Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Digital Forensics > Principles and models of a forensic investigation > Flashcards

Principles and models of a forensic investigation Flashcards

1
Q

What are the steps in McKemmish model?

A
  1. Acquisition
  2. Preservation
  3. Examination
  4. Analysis
  5. Presentation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the Daubert standard?

A

Defines principles for the testimony of the expert to be admissible in the court of law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which are the principles described in Dauberts standard?

A
  • Judge is a gatekeeper: trial judge will decide the admissibility of the evidence by expert, judge will make sure that the testimony is deeply rooted in the scientific knowledge
  • Relevant : the judge makes sure that the evidence is relevant to the fact in issue
  • Reliable : the methods and the techniques used by the expert are reliable and reliably applied to the fact in hand
  • Scientific knowledge :
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain scientific knowledge

A
  • it is based on empirical review and testing
  • it is based on the peer review published work, –the potential error rate is known,
  • it is subject to standards controlling its application
  • it is generally accepted by the relevant scientific community
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which 4 types of analysis is there?

A
  1. Relational
  2. Functional
  3. Temporal
  4. Forensic analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain Relational analysis

A

Geographic locations, communication and interconnections among different entities/actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain Functional analisys

A

Configuration and the state of the system in the time of crime, malware analysis and engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain Temporal analysis

A

Timeline of the events, identify the dynamics or the intensity of the activities and to identify patterns of behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain forensic analysis

A

Providing crucial evidence while dealing with complexity that the actors behind the evidence create.

  • seeking : what happened
  • Linkage : the extent and the relations of interactions
  • Source evaluation : sources and were they came from
  • Attribution : allocation of responsibilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When you talk about source evaluation, there are 4 categories of evidence, which?

A
  1. Produced by a source : production
  2. A segment of a source : possibly from more evidence that have med fragmented
  3. Altered by the source
  4. Just an isolated piece of evidence
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When recovering deleted data, which two objectives are there?

A
  1. Salvage and preserve all the digitally stored data

2. Transform what is unreadable or unintelligible into readable and meaningful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Qualification must reflect the level of confidence the examiner has in the evidence, how do you scale it?

A

By the certainty scale or the degrees of likelihood (almost certain, most probably, probably, very possibly and possibly)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Digital Forensics (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions