Updated Sat, April 24, 2010 at 5:55 a.m. MARCH - APRIL 2010 Edition

Ramesh Dad's Memoriam:

  PS 2010 Board:

Donate Prayer Letter:

PS  Interest Survey


 Home |Expressions |Impressions |Hotpressions |News| Greek Life |Education |Entertainment |Multimedia |Sports | Food |CulturalLife |Features| Archives | Top 5


Custom Search
 “Computer Forensics & Cybercrime Sample Study Guide!

 Ramesh C. Reddy

Editors Note: After praying to the Lord Jesus, I put together my own 25 multiple choice questions to help you assess what slides you need to focus your study on based on how many you get right. Also, the best way to study is to ask yourself what would have made the other answers correct. If you cannot answer that, you should go back and study the slides again. Studying this way is one study method. I do not know if the real final exam will be easier than this or harder. The real final could have questions from chapters 1-6 but I decided to focus on the chapters since the midterm 7-13. Hope you find this helpful to study. This only addresses the multiple choice part and not the essay questions.

Chapter 7,  Slide 2

1.               1 . A traditional challenge to prosecute computer crime is

A.    Lack of resources available to small agencies

B.     Overburdened state and federal agencies and reliance of small agencies on state and federal agencies.

C.     Snail pace of legislation

D.    Traditional apathy towards non-violent crime

E.     All of the above


Chapter 8, Slide 4

2.               2. This act was designed to regulate the previously untamed frontier of      cyberspace. Using this act, prosecutors charged Andrew because he used obscene communication to a minor and transmitted child pornography. He was also charged with harassment, stalking, annoyance and abuse due to the fact of using electronic medium.

A.    Protection of Children Against Sexual Exploitation (1977)

B.     Child Protection Act

C.     Telecommunications Reform Act of 1996

D.    Communications Decency Act

E.     Both c & d


Chapter 9, Slide 5

3.      This case led to the judicial creation of the exclusionary rule, fruits of the poisonous tree, and was designed to prevent unlawful actions against citizens by the police.

A.    Olmstead v. U.S. (1928)

B.     Katz v. United States

C.     Weeks v. United States

D.    O’Connor v. Ortega


Chapter 10, Slide 4

4.      Brianna is a cybercrimes division investigator and always teaches her employees to

A.    Always work from an image, leaving original intact.

B.     Always work from the original, leaving duplicate intact.

C.     Document, Document, Document

D.    Maintain the chain of custody

E.     Both a, c, & d


Chapter 11, Slide 3

5.      This was a notable computer forensics case where the killer was caught because of his web browser history and downloading of a map.

A.    Scott Peterson

B.     Robert Morris

C.     Dennis Rader

D.    David Fuller

E.     Kevin Mitnick


Chapter 12, Slide 4

6.      All of the following are ways to get evidence using artifacts of the windows system except

A.    Temporary Files

B.     Swap Files

C.     Metadata

D.    Event log or log files

E.     Printer spool


Chapter 13, Slide 6

7.      Additional approaches to internet crime is

A.    Accountability of ISP’s & Hosts

B.     Accountability of E-businesses

C.     Utilization of existing forfeiture statuses

D.    Know your customers

E.     All of the above


Chapter 13, Slide 8

8.      This is a problem with data mining and law enforcement

A.    Criticized by privacy advocates

B.     Criticized for mission creep

C.     Limited by lack of quality control – and no differentiation between good and bad data source.

D.    Lacks context (i.e. reveals patterns but not casual relationships or depth and strength of connection)

E.     All of the above


Chapter 12,  Slide 9

9.      Evidence from internet activity can be gathered by tracing IP addresses or domain names using

A.    Nslookup

B.     Traceroute

C.     FTK

D.    Whois

E.     Both a, b, & d

Chapter 11, Slide 7

10.  For probable cause to be established this element must be present

A.    Probable cause that a crime has been committed.

B.     Probable cause that evidence of a crime exists

C.     Probable cause that extant evidence resides in a particular location

D.    None of the above

E.     All of the above

Chapter  10, Slide 11

11.  In NIST standards for image and verification tools, all of the following are true except

A.    Tool must not alter the original disk

B.     Tool must not be able to access both IDE & SCSI disks

C.     Tool must be able to verify the integrity of a disk image file

D.    Tool must log I/O errors

E.     Tool must provide substantial documentation

Chapter 9, Slide 10

12.  Cathy, a systems administrator scanned a network to identify non-work related activity and during the process, an employee was discovered with over 1,000 porn images on employees’ computer and indicted. The indictment stood because of this case ruling.

