Final Review

Front 1

a branch of Forensic Science that uses investigation and analysis techniques to find and determine legal evidence found in computer and digital storage mediums.

Back 1

Computer forensic

Front 2

referred to as computer forensics analysis, electronic and data discovery.

Back 2

Computer forensics

Front 3

is the process of methodically examining electronic media (Hard disks, Disk tapes, Floppy disks, etc.) for evidence.

Back 3

Computer Analysis and Computer Examination

Front 4

an FBI program was created. For a

time it was known as magnet media program.

Back 4

1984

Front 5

the father of Computer Forensics, began to work on it.

Back 5

Michael anderson

Front 6

CART

Back 6

Computer Analysis and Response Team

Front 7

International Organization on Computer Evidence (IOCE) was formed.

Back 7

1995

Front 8

The G8 countries declared that “Law Enforcement personnel must be trained and equipped to address hi-tech crimes”.

Back 8

1997

Front 9

INTERPOL Forensic Science symposium was held.

Back 9

1998

Front 10

FBI CART case load exceeds 2000 cases examining, 17 terabytes of data.

Back 10

1999

Front 11

First FBI Regional Computer Forensic Laboratory established.

Back 11

2000

Front 12

FBI CART case load exceeds 6500 cases, examining 782 terabytes of data.

Back 12

2003

Front 13

stands for that the evidence must be usable. If the evidence is not

usable, then it is considered not present.

Back 13

Admissible

Front 14

The expert must be able to explain that the evidence is related to the incident in a

relevant manner.

Back 14

Aunthentic

Front 15

: The evidence collected must show

every perspective of the evidence. If it shows the possible attacker’s involvement, it must be able prove his/her innocence.

Back 15

Complete

Front 16

The evidence collection must be authentic and it must not cast doubt on it’s

reliability.

Back 16

Reliable

Front 17

The evidence presented must be understandable and believable to the jury.

Back 17

Believable

Front 18

are the software and hardware used for gathering data from the media storage devices of the computer that is believed to be used to commit any crime.

Back 18

forensic tools

Front 19

It extracts registry information from a piece of evidence (disk image etc.) whether that information was active, backed up to deleted and rebuild all the registries represented by the extracted information.

Back 19

Registry recon

Front 20

It extracts registry information from a piece of evidence (disk image etc.) whether that information was active, backed up to deleted and rebuild all the registries represented by the extracted information.

Back 20

Registry recon

Front 21

It is pre configured with all the tools to perform a detailed forensic examination. The new Ubuntu base with additional tools like replaying of entire computer activity in detail.

Back 21

SANS Investigative Tool kit

Front 22

is a self-contained memory analysis tool that analyses Windows OS memory and extracts information about running processes.

Back 22

Compile Memory Analysis Tool(CMAT)

Front 23

is a self-contained memory analysis tool that analyses Windows OS memory and extracts information about running processes.

Back 23

Compile Memory Analysis Tool(CMAT)

Front 24

This tool can acquire live memory images and analyze memory dumps. It is inclusive of Microsoft Windows.

Back 24

Memoryze

Front 25

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 25

Cellebrite Mobile Forensics

Front 26

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 26

Cellebrite Mobile Forensics

Front 27

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 27

MicroSystemation XRY

Front 28

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 28

Cellebrite Mobile Forensics

Front 29

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 29

MicroSystemation XRY

Front 30

used to acquire and analyze a computers volatile memory.

Back 30

Memory forensic tool

Front 31

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 31

Cellebrite Mobile Forensics

Front 32

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 32

MicroSystemation XRY

Front 33

used to acquire and analyze a computers volatile memory.

Back 33

Memory forensic tool

Front 34

tend to have hardware and software components.

Back 34

Mobile forensic tool

Front 35

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 35

Cellebrite Mobile Forensics

Front 36

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 36

MicroSystemation XRY

Front 37

used to acquire and analyze a computers volatile memory.

Back 37

Memory forensic tool

Front 38

tend to have hardware and software components.

Back 38

Mobile forensic tool

Front 39

are designed to capture and analyze network packets either from LAN or Internet.

