Which type of evidence is information collected from individuals that supports and helps to interpret other types of evidence quizlet?

-Securing the scene: safety of all individuals, restricting unauthorized people from entering, prevent contamination
-Separating the witnesses: prevent collusion
-Scanning the scene: decide where photos need to be taken, primary vs secondary crime scene
-Seeing the scene: photos given to examiner
-Sketching the scene: position of remains and evidence
-Searching for evidence: flashlights or black lights used, radar, thermal imaging (using 4 crime scene patterns), photographed, sketched, labeled, and documented
-Securing and collecting evidence: packaged, sealed, and labeled (paper bindle)

a. Police did not properly secure the scene, the father, John, picked up the dead body, he wrapped the body in a blanket, possibly contaminating the body, the house and scene was cleaned by the mom, random people were coming into the scene), and the parents didn't want to talk to authorities
b. the ransom note was too long, the note was rewritten, the note had exact amount of dad's bonus, Dad knew the exact location of body, fibers on mom's coat were on body

Other sets by this creator

Terms in this set (100)

Evidence can be found anywhere and everywhere. Some additional sources may include keyboard, mouse, touchpad, CD-ROM/DVD drive, laptop case, scanner lids, mobile device cradle (especially its buttons and switches), keyboard-video-monitor (KVM) switches, game controller, media storage units (CD/DVDs, tape, floppy cases, and drawers), and much more. Even a keyboard, mouse, or touchpad can provide evidence that a particular user must have touched a specific computer (although such devices, being without RAM or other storage, cannot usually provide more information than that).

Several tools are available to image data in the memory of cell phones, such as Device Seizure from Paraben, Palm dd (pdd) (for Palm OS), BitPim (for use with CDMA phones), Oxygen Forensic Suite 2010 (for use with cell phones, smartphones, and PDAs), Mobilyze (for use with iPhones, iPod Touch, and iPad devices), and Zdziarski's Forensics Guide for the iPhone.

Financial gain, anger or revenge, power, addiction, boredom, thrill-seeking, intellectual gain, recognition, sexual impulses, curiosity, and psychiatric illness.

Under Federal Rule of Civil Procedure 30(b)(6), a forensic investigator may be asked to provide information on such things as: quality and locations of computers in use, operating systems and application software installed and dates of use, file-naming conventions and what directories data is saved to, backup disk or tape inventories and schedules, computer use policies, identities of current and former employees responsible for systems operations, e-mail with dates, times, and attachments, Word documents, tables, graphs, and database files, and Internet bookmarks, cookies, and history logs.

Sets found in the same folder

Home

Subjects

Expert solutions

Create

Log in

Sign up

Upgrade to remove ads

Only ₩37,125/year

• Flashcards

• Learn

• Test

• Match

• Flashcards

• Learn

• Test

• Match

Terms in this set (25)

Computer Forensics

The extraction of data from a electronic devices in a consistent, scientific manner.

The objective of computer forensics

To recover, analyze, and present computer-based material in such a way that it can be used as evidence in a court of law.

The Seven Domains of a Typical IT Infrastructure

1) User Domain
2) Workstation Domain
3) LAN Domain
4) LAN-to-WAN Domain
5) WAN Domain (Wide Area Network)
6) Remote Access Domain
7) System/Application Domain

User Domain

People

Workstation Domain

Work Computers

LAN Domain

Server, Hub

LAN-to-WAN Domain

Router, Firewall

Remote Access Domain

Internet

WAN Domain

Cloud

System/Application Domain

Firewall, Mainframe, Application and Web Servers

Expert Report

A formal document that lists what tests you conducted, what you found, and your conclusions. It also contains your curriculum vitae

Curriculum Vitae (CV)

Like a resume, only much more thorough and specific to your work experience as a forensic investigator

Expert Testimony

Your testimony. Will be given in either a deposition or a trial

Digital Evidence

Information that has been processed and assembled so that it is relevant to an investigation and supports a specific finding or determination

Chain of Custody

The continuity of control of evidence that makes it possible to account for all that has happened to evidence between its original collection and its appearance in court

Courts deal with four types of evidence

1) Real Evidence
2) Documentary Evidence
3) Testimonial Evidence
4) Demonstrative Evidence

Real Evidence

A physical object that somebody can touch or observe

(Ex: a laptop with a suspect's fingerprints on the keyboard, a hard drive, a USB drive, or a handwritten note)

Documentary Evidence

Data stored as written matter, on paper or electronic files

(Ex: Email messages, logs, databases, photographs, and telephone call-detail records)

Testimonial Evidence

Information that forensic specialists use to support or interpret real or documentary evidence

(Ex: <this> may be employed to demonstrate in the form of system access controls that might show that a particular user stored specific photographs on a desktop)

Demonstrative Evidence

Information that helps explain other evidence

(Ex: A chart that explains a technical concept to the judge and jury.

Metadata

Data about information

(Ex: Disk partition structures and file tables)

ipconfig(Windows)/ifconfig(Linux/UNIX)

Command.

Gives you information about your connection to a network or to the internet (including your IP address)

ping

Command.

Used to send a test packet (or echo packet) to a machine to find out if the machine is reachable and how long the packet takes to reach the machine

tracert(Windows)/traceroute(Linus/UNIX)

Command.

Useful for live network troubleshooting, but not useful or trustworthy for forensic examination

Obscurred Information

Information scrambled by encryption, hidden using steganographic software, compressed, or in a proprietary format

Sets with similar terms

Chapter 8: Digital Forensics and Incident Response

23 terms

huthatis

Chapter 1: Understanding the Digital Forensics Pro…

48 terms

Katlin_Jones4

CHFI Module 2

49 terms

blakegrover

CF 106 Terminology Ch. 1

37 terms

Danilynne

Sets found in the same folder

Computer forensics - Chapter 1

36 terms

Kciardiello

Computer Forensics Chapter 11

43 terms

chelsey_cantrell

Computer Forensics Chapter 12

61 terms

chelsey_cantrell

Computer Forensics Chapter 1

56 terms

julie_tran10

Other sets by this creator

CYBR 7050 Final Exam

354 terms

Doolittle0455

Chapter 12

79 terms

Doolittle0455

Chapter 11

25 terms

Doolittle0455

Chapter 10

57 terms

Doolittle0455

Other Quizlet sets

economic systems Marketing AJJ

28 terms

ljeffaresPLUS

oral mucosa

58 terms

stpotterdent

Philosophy Chapter 2

23 terms

AdrianPar

Math vocab

10 terms

e490ejk21

Related questions

QUESTION

What are the two ways that someone learns how to write?

2 answers

QUESTION

What mini-registration task require the user to possess an ampersand & fileman access code?

2 answers

QUESTION

THE UNLAWFUL TAKING OF PERSONAL PROPERTY FROM THE PERSON OF ANOTHER, OR IN HIS PRESENCE, AGAINST HIS WILL, BY MEANS OF FORCE OR VIOLENCE OR FEAR OF INJURY IMMEDIATE OR FUTURE.

5 answers

QUESTION

A search conducted pursuant to a search warrant must be limited in scope to what the warrant specifies.

2 answers

Is information that helps explain other evidence?

What is transient evidence quizlet?

Which is an example of direct evidence quizlet?

Which of the following evidences is an example of individual characteristics?