WGU, Information Security and Assurance (C725), SET X

Document Content and Description Below

A branch of computer forensic analysis, involves the identification and extraction of information from storage media.This may include the following:Magnetic media (e.g., hard disks, tapes)Optical medi... a (e.g., compact discs (CDs), digital versatile discs (DVDs), Blu-ray discs)Memory (e.g., random-access memory (RAM), solid-state storage)Techniques used for this type of analysis may include the recovery of deleted files from unallocated sectors of the physical disk, the live analysis of storage media connected to a computer system (especially useful when examining encrypted media), and the static analysis of forensic images of storage media. Correct Answer: Media Analysis A type of analysis in which the task of the analyst is to collect and correlate information from multiple disparate sources and produce as comprehensive a picture of network activity as possible.Methods include:- Intrusion detection and prevention system logs- Network flow data captured by a flow monitoringsystem- Packet captures deliberately collected during an incident- Logs from firewalls and other network security devices Correct Answer: Network Analysis A type of analysis in which an analyst may conduct a review of software code, looking for back doors, logic bombs, interpret the log files from application or database servers, seeking other signs of malicious activity, such as SQL injection attacks, privilege escalations, or other application attacks. Correct Answer: Software Analysis A type of Analysis in which an analyst may review the contents of hardware and embedded devices.This may include a review of:Personal computersSmartphonesTablet computersEmbedded computers in cars, security systems, and other devicesAnalysts conducting these reviews must have specialized knowledge of the systems under review. This often requires calling in expert consultants who are familiar with the memory, storage systems, and operating systems of such devices. Because of the complex interactions between software, hardware, and storage, the discipline of hardware analysis requires skills in both media analysis and software analysis.Investigation Process Correct Answer: Hardware/Embedded Device Analysis True or False Gathering Evidence allows three common alternatives:Voluntary surrender, subpoena, search warrant Correct Answer: True - Military and intelligence attacks - Business attacks - Financial attacks - Terrorist attacks - Grudge attacks - Thrill attacks Correct Answer: Types of Computer crimes A category of computer crime attacks in which are launched primarily to obtain secret and restricted information from law enforcement or military and technological research sources. Correct Answer: Military and intelligence attacks [Show More]

Last updated: 1 year ago

Preview 1 out of 7 pages