What is electronic discovery?
Answer: The process whereby electronic documents are collected, prepared, reviewed, and distributed in association with legal and government proceedings .
Name some examples of electronic discovery items.
Answer: Examples of electronic discovery items are e-mail, word-processing documents, plaintext files, database files, spreadsheets, digital art or photos, and presentations.
The recovery of data focuses on what four factors?
Answer: Identifying the evidence; determining how to preserve it; extracting, processing and interpreting the evidence; and being sure the evidence is acceptable in a court of law.
Who works under more restrictive rules, law enforcement officials or corporate employees ?
Answer: Law enforcement officials work under more restrictive rules than agents of an employer and corporate employees.
What is incident response?
Answer: The actions taken to respond to a situation that can be recovered from relatively quickly.
What is the difference between a virus and a worm?
Answer: Worms do not need user intervention.
Why aren't incidents in many corporate environments reported ?
Answer: Negative publicity is the reason many corporations don't disclose security breaches to law enforcement agencies.
What law was passed to avoid future accounting scandals such as those involving Enron and WorldCom?
Answer: The Sarbanes-Oxley Act.
Name some factors that will determine which criminal cases get priority.
Answer: Frequency, the amount of harm inflicted, crime jurisdiction, and success of investigation.
Name a good resource for computer forensics training for law enforcement.
Answer: International Association of Computer Investigative Specialists (IACIS).