A.    O’Connor v. Ortega

B.     U.S. v. Monroe

C.     U.S. v. Simons

D.    Weeks v. United States

E.     Katz v. United States


Chapter 8, Slide 10

13.  This ruling makes it difficult to prosecute child porn – due to it’s requirement of proof of identity (i.e. must prove that the images are real and not computer generated. It creates a virtual pornography defense.


  1. Ashcroft v. Free Speech Coalition

  2. Osborne v. Ohio

  3. Miller v. California

  4. New York v. Ferber

  5. FCC v. Pacifica Foundation


Chapter 7, Slide 9

14.  Ashley is planning to open a volunteer organization as a caretaker for troubled children but before Ashley can open her volunteer organization, her volunteer organization is subject to a criminal history/background check of its members. This is because of the

  1. Child Pornography Protection Act (CPPA)

  2. National Information Infrastructure Protection Act of 1996 (NIIPA)

  3. Protection of Children against Sexual Exploitation Act (1977)

  4. Prosecutorial Remedies And Other Tools To End The Exploitation of Children Today Act (PROTECT ACT)

  5. Child Protection Act of 1984


Chapter 9, Slide 3

15.  Brianna was shocked that the U.S government intercepted her phone calls that she made when she was young. To her dismay she found out that the government had the right to do that because of this ruling. This case ruling stated that the sanctity afforded to a private home did not include telephone communications made within that home because the 4th Amendment protects places and not people.

  1. Katz v. United States

  2. Olmstead v. U.S.

  3. Weeks v. United States

  4. U.S. v. Simons

  5. U.S. v. Monroe


Chapter  7, Slide 3

16.  Dennis is accused of selling pirated software and committing credit card fraud. The prosecutors can charge Dennis under this U.S. Code:

  1. U.S Code  Title 14

  2. U.S Code Title 15

  3. U.S. Code Title 16

  4. U.S. Code Title 17

  5. U.S. Code Title 18

Chapter 8, Slide 3

17.   All of the following occurred in the FCC v. Pacifica ruling except

  1. Telephone communications and cable TV enjoy heightened levels of protection because they are not as pervasive or accessible as they require affirmative actions and do not reach captive audiences.

  2. Accessibility to children = reduction of protection

  3. Ruled that new media of communication must be scrutinized

  4. Indecent speech, even if it does not reach the level of obscenity, can not be broadcast when children are the presumed audience.

  5. Different media vary in protection.

Chapter 9, Slide 6

18.  Expectation of privacy is articulated in the constitution and therefore cannot be considered a judicial creation.

  1. True

  2. False

Chapter 10, Slide 6

19.  A round magnetic plate that constitutes part of the hard disk is called a

  1. Cluster

  2. Sector

  3. Platter

  4. Cylinder

  5. Track

Chapter 11, Slide 8

20.  A no-knock warrant is issued based on

  1. Absence of the resident

  2. Sophistication and maturity of the target

  3. Potential for evidence destruction

  4. Nature of the offense

  5. All of the above


Chapter 12, Slide 3

21.  In small or poorly funded agencies – used media should be forensically wiped with a program meeting FBI standards.

  1. True

  2. False


Chapter 13, Slide 3

22.  Legislation must balance legitimate interest in confidentiality against blanket anonymity.

  1. True

  2. False


Chapter 9, Slide 16

23.  Expanded 1968 wiretap act to include electronic BB’s – especially “work product” and “documentary materials”

  1. Electronics Communications Privacy Act

  2. Privacy Protection Act

  3. Communications Assistance for Law Enforcement Act (CALEA)

  4. U.S Patriot Act

  5. None of the above


Chapter 10, Slide 16

24.  Popular forensics packages such as EnCase Forensic and Ultimate Toolkit are put out by companies such as Guidance Software and Access Data.

  1. True

  2. False

Chapter 11, Slide 18

25.  Steps in a traditional investigation cannot be used with those unique to computer-related investigations.

  1. True

  2. False


Express Your View








Copyright 2010 Pittsburgh Standard
Reproduction or reuse for profit prohibited without written consent from Pittsburgh Standard