Chat with AI
Deck 23: Digital Evidence on the Internet
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/30
Play
Full screen (f)
Deck 23: Digital Evidence on the Internet
1
Who is authorized to conduct online undercover investigations when child pornography is involved?
A) Anyone
B) Computer security professionals
C) Journalists
D) Law enforcement
A) Anyone
B) Computer security professionals
C) Journalists
D) Law enforcement
D
2
When you access a web page, the content may be located on a server other than the one you accessed.
True
3
What peer-to-peer clients use the Fast Track network?
A) KaZaA
B) Grokster
C) iMesh
D) All of the above
A) KaZaA
B) Grokster
C) iMesh
D) All of the above
D
4
Web Whacker and Httrack are examples of tools that:
A) Search the Web
B) Deface websites
C) Capture websites
D) Launch websites
A) Search the Web
B) Deface websites
C) Capture websites
D) Launch websites
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
5
Second Life is one of the better known:
A) Research websites
B) Archive websites
C) Virtual worlds
D) Web-based game shows
A) Research websites
B) Archive websites
C) Virtual worlds
D) Web-based game shows
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
6
Synchronous chat networks are particularly conducive to criminal activity because of their
A) Privacy
B) Immediacy
C) Impermanence
D) All of the above
A) Privacy
B) Immediacy
C) Impermanence
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
7
Metaverseink is a:
A) Search tool (people or things) for virtual worlds
B) Newsgroup aggregator
C) Social networking meta-tool
D) A file-sharing peer-to-peer network
A) Search tool (people or things) for virtual worlds
B) Newsgroup aggregator
C) Social networking meta-tool
D) A file-sharing peer-to-peer network
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
8
When it is not possible to determine the identity of the author of a Usenet message using IP addresses in the header, what else can you do to learn more about the author?
A) Look for unusual signature and use of language
B) Search the Web using distinctive aspects of posts
C) Look for similar Usenet messages posted using an alias
D) All of the above
A) Look for unusual signature and use of language
B) Search the Web using distinctive aspects of posts
C) Look for similar Usenet messages posted using an alias
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
9
What are two of the most useful headers for determining the origination of Usenet messages?
A) From and Message-ID
B) NNTP-Posting-Host and X-Trace
C) Path and Subject
D) RFC1036 and RFC2980
A) From and Message-ID
B) NNTP-Posting-Host and X-Trace
C) Path and Subject
D) RFC1036 and RFC2980
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
10
What characteristics of IRC make it attractive to criminals?
A) IRC enables them to exchange illegal materials with other criminals.
B) IRC provides them with some level of anonymity.
C) IRC gives them direct, "live" access to a large pool of potential victims.
D) All of the above.
A) IRC enables them to exchange illegal materials with other criminals.
B) IRC provides them with some level of anonymity.
C) IRC gives them direct, "live" access to a large pool of potential victims.
D) All of the above.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following enables a user to connect to IRC and run IRC fserves without disclosing their IP address?
A) Freenet
B) psybnc bot
C) Fserve
D) All of the above
A) Freenet
B) psybnc bot
C) Fserve
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
12
The cybertrail is only useful for gathering information about an offender, not a victim.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
13
Why is it important to hide your identity when conducting an online investigation?
A) To reduce the risk of alerting the offender
B) To get yourself in the mindset of covert web investigating
C) To make it easier for you to determine the offender's location
D) All of the above
A) To reduce the risk of alerting the offender
B) To get yourself in the mindset of covert web investigating
C) To make it easier for you to determine the offender's location
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following tools can reconstruct TCP streams?
A) Tcpdump
B) Wireshark
C) Snoop
D) EnCase
A) Tcpdump
B) Wireshark
C) Snoop
D) EnCase
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
15
What information should you document when searching for evidence on the Web?
A) Date/time of search, search engine and terms used, address of pertinent results
B) Screenshots of significant search results
C) Download copies of the webpages and calculate their MD5 value
D) All of the above
A) Date/time of search, search engine and terms used, address of pertinent results
B) Screenshots of significant search results
C) Download copies of the webpages and calculate their MD5 value
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
16
Whois databases contain contact information relating to IP addresses but not domain names.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following applications leave traces of Internet activities on a personal computer?
A) Internet Explorer
B) KaZaA
C) IRC
D) All of the above
A) Internet Explorer
B) KaZaA
C) IRC
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
18
All web search engines use the same search syntax.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
19
The "invisible Web" can only be accessed by government employees.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following Internet services can be used to exchange illegal materials?
A) IRC
B) Usenet
C) KaZaa
D) All of the above
A) IRC
B) Usenet
C) KaZaa
D) All of the above
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
21
Criminals let their guard down in chat networks because they feel protected by the perceived anonymity.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
22
Posting information online takes control of the information away from the person and such information can remain online indefinitely.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
23
The Web archive (web.archive.org) contains a complete and accurate copy of web pages as they existed at a particular time.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
24
When evidence is located on the Internet, investigators should document and preserve it immediately or it may be gone the next time they look for it.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
25
It is not possible to decrypt and view captured network traffic.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
26
Pseudonymous e-mail enables the sender to receive responses to messages whereas anonymous e- mail does not.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
27
Freenet is not being widely used by criminals to exchange illegal materials because it is too difficult to use.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
28
E-mail Received headers can be relied on for tracking purposes because they cannot be forged.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
29
Given the wealth of information that social networks contain, digital investigators will often find useful information at these sites.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
30
KaZaa has one feature that can be beneficial from an investigative standpoint - whenever possible, it obtains files from peers in the same geographical region.
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 30 flashcards in this deck.
