Chapter 8

Previous page
Table of content
Next page

  1. Which utility, originally created for the Unix platform, copies and converts files using two basic arguments ( if and of )?

    Answer: The dd utility

  2. Which software suite provides an Enterprise Edition that specifically supports volatile data analysis on a live Windows system?

    Answer: EnCase

  3. Which disk imaging software operates as an extended DOS command shell?

    Answer: DriveSpy

  4. What are two common algorithms used to create hash values for drive images?

    Answer: MD5 and SHA

  5. Which forensic software suite integrates the dtSearch engine in its searching function?

    Answer: FTK

  6. What two software suites are free?

    Answer: TCT and TSK

  7. What are two of several vendors of forensic computers?

    Answer: Vogon and Digital Intelligence

  8. After creating an image of a drive, what must you do to ensure the copy matches the original?

    Answer: Calculate a hash of the image and compare to the original.

  9. You have many factors to consider when choosing appropriate forensic software. Name two.

    Answer: Answers can include expected types of investigations, operating system needs and preference, background and training, budget, and status (law enforcement or private organization).

  10. Which utilities provide comprehensive forensic functionality?

    Answer: EnCase and FTK



Previous page
Table of content
Next page
Computer Forensics JumpStart
Computer Forensics JumpStart
ISBN: 0470931663
EAN: 2147483647
Year: 2004
Pages: 153
Authors: Michael G. Solomon, K Rudolph, Ed Tittel, Neil Broom, Diane Barrett
BUY ON AMAZON
Beginning Cryptography with Java
The .NET Developers Guide to Directory Services Programming
SQL Hacks
Mastering Delphi 7
Twisted Network Programming Essentials
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy