Podcast
Questions and Answers
Which element plays a crucial function in criminal justice systems?
Which element plays a crucial function in criminal justice systems?
- Forensics science
- Digital evidences
- Volatile Evidence
- All of the above (correct)
The term 'cracker' refers to what type of individual?
The term 'cracker' refers to what type of individual?
- Black hat hacker (correct)
- White hat hacker
- Grey hat hacker
- None of the above
Which of the following is a goal of ethical hacking?
Which of the following is a goal of ethical hacking?
- To cause damage to system
- To steal sensitive information
- To identify and fix security vulnerabilities (correct)
- To gain unauthorized access to a system
What should be done prior to beginning the ethical hacking process?
What should be done prior to beginning the ethical hacking process?
Which of the following tools is used for security checks related to port scanning and firewall testing?
Which of the following tools is used for security checks related to port scanning and firewall testing?
What is a primary characteristic of demonstrative evidence?
What is a primary characteristic of demonstrative evidence?
Which action is considered an unethical norm for an investigator?
Which action is considered an unethical norm for an investigator?
What is the significance of Locard's Exchange Principle in digital forensics?
What is the significance of Locard's Exchange Principle in digital forensics?
What action does 'data lifecycle management' involve?
What action does 'data lifecycle management' involve?
Which of the following is the most crucial step in handling computer forensics cases?
Which of the following is the most crucial step in handling computer forensics cases?
What is the primary aim of ethical hacking?
What is the primary aim of ethical hacking?
What does the term allintitle
do in Google dorking?
What does the term allintitle
do in Google dorking?
What is SQL injection?
What is SQL injection?
Why is Microsoft Windows the operating system which is most often targeted by hackers?
Why is Microsoft Windows the operating system which is most often targeted by hackers?
In what context is banner grabbing most commonly employed?
In what context is banner grabbing most commonly employed?
What is the role of a security professional in managing potential security problems within database management systems?
What is the role of a security professional in managing potential security problems within database management systems?
What makes main memory the most volatile evidence source?
What makes main memory the most volatile evidence source?
Which type of attack involves sending hundreds or thousands of emails with very large attachments?
Which type of attack involves sending hundreds or thousands of emails with very large attachments?
Why has email become a major vulnerability for the users and organizations?
Why has email become a major vulnerability for the users and organizations?
What is the consequence of excessive retention of sensitive data in database management systems concerning security breaches?
What is the consequence of excessive retention of sensitive data in database management systems concerning security breaches?
In a buffer-overflow attack, what happens when a program places more data into a buffer than it can hold?
In a buffer-overflow attack, what happens when a program places more data into a buffer than it can hold?
When performing digital forensics, which action should always be avoided?
When performing digital forensics, which action should always be avoided?
Which of the following best describes ethical decision-making in digital forensic work?
Which of the following best describes ethical decision-making in digital forensic work?
You are tasked with responding to a potential security incident. Which phase would you undertake to confirm that an incident has occurred?
You are tasked with responding to a potential security incident. Which phase would you undertake to confirm that an incident has occurred?
The federal bureau of investigation program is currently referred to as:
The federal bureau of investigation program is currently referred to as:
Flashcards
What is Digital Forensics?
What is Digital Forensics?
The application of computer science and investigative procedures for a legal purpose involving the analysis of digital evidence.
Digital Forensics entails:
Digital Forensics entails:
The identification, preservation, recovery, restoration and presentation of digital evidence from systems and devices.
Digital evidence
Digital evidence
Information and data of value to an investigation that is stored, transmitted or received by an electronic device.
Evidence verification
Evidence verification
Signup and view all the flashcards
Locard's Exchange Principle
Locard's Exchange Principle
Signup and view all the flashcards
Chain of custody
Chain of custody
Signup and view all the flashcards
Data security
Data security
Signup and view all the flashcards
Ethical Hacking
Ethical Hacking
Signup and view all the flashcards
Social engineering
Social engineering
Signup and view all the flashcards
Vulnerability scanning
Vulnerability scanning
Signup and view all the flashcards
Black Hat Hacker
Black Hat Hacker
Signup and view all the flashcards
Ethical hacking's goal
Ethical hacking's goal
Signup and view all the flashcards
Ethical hacking
Ethical hacking
Signup and view all the flashcards
Written permission
Written permission
Signup and view all the flashcards
Ping sweep purpose
Ping sweep purpose
Signup and view all the flashcards
Attachment Overloading Attack
Attachment Overloading Attack
Signup and view all the flashcards
purpose of DoS attacks
purpose of DoS attacks
Signup and view all the flashcards
Amount of ARP
Amount of ARP
Signup and view all the flashcards
ARP spoofing
ARP spoofing
Signup and view all the flashcards
Google Dorking finds:
Google Dorking finds:
Signup and view all the flashcards
buffer-overflow attack
buffer-overflow attack
Signup and view all the flashcards
DBMS are:
DBMS are:
Signup and view all the flashcards
The security pro and the DBMS
The security pro and the DBMS
Signup and view all the flashcards
DBMS Vulnerabilities
DBMS Vulnerabilities
Signup and view all the flashcards
Aggregation identifies
Aggregation identifies
Signup and view all the flashcards
Study Notes
Digital Forensics Role
- Digital evidences play a vital role in criminal justice systems
Federal Bureau of Investigation Program
- The Computer Analysis and Response Team (CART) is the current program of the Federal Bureau of Investigation
Digital Forensics Encompasses
- Extraction of computer data
- Preservation of computer data
- Interpretation of computer data
- Manipulation of computer data is not part of digital forensics
Rules of Digital Forensics
- An examination should never be performed on the original data
- The copy of the evidence must be an exact, bit-by-bit copy
- The chain of custody of all evidence must be clearly maintained
- The examination must be conducted in such a way as to prevent any modification of the evidence
Impermissible actions in digital forensics
- Do not perform an examination on the original data
IDIP Definition
- Integrated Digital Investigation Process (IDIP) is a process for digital investigations
Father of Computer Forensics
- Michael Anderson is known as the father of computer forensics
Abstract Digital Forensic Model
- Reith, Carr, Gunsh proposed the Abstract Digital Forensic Model (ADFM)
S.Ciardhuain's Investigation Model
- Extended Model of Cybercrime Investigation (EMCI) is proposed by S.Ciardhuain
Most Comprehensive Forensic Model
- Extended Model of Cybercrime Investigation (EMCI) is the most comprehensive forensic model to date
Key Phases in Digital Forensics
- Collection phase: Records the physical scene and duplicates digital evidence using standardized and accepted procedures
- Deployment phase: Provides a mechanism for an incident to be detected and confirmed
- Reconstruction phase: Includes putting the pieces of a digital puzzle together and developing investigative hypotheses
- Survey phase: Investigator transfers the relevant data from a venue out of physical or administrative control of the investigator to a controlled location
- Review phase: Entails a review of the whole investigation and identifies areas of improvement
Ethical Considerations in Digital Forensics
- Ethical decision-making includes honesty towards the investigation
- Prudence means carefully handling the digital evidences
- Compliance with the law and professional norms are also key
Ethical Norms for Investigators
- General ethical norms include contributing to society and humanity
- Avoiding harm to others
- Being honest and trustworthy
Unethical Norms for Investigators
- Unethical norms include distorting or falsifying education, training, credentials,
- Declaring any confidential matters or knowledge
- Not taking a neutral stance on any evidence
Principles for Digital Forensics Investigation
- Relevant evidence must be upheld
- Confidential matters or knowledge must be declared
- Should be fair and actions that discriminate should not be taken
Expressing Opinions Based on Factual Evidence
- Hypothetical questions are framed
Macro Viruses
- It can open documents, run applications automatically, and spread via email
Components of Computer Forensics
- Chains are one of the three C's in computer forensics
Digital Forensics Definition
- The application of computer science and investigative procedures for a legal purpose involving the analysis of digital evidence after proper search authority, chain of custody, validation with mathematics, use of validated tools, repeatability, reporting, and possible expert presentation
Digital Forensics Tasks
- Identify and solve computer crimes, accessing system directories, recover lost files and present digital evidence from systems and devices
Impartiality and Objectivity
- A digital forensic investigator must maintain absolute objectivity
Responsibilities of an Investigator
- Accurately report the relevant facts of a case
- Maintain strict confidentiality
- It is not an investigator’s job to determine someone’s guilt or innocence
Legal Issues in Computer Forensics
- The most significant legal issue is admissibility of evidence
Properties of Computer Evidence
- Computer evidence needs to be authentic and accurate
- Computer evidence must be complete and convincing
- Duplicated and preserved
- NOT easily read by a person
Impact on Investigations
- Crime can break investigation.
Connecting Attacker, Victim, and Crime Scene
- Digital evidence makes a credible link between them
Rules for Digital Evidence
- Digital evidence must follow best evidence rules
Evidentiary Media
- A true or real copy of the evidence media is original evidence
Evidence Usability
- Admissible evidence must be usable in court
Media Usage in Digital Investigations
- Original media cannot be used to carry out digital investigation processes
Computer Reliability
- By default, every part of the victim's computer is considered as unreliable
Sources of Digital Evidence
- Sources of digital evidence is on the internet, on standalone computers and mobile devices
Locard's Exchange Principle
- States that anyone entering a crime scene takes something and leaves something behind
Crime Scene Evidence
- A criminal will leave evidence and remove a hint from the scene
Evidence Transfer
- Evidence transfer helps establish connections between victims, offenders, and crime scenes
Definition of Digital Evidence
- Digital evidence is information and data of value to an investigation that is stored, transmitted, or received by an electronic device
Electronic Evidence
- Digital evidence can be obtained from electronic sources
Examples of Evidence Types
- Photographs, videos, sound recordings, graphs, and charts provide demonstrative evidence
- Blood, fingerprints, DNA, casts of footprints exemplify substantial evidence
- Testimony is evidence spoken by a spectator under oath
Admissibility
- Evidence must be authenticated to be admissible
Establishing Custody Chain
- Document date, time, and any other information of receipt to establish chain of custody
Digital Evidence Handling
- Personnel safety should be considered while documenting evidence
Validating Data for Court
- The process of ensuring the collected data is similar to the data presented in court is evidence validation
Volatile Evidence Sources
- Registers and cache are the most volatile evidence source
Classification of Non-Volatile Evidence
- Log files are non-volatile evidence
Computer-Related Crimes
- Computers can be involved in homicide, sexual assault, property theft and civil disputes
Ethical Hacking
- Also known as White Hat Hacking
Ethical Hacking Tools
- Ethical hackers use scanners, decoders and proxies
Ethical Hacking Objective
- Vulnerability scanning determines weakness
Preventing Security Breaches
- Ethical hacking will prevent the massive security breaches
Steps for Hackers
1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
Social Engineering
- It is a technique to manipulate people into giving up sensitive information
Identifying Threat Actors
- Crackers are back hat hackers
Raymond's Dissertation
- Raymond described the fundamentals of a hacker's attitude
Black Hat Hackers
- Performs hacking with unlawful intentions
Ethical Hackers
- Hack systems to discover vulnerabilities
- Protect against unauthorized access, abuse, and misuse
Hacktivists
- Uses hacking to send social, religious, and political messages
Gray Hat Hacker
- Hacks into systems to identify weaknesses
- Reveals the weaknesses of systems without authority
Ethical Hacker's Intent
- To discover vulnerabilities from an attacker's point of view to better secure systems
Basis of Security Audits
- It is based on checklists
Additional Name for Ethical Hacking
- It is also known as penetration testing, intrusion testing, and red teaming
Ultimate Goal for Ethical Hacking
- Focus on identifying and securing existing vulnerabilities by fixing security
Who Finds Weakness
- Hackers can find and exploit a weakness in computer systems
Digital Image of Protected System
- Snapshots is similar to a backup, but is a completed image
Correct User Privileges
- assures that user privileges are applied correctly
Data Subject Rights
- Data subjects can ask data controllers to forget their personal data with right to erasure
Data Processor
- GDPR Data Processor holds or processes personnel data on behalf of another organization
Data Security's Focus
- Data security focuses on privacy, availability, and integrity
Data Lifecycle Management
- Involves automating the transmission of critical data to offline and online storage
Key Goal for Ethical Hackers
- Non-destructive with removing and securing better systems
Safety Feeling
- Firewall creates the false feeling
Ethical Hacker Guideline
- Obey written permission from the owner
Planning for Ethical Hacking
- Always plan before beginning
Tools for Passwords
- The tool LC4 is used to crack password
Depth Analysis for Web Application
- Whisker provides a depth analysis for a web application
Email Encryption Tool
- PGP (pretty good privacy) is used to encrypt Email
Identifying Weaknesses
- Vulnerability scanners are tools to identify weaknesses in systems
Effective IT Act 2000
- It was notified on 17th October 2000
Cyber Offense
- Receiving stolen computer or communication device is section 66B of Cyber security Act 2000
Decrypt Failure
- Offense “Failure /refusal to decrypt data” is section 69
Sending Penalties
- Section 66A penalizes sending "offensive messages"
SNMP Defined
- Simple Network Management Protocol is used for types of hacking
Testing Tools
- NetCat, SuperScan, and NetScan scans for network testing and port scanning
Banner Grabbing
- White Hat Hacking is used for banner grabbing
Large Attachment Results
- Attachment Overloading Attack can be an attack with of emails containing very large attachments
Network Tool for Windows
- Sam Spade is network tool used for Windows for network queries from DNS lookups to trace routes
Ping and Sweeping
- Netcat is great for pings and port scanning
Security Check Tool
- The tool Netcat is great for ports firewall test and security checks
Windows Important Activity
- Cracking password is the most important activity in windows vulnerabilities
Purpose Behind Denial of Service
- Overloads systems to no longer be operational
Reason for Using Ping Sweep
- The main use if for identifying live systems
Port Number Usage
- Telnet protocol uses port 23
Excessive ARP Request Results
- Signify a an ARP poisoning attack
ARP Spoofing Definition
- ARP spoofing is known as Man-in-the-Middle attack
Ad-hoc Network
- Rogue Networks watch out for unauthorized Access Points and wireless clients attached to your network
Internet Connection Takedown
- DOS is an attack, which can take down your internet connection
Nmap Ports
- Open, closed, filtered are the port states determined by Nmap
Trojan, Hacks and Virus
- Network infrastructure Vulnerabilities include the hacks and attacks
Hacking Attacks on Messaging Systems
- Examples: transmitting malware and crashing servers is all a part of accessing workstations
MAC Daddy Attack
- ARP impacts the MAC daddy attack
Compromised WLAN
- Include the the loss of network access, confidential information as all legal liabilities
Google Dork
- “allintitle“ is a google dork that meet the the keyword
Internet Hacker Technique
- Google Dorking is a technique used by hackers to find the information exposed accidentally to the internet
Hacker Corruption Data
- In Heap-based, the hacker corrupts data within the heap, and that code change forces your system to overwrite important data
ARP Spoofing Definition
- The type of man-in-the-middle (MITM) attack where the arp is spoofed
Table Hacking
- Running a program with Dsniff for Cain and Abel can modify ARP tables
Data Overload
- The extra data overflows, corrupts, and overwrites other data in adjacent buffers
Buffer Overload Attack
- Sends extra data to a program's buffer
- Causes programs to be disrupted
Methods Related to Initiate a Buffer Overload Attack
- Stack-based and heap-based take over a program's buffer
Stack Based Attack
- Sends data to the too-small stack buffer
- Inserts malicious code using a "push" or "pop" function
Buffer Overload Attacks
- Corrupt data within the heap
- Forces systems to overwrite important data
Database Management Definitions
- Complex software systems for managing database are database management systems
What Professionals Handle
- Manage the potential security problems
DMBS Weakness
- Loose access permissions can give access to databases
Excess Data
- Increases impact of a security
Assembled Information
- Combine data to give a data warehouse
Attacks Related to SQL
- A technique attack to identify vulnerabilities
- Exploits vulnerabilities within a system or network
Hacking Servers
- Email bombs is an effective way to crash servers to gain unauthorized access
Unsafe Web
- Attacks against insecure Web Application via HTTP
Secure Hacking
- It is a security vulnerability because it protects information
Tracking Defined
- Google Hacking can be defined as tracking
Google Dork Operators
- Has commands to use such as intitle, allintitle
Specific Dorks
- Is helpful when having key criteria to search
InTitle
- Searches for specific text in the HTML title of a page
Google Dorks
- Is more complex and requires training
Security Found in Windows
- There is a major vulnerability in DOS
- In remote execution codes
Reason Widely Hacked for a OS
- Most widely known and hacked in the world
One Positive Hack
- Hacks are pushing hackers to be better and have better security.
Main Email Focus
- Large number of people who use the service for hacking purposes
Hacking Outlook
- Focus on brute force and Phishing to gathering and exploit.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.