WGU D431 - Digital Forensics in Cybersecurity

WGU D431 - Digital Forensics in Cybersecurity

• studiers in 3 days 4.5 (26 reviews)

Students also studied Terms in this set (229) Western Governors UniversityD 333 Save Digital Forensics Overview and Key ...329 terms hedanielPreview C839v5/D334 Additional Practice Teacher 165 terms ShawnD_Preview D426 Study Guide (Red Text ONLY) 225 terms brattynnPreview WGU C 81 terms aur American Standard Code for Information Interchange

(ASCII)

A set of codes defining all the various keystrokes you could make, including letters, numbers, characters, and even the spacebar and return keys.Anonymous remailingThe process of sending an email message to an anonymizer. The anonymizer strips identifying information from an email message before forwarding it with the anonymous mailing computer's IP address.Anti-forensicsThe actions that perpetrators take to conceal their locations, activities, or identities.Asymmetric cryptographyCryptography wherein two keys are used: one to encrypt the message and another to decrypt it.Asynchronous transfer mode (ATM)A high-speed connection technology that uses fixed-length, 53-byte packets called calls.AuthenticateTo verify the identity of a person, or to verify evidence.Base transceiver station (BTS)The part of the cell network responsible for communications between the mobile phone and the network switching system.Basic input/output system (BIOS)The basic instructions stored on a chip for booting up the computer.Bit-level informationInformation at the level of actual 1s and 0s stored in memory or on the storage device.Block cipherA form of cryptography that encrypts data in blocks; 64-bit blocks are quite common, although some algorithms (like AES) use larger blocks.

Bootstrap environmentA special program, such as U-Boot or RedBoot, that is stored in a special section of the flash memory.Brute-force attackAn attack in which the attacker tries to decrypt a message by simply applying every possible key in the keyspace.Business continuity plan (BCP)A plan for maintaining minimal operations until the business can return to full normal operations.Business impact analysis (BIA)An analysis of how specific incidents might impact the business operations.Caesar cipherThe method of cryptography in which someone chooses a number by which to shift each letter of a text in the alphabet and substitute the new letter for the letter being encrypted. This is also known as a monoalphabet, single-alphabet, or substitution cipher.CarrierThe signal, stream, or data file in which the payload is hidden.Cell-phone forensicsThe process of searching the contents of cell phones.Chain of custodyThe continuity of control of evidence that makes it possible to account for all that has happened to evidence between its original collection and its appearance in court, preferably unaltered.ChannelThe type of medium used to hide data in steganography. This may be photos, video, sound files, or Voice over IP.Clean roomAn environment that has a controlled level of contamination, such as from dust, microbes, and other particles.Cloud computingThe practice of delivering hosted services over the internet. This can be software as a service, platform as a service, or infrastructure as a service.Computer forensicsThe use of analytical and investigative techniques to identify, collect, examine, and preserve computer-based material for presentation as evidence in a court of law.Consistency checkingA technique for file system repair that involves scanning a disk's logical structure and ensuring that it is consistent with its specification.CryptanalysisA method of using techniques other than brute force to derive a cryptographic key.Curriculum vitae (CV)An extensive document expounding one's experience and qualifications for a position, similar to a résumé but with more detail. In academia and expert work, it is usually used rather than a résumé.CyberstalkingThe use of electronic communications to harass or threaten another person.Data consistencyThe act of ensuring the data that is extracted is consistent.

Daubert standardThe standard holding that only methods and tools widely accepted in the scientific community can be used in court.Demonstrative evidenceInformation that helps explain other evidence. An example is a chart that explains a technical concept to the judge and jury.Denial-of-service (DoS) attackAn attack designed to overwhelm the target system so it can no longer reply to legitimate requests for connection.Digital evidenceInformation that has been processed and assembled so that it is relevant to an investigation and supports a specific finding or determination.Digital forensicsComputer forensics expanded to include smartphones, smart watches, and other current and forthcoming digital media and devices.Disaster recovery plan (DRP)A plan for returning the business to full normal operations.Disk forensicsThe process of acquiring and analyzing information stored on physical storage media, such as computer hard drives or smartphones.Disk Operating System (DOS)A command-line operating system.Disk stripingDistribution of data across multiple disk sectors to improve speed (also called

RAID 0).

Distributed denial-of-service (DDoS) attackAn attack in which the attacker seeks to infect several machines, and use those machines to overwhelm the target system to achieve a denial of service.Documentary evidenceData stored in written form, on paper or in electronic files, such as email messages and telephone call-detail records. Investigators must authenticate documentary evidence.Drive geometryThe functional dimensions of a drive in terms of the number of heads, cylinders, and sectors per track.DumpA complete copy of every bit of memory or cache recorded in permanent storage or printed on paper.Electronic serial number (ESN)A unique identification number developed by the U.S. Federal Communications Commission (FCC) to identify cell phones.Email forensicsThe study of the source and content of email as evidence, including the identification of the sender, recipient, date, time, and origination location of an email message.Enhanced data rates for GSM evolution (EDGE) A technology that does not fit neatly into the 2G/3G/4G spectrum. It is technically considered pre-3G but was an improvement on GSM (2G).Euler's TotientThe total number of coprime numbers. Two numbers are considered coprime if they have no common factors.

Expert reportA formal document prepared by a forensics specialist to document an investigation, including a list of all tests conducted as well as the specialist's own curriculum vitae (CV). Anything the specialist plans to testify about at a trial must be included in the expert report.Expert testimonyThe testimony of an expert witness, one who testifies on the basis of scientific or technical knowledge relevant to a case, rather than personal experience.Feistel functionA cryptographic function that splits blocks of data into two parts. It is one of the most influential developments in symmetric block ciphers.File allocation table (FAT)The table used to store cluster/file information.File slackThe unused space between the logical end of file and the physical end of file. It is also called slack space.Foreign Intelligence Surveillance Act of 1978 (FISA) A U.S. law that prescribes procedures for the physical and electronic surveillance and collection of "foreign intelligence information" between foreign powers and agents of foreign powers, which may include U.S. citizens and permanent residents suspected of espionage or terrorism.FraudA broad category of crime that can encompass many different activities, but essentially any attempt to gain financial reward through deception.Global System for Mobile (GSM) communications A standard developed by the European Telecommunications Standards Institute (ETSI). Basically, it is the 2G network.Grand Unified Bootloader (GRUB)A newer Linux boot loader.Graphical user interface (GUI)A point-and-click user interface.grepA popular Linux/UNIX search tool.HashA function that is nonreversible, takes variable-length input, produces fixed- length output, and has few or no collisions.Heap (H)Dynamic memory for a program comes from the heap segment. A process may use a memory allocator such as malloc to request dynamic memory.Hierarchical storage management (HSM)Continuous online backup storage.High-level formatSetting up an empty file system and installing a boot sector in a drive. Also called a quick format.HiveOne of the five sections of the Windows Registry.Home location register (HLR)The database used by the MSC for subscriber data and service information.Identity theftAny use of another person's identity.