click below
click below
Normal Size Small Size show me how
Computer Forensics 2
COMPUTER FORENSICS 2 QUIZ - Term and Definitions
Question | Answer |
---|---|
Audit Trail | A chronological record of system activities on a computer or network security system that may keep track of user actions such as logins, file access, and other activities. |
Back Door | A means of accessing or controlling a computer that bypasses normal authentication, while remaining hidden from the casual user. |
Backdoor Trojan | A generic name for Trojan horse programs that open a backdoor and allow an unauthorized user remote access to a computer |
Backup | A copy of data kept as an emergency measure against data loss in a system or media failure, and/or for the purpose of keeping archival data. Usually kept separate from the system containing the active version of the data that is being backed up. |
Buffer | An area of memory used to temporarily hold data. May be written to a buffer file. |
Chain of Custody | As in other fields, a record of the chronological history of (electronic) evidence |
Compressed file | A file that has been encoded using less space than the original file in its uncompressed state. A zipped file may contain more than on compressed file. |
Computer Forensics | A practice and methodology that involves any or all of the following: electronic imaging, electronic discovery, forensic analysis of discovered information, preparation of information in a manner useful in court, |
Corrupt Data | A file that is damaged. Damage may have occurred inadvertently during transmission, copying, through operating system error, physical damage to the media on which the data was stored, or though other means. |
Data | Information stored on a computer that is not part of a program. |
Default | A setting or value automatically assigned without user intervention. |
Delete | To cause a file or email to move from an active or live state to an ambient state, usually performed by the delete [Del] key. Deleted files, while generally not removed from the computer until overwritten, are nonetheless invisible to the user. |
Directory | A hierarchically arranged listing of files stored on a hard disk or other media. The topmost directory is the root directory. |
Disk | Generally a hard disk. Floppy diskettes are often referred to as disks |
Disk Mirroring | Data copied to another hard disk or to another area on the same hard disk in order to have a complete, identical copy of the original. |
Download | The transfer of data between two computers, generally over a network. For instance, a common mistake is to say that one downloaded a file from a diskette, when a file is copied (not downloaded) from a diskette. |
Encryption | A process to render a file unreadable to unauthorized persons or devices. |
File Attribute | Properties associated with a file that are kept with the file directory listing. Such attributes include the date and time the file was last accessed, created, or modified, |
File Extension | Part of a file’s name, usually follows a “dot,” or period in a file name. Some operating systems, such a Microsoft Windows, depend on the extension to know what program is used to open the given file. (i.e..DOC) |
File Server | A computer on a network that is used to store files from and for multiple users on the network. A file server may also be used as an Application Server, a Backup Server, or as a Mail Server. May be used as a backup for the computers on the network. |
File signature | Information contained within a file that identifies its type, even though the file’s extension may have been altered. |
Forensic image | A forensically sound and complete copy of a hard drive or other digital media, generally intended for use as evidence. Such copies include unallocated space, slack space, and boot record. |
GIF | A common format for storage of digital images. An acronym for Graphic Interchange Format. Pronounced “Jiff.” GIFs have the file extension “gif” |
GUI | Graphical User Interface. An image and icon-based interface designed to make manipulation of computer data easy. Common GUIs are Microsoft Windows and the Macintosh OS. |
HTML | An authoring language, written in text that is used to create documents for access on the World Wide Web. Such documents may be web pages, or otherwise enhanced documents or email messages. Stands fro Hypertext Markup Language. |
Hash Value | A hash is a number generated from a string of text. A hash value may be generated for a single file, or for an entire hard disk. A matching hash virtually guarantees that a copy is identical to the original. It does not absolutely guarantee this. |
IP Address | Electronic identifier for a specific computer or device on the World Wide Web or electronic network using the TCP/IP protocol. An IP address is a series of four numbers separated by periods (“dots”). 192.168.55.207 |
ISP | Internet Service Provider. A provider of access to or connection to the Internet. Some large ISPs include Earthlink, Yahoo, Roadrunner, SBC Global. |
JPEG | A common format for storage of digital images. An acronym for Joint Photographic Experts Group. Pronounced “jay-peg.” JPEGs have the file extension, “jpg” |
Keylogger | A program or device designed to keep a record of the keys types on a computer. May be used for monitoring, or espionage, such as to collect passwords. Some keyloggers may be accessed remotely. |