Save
Busy. Please wait.
Log in with Clever
or
show password
Forgot Password?
Don't have an account?  Sign up 
Sign up using Clever
or
Username is available taken
show password

Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Question

Evidence collected in violation of the fourth amendment of the United States Constitution, the electronic communications privacy act(ECPA) may not be admissible to court under the terms of the__________
click to flip
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't know

Question

Evidence that is legally qualified and reliable is ____________________.
Remaining cards (24)
Know
0:00
edit
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Computer Security-23

Chapter 23

QuestionAnswer
Evidence collected in violation of the fourth amendment of the United States Constitution, the electronic communications privacy act(ECPA) may not be admissible to court under the terms of the__________ Exclusionary rule
Evidence that is legally qualified and reliable is ____________________. Competent Evidence.
Documents, verbal statements, and material objects admissible in a court of law are called__________ Evidence
The rule whereby courts prefer original evidence rather than a copy to ensure that no alteration of the evidence (whether intentional or unintentional) has occurred is termed the ____________________. Best Evidence Rule.
Evidence that is convincing or measures up without question is______________ Sufficient evidence
____________________ is the preservation, identification, documentation, and interpretation of computer data to be used in legal proceedings. Forensics.
___________ is evidence that is material to the case or has a bearing on the matter at hand. Relevant evidence
____________________ is the unused space on a disk drive when a file is smaller than the allocated unit of storage. Slack Space.
___________ is oral testimony or other evidence that proves a specific fact (such as an eyewitness statement, fingerprint, photo, and so on) the knowledge of the facts is obtained through the five senses as a witness. Direct evidence
___________________ is the remaining sectors of a previously allocated file that are available for the operating system to use. Free Space.
What defines evidence as being competent___________ The evidence is legally qualified and reliable
Which of the following correctly defines evidence as being relevant? The evidence is material to the case or has a bearing on the matter at hand.
What is documentary evidence? Evidence in the form of business records, printouts, manuals, and other items.
Which of the following correctly defines real evidence? Tangible objects that prove or disprove a fact.
What is the definition of the hearsay rule? Evidence NOT gathered from the personal knowledge of the witness
Which of the following is the LEAST rigorous investigative method? Examining the suspect system using its software without verification.
What is slack space? The and used space on a disk drive when a file is smaller than the allocated unit of storage(as in a sector).
Which of the following correctly describes the minimum contents of an evidence control log book? Description, Investigator, Case # Date, Time, Location, Reason.
What is a message digest? An algorithm that applies method of operations to a data stream to calculate a unique number based on the information contained in the data stream
Which of the following correctly describes the chain of custody for evidence? Accounts for all persons who handled or had access to a specific item of evidence.
What defines evidence as being sufficient? The evidence is convincing or measures up to without question
Which of the following correctly defines the exclusionary rule? Any evidence collected in violation of the Fourth Amendment is not admissible as evidence.
What is the definition of free space? The remaining sectors of a previously allocated file that are available for the operating system to use
If you are investigating a computer incident, and you need to remove the diskdrive from a computer and replace it with a copy so the user doesn't know it has been exchanged, how many copies of the disk should you make, and how should they be used? Four copies: one is to replace the removed drive; one is marked, sealed, logged, and stored with the original, unmodified disk as evidence; one is for file authentication; and one is for analysis.
What is the process of acquiring evidence? Dump the memory, power down the system, create an intimate of the system, and analyze the image.
Created by: ryanparnelltcc1
 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards