automation of illegal internet activity. 4. The unregulated nature of the internet. 5. Overwhelming impact of advancements in technology. 6. Anonymity in the virtual world 7. Different cybercrime laws of different countries 8. Existence of different social engineering techniques

Question 55

TYPES OF HACKING

Answer 55

A. Ethical Hacking B. Unethical Hacking

Question 56

- used to identify vulnerabilities and secure systems - simulation of real-world attacks to fix security flaws - conducted within legal and ethical boundaries

Answer 56

Ethical Hacking

Question 57

- violation of ethical standards and regulations - unauthorized access to sensitive information, disrupt operations, or cause harm

Answer 57

Unethical Hacking

Question 58

Phases of Unethical Hacking

Answer 58

1. Performing Reconnaissance Reconnaissance (pre-attack phase) 2. Scanning and Enumeration 3. Gaining Access 4. Escalation of Privilege 5. Maintaining Access 6. Covering Tracks and Planting Backdoors

Question 59

Some Techniques for Reconnaissance:

Answer 59

a. Dumpster Diving b. War Driving c. Sniffing d. Social Engineering

Question 60

systematic attempt to locate, gather, identify, and record information about the target

Answer 60

Performing Reconnaissance (pre-attack phase)

Question 61

probing a target network/system to identify potential vulnerabilities

Answer 61

Scanning

Question 62

gathering information about the target system or network

Answer 62

Enumeration

Question 63

aim is to become system administrator & have full access and control

Answer 63

Escalation of Privilege

Question 64

pull down the password file or steal other passwords so that they can access other user’s accounts

Answer 64

Maintaining Access

Question 65

set of tools used to help the attacker maintain his access to the system and use it for malicious purposes

Answer 65

rootkits

Question 66

a. Using rootkits or other tools to cover their tracks b. Hunt down log files and attempt to alter or erase them c. Utilize file hiding techniques, such as hidden directories, hidden attributes, and alternate data streams (ADS) d.Creation of backdoors to reenter the computer at will e. Insertion of programs or malicious codes for future activation in hidden files/directories botnet & zombie

Answer 66

Covering Tracks and Planting Backdoors

Question 67

Identity Theft and Identity Fraud Criminal Acts Facilitated by Identity Theft / Fraud:

Answer 67

1.Money Laundering 2.Drug trafficking 3.Alien Smuggling 4.Weapon Smuggling 5.Extortion 6.Misappropriation of Funds 7.Embezzlement and other financial crime

Question 68

Types of Identity Theft and Identity Fraud

Answer 68

1. Assumption of Identity 2. Theft for Employment 3. Reverse Criminal Record Identity Theft 4. Virtual Identity Theft / Fraud 5. Credit Identity Theft / Fraud

Question 69

- rarest form of identity theft/fraud - occurs when an individual simply assumes the identity of his/her victim, including all aspects of the victim’s life

Answer 69

Types of Identity Theft and Identity Fraud

Question 70

- fraudulent use of stolen or fictitious personal information to obtain employment - common to illegal immigrants

Answer 70

Theft for Employment

Question 71

occurs when a criminal uses a victim’s identity, not to engage in criminal activity, but to seek employment

Answer 71

Reverse Criminal Record Identity Theft

Question 72

- use of personal, professional, or other dimensions of identity toward the development of a fraudulent virtual personality - often used for online dating, role playing, and accessing deviant sites or locations containing questionable content and are used by individuals to explore forbidden areas or to satisfy their curiosity behind a veil of anonymity

Answer 72

Virtual Identity Theft / Fraud

Question 73

- most common and most feared type -use of stolen personal and financial information to facilitate the creation of fraudulent accounts

Answer 73

Credit Identity Theft / Fraud

Question 74

illegal use of a stolen credit card

Answer 74

credit card fraud

Question 75

Other Classifications of Identity Fraud

Answer 75

1. Financial Identity Theft 2. Criminal Identity Theft 3. Identity Cloning 4. Business / Commercial Identity Theft

Question 76

identity = gain financial transactions

Answer 76

Financial Identity Theft

Question 77

identity = committing crimes usually cybercrimes

Answer 77

Criminal Identity Theft

Question 78

-offender assumes the identity of the victim in his or her daily life

Answer 78

Identity Cloning

Question 79

use of another business’ or organization’s name to obtain credit, funds, goods, or services

Answer 79

Business / Commercial Identity Theft

Question 80

Victimology Susceptible victims of Identity Theft/Fraud include but are not limited to the following:

Answer 80

1.Smartphone owners who fail to safeguard their devices with passwords 2.People who publicly share personal information in social networking sites 3.People who are usually using services of online banking, online communication, and online shopping 4.People / companies who experienced data breaches

Question 81

CATEGORIES OF TECHNIQUES EMPLOYED BY IDENTITY

Answer 81

A. physical B. virtual

Question 82

Physical Methods of Identity Theft

Answer 82

1. Mail Theft 2. Dumpster Diving 3. Theft of Computers 4. Bag Operations 5. Child Identity Theft 6. Insiders 7. Fraudulent / Fictitious Companies 8. Card Skimming, ATM Manipulation, and Fraudulent Machines

Question 83

retrieving info from unsecured mail boxes

Answer 83

Mail Theft

Question 84

- surreptitious entry into hotel rooms to steal, photograph, or photocopy documents, or copy magnetic media, or download information for a laptop computer and is made easier with the availability of mass storage removable media

Answer 84

Bag Operations

Question 85

- stealing their children’s identities for employment, evasion of authorities, financial gain and credit

Answer 85

5. Child Identity Theft

Question 86

- reading and recording of personal information encoded on the magnetic strip of an automated teller machine or credit card

Answer 86

Card Skimming, ATM Manipulation, and Fraudulent Machines

Question 87

VIRTUAL OR INTERNET FACILITATED METHODS

Answer 87

1. Phishing 2.Spyware and Crimeware 3.Keyloggers and Password Stealers 4. Trojans horse or Trojan

Question 88

- malware that is often disguised as legitimate software

Answer 88

Trojans horse or Trojan

Question 89

devices or software programs which record the input activity of a computer or system

Answer 89

Keyloggers

Question 90

type of computer virus that infects your machine, records all of your user passwords and then emails them to a remote user

Answer 90

Password Stealers

Question 91

a browser based software designed to capture and transmit privacy sensitive information to third parties without the knowledge and consent of the user

Answer 91

Spyware

Question 92

is a spyware created or employed specifically to facilitate identity theft or other economically motivated crime.

Answer 92

Crimeware

Question 93

provide mechanism for cybercriminals to change website IP addresses repeatedly without affecting the domain name

Answer 93

Botnets

Question 94

e-mail = recipient for his/ her assistance in claiming “found” money

Answer 94

Advance fee Fraud / 419 Fraud

Question 95

malicious programs which redirect user’s network traffic to undesired sites

Answer 95

Redirectors

Question 96

redirects the connection between IP address and its target service and is accomplished when the link is altered so that consumers are unwittingly redirected to a mirror site

Answer 96

B. Pharming

Question 97

company trademarks and logos

Answer 97

A. Spoofing

Question 98

solicitation of information via e mail or directing individuals to fake websites

Answer 98

Phishing

Question 99

CATEGORIES OF PHISHING ATTACKS

Answer 99

A. Spoofing B. Pharming C. Redirectors D. Advance fee Fraud / 419 Fraud E. Botnets