Warrants, Investigations, and Court (Ch5)
A statement made by someone not present at the event.
What is hearsay?
A storage device that has a lifespan of over 1,000 years.
What is M-Disc?
Data that can identify someone, like name, address, or SSN.
What is personal identifiable information (PII)?
The HDD component that reads and writes data to the disk drive.
What is the head or read/write head?
A structure that provides an OS with a roadmap to data on a disk
What is a file system?
Wording in a warrant that restricts what can be seized, separating evidence from unrelated data.
What is a limiting phrase?
How often evidence must be kept under surveillance while in transport.
What is at all times?
A covert surveillance tool that monitors network data sent to and from the employee’s device in real time.
What is a sniffer?
The small unused space between partitions.
What is a partition gap?
The hierarchical database containing system and user information.
What is Windows registry?
Objects seen by an officer in a place they have the right to be can be seized without a warrant.
What is the plain view doctrine?
A covert surveillance tool that must be configured with a firewall to avoid detection.
What is a keylogger?
Files created by a person, like spreadsheets or Word documents.
What are computer-stored digital records?
The location of each partition volume's boot sector (first sector storing file system and boot info).
What is sector 0?
This NTFS feature records transactions before the system carries them out to help prevent data loss.
What is journaling?
What employees can assume if there are no warning banners or company-defined policies present when using company resources.
What is an expectation of privacy?
Motivation that causes professional personnel to examine an incident or crime scene to see what happened
What is professional curiosity?
A file structure database that is usually located on the disk's outermost track.
What is a file allocation table (FAT)?
The disk partition program that stores disk sizes and locations for older devices and can be up to 2.2 TB in size.
What is the Master Boot Record (MBR)?
The Windows registry file that contains current logged-on user info.
What is HKEY_USERS?
What an investigator becomes if they find evidence of a crime while investigating a policy violation and do not get a search warrant.
What is an agent of law enforcement?
The process of taking photos, videos, and recording details of a suspect device and environment.
What is cataloging a crime scene?
The Windows registry file path that stores a data file containing the computer's security settings.
What is Windows\system32\config\Security.dat
Groups tracks so the inner and outer tracks store the same amount of data.
What is a zone bit recording (ZBR)?
The Windows file that stores information about computers in hibernation.
What is hiberfile.sys?