Back 39

Network forensic tool

Front 40

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 40

Cellebrite Mobile Forensics

Front 41

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 41

MicroSystemation XRY

Front 42

used to acquire and analyze a computers volatile memory.

Back 42

Memory forensic tool

Front 43

tend to have hardware and software components.

Back 43

Mobile forensic tool

Front 44

are designed to capture and analyze network packets either from LAN or Internet.

Back 44

Network forensic tool

Front 45

It captures and analyzes packets. In short, it’s a protocol analyzer.

Back 45

Wire Shark

Front 46

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 46

Cellebrite Mobile Forensics

Front 47

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 47

MicroSystemation XRY

Front 48

used to acquire and analyze a computers volatile memory.

Back 48

Memory forensic tool

Front 49

tend to have hardware and software components.

Back 49

Mobile forensic tool

Front 50

are designed to capture and analyze network packets either from LAN or Internet.

Back 50

Network forensic tool

Front 51

It captures and analyzes packets. In short, it’s a protocol analyzer.

Back 51

Wire Shark

Front 52

It is a TCP/IP session reassembles. It records the TCP flow and stores the data

such that it is convenient for protocol analysis.

Back 52

TCP flow

Front 53

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 53

Cellebrite Mobile Forensics

Front 54

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 54

MicroSystemation XRY

Front 55

used to acquire and analyze a computers volatile memory.

Back 55

Memory forensic tool

Front 56

tend to have hardware and software components.

Back 56

Mobile forensic tool

Front 57

are designed to capture and analyze network packets either from LAN or Internet.

Back 57

Network forensic tool

Front 58

It captures and analyzes packets. In short, it’s a protocol analyzer.

Back 58

Wire Shark

Front 59

It is a TCP/IP session reassembles. It records the TCP flow and stores the data

such that it is convenient for protocol analysis.

Back 59

TCP flow

Front 60

is related to the investigations applied on database and metadata.

Back 60

Database forensic

Front 61

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 61

Cellebrite Mobile Forensics

Front 62

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 62

MicroSystemation XRY

Front 63

used to acquire and analyze a computers volatile memory.

Back 63

Memory forensic tool

Front 64

tend to have hardware and software components.

Back 64

Mobile forensic tool

Front 65

are designed to capture and analyze network packets either from LAN or Internet.

Back 65

Network forensic tool

Front 66

It captures and analyzes packets. In short, it’s a protocol analyzer.

Back 66

Wire Shark

Front 67

It is a TCP/IP session reassembles. It records the TCP flow and stores the data

such that it is convenient for protocol analysis.

Back 67

TCP flow

Front 68

is related to the investigations applied on database and metadata.

Back 68

Database forensic

Front 69

It uses an algorithm to establish unique numeric identifiers (hash values) for files known to be good or bad. It was developed to reduce the amount of time required to examine files on digital media.

Back 69

Hashkeeper

Front 70

It is a Universal Forensic extraction device which is both hardware and software. It is used to gather evidence from mobile devices and mobile media cards, Sims and GPS devices.

Back 70

Cellebrite Mobile Forensics

Front 71

digital forensic product by MicroSystemation used to recover information from mobile phones, smart phones, GPS, navigation tools and Tablets computers.

Back 71

MicroSystemation XRY

Front 72

used to acquire and analyze a computers volatile memory.

Back 72

Memory forensic tool

Front 73

tend to have hardware and software components.

Back 73

Mobile forensic tool

Front 74

are designed to capture and analyze network packets either from LAN or Internet.

Back 74

Network forensic tool

Front 75

It captures and analyzes packets. In short, it’s a protocol analyzer.

Back 75

Wire Shark

Front 76

It is a TCP/IP session reassembles. It records the TCP flow and stores the data

such that it is convenient for protocol analysis.

Back 76

TCP flow

Front 77

is related to the investigations applied on database and metadata.

Back 77

Database forensic

Front 78

It uses an algorithm to establish unique numeric identifiers (hash values) for files known to be good or bad. It was developed to reduce the amount of time required to examine files on digital media.

Back 78

Hashkeeper

Front 79

is a window based analysis and conversion tool that fraud investigators use to analyze server or mainframe data.

Back 79

Arbutus data tool