CRIM 218 Study Guide - Spring 2019, Comprehensive Final Exam Notes - Malware, Security Hacker, Phishing

54 views36 pages
30 Mar 2019
Department
Course
Professor
CRIM 218
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 36 pages and 3 million more documents.

Already have an account? Log in
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 36 pages and 3 million more documents.

Already have an account? Log in
L1 Introduction to cybercrime:
1. Digital forensics and computer security:
Computer security focuses on protection, prevention and recovery
Digital forensics focuses on detection, evidence and event reconstruction
2. Digital forensic analyst:
Some work for law enforcement: preparing evidence for criminal proceedings
Working with law enforcement, private companies, forensic consultants
Public sector or commercial organisations: investigating in house cases
3. Cybercrime:
Any illegal activity that depends for its execution on computers, computer
baased devices or computer networks
4. Computer based crime:
Criminal activity conducted purely on computers
May include aspects of traditional crime conducted purely on computers
5. Computer facilitated crime:
Crime conducted in the real world but facilitated by the use of computers
Fraud: using computers to communicate with others
6. Digital forensics: major components:
Following appropriate standards of practice
Analysis and investigation techniques
Using software tools
Secure and detect evidence
Determine the presence and nature of computer-based criminal activity
7. Facts:
Takes time and may require a court order to obtain a specific IP address, not as
precise and quick like in the movies
Most video evidence is grainy and quickly loses definition when magnified,
software enhancement techniques can help only a little bit
Aims to detect the presence of residual data: log files etc. detection, recording
and reporting of such data
8. Computer-based electronic evidence:
Information and data of investigate value that is stored on or transmitted by a
computer
In its natural state, we cannot see what is contained in the physical object that
holds our evidence
Equipment and software are required to make the evidence available: testimony
may require to explain the examination and any limitations in the detection
process
Fragile in nature, can be altered, damaged, or destroyed by improper handling or
improper examination
find more resources at oneclass.com
find more resources at oneclass.com
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 36 pages and 3 million more documents.

Already have an account? Log in
9. Association of Chief Police Officers guidelines:
10. Secure and detect evidence:
Securing evidence is the seizure of relevant devices
Seized, bagged, labelled and documented
A chain of evidence log is maintained to provide an audit trail
All actions on the devices are also logged
Record the identity of investigators managing the devices at any time
11. Evidence is secured:
All data storage devices are copied and imaged
An MD5 or SHA-1 hash is created to validate the data, to compare to the original
if someone altered it
All subsequent search uses a copy of the original data
12. Evidence is detected:
Using software tools
To search a particular variety of information
Such s recent documents or google search history ha-ha
13. Data quantity:
Huge quantities od data, many devices, lost of analysis and requires a lot fo time
and storage
One byte = 1 character
1 megabyte=1 million characters, 500 sheets of paper
1GB: about 50 meters tall of flat paper
2TB about 100 km
average person can read and process through about 200 words per minute
we need data analysis to support such huge amount of data searching
time required to seize and document the hardware
find more resources at oneclass.com
find more resources at oneclass.com
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 36 pages and 3 million more documents.

Already have an account? Log in

Get OneClass Grade+

Unlimited access to all notes and study guides.

Grade+All Inclusive
$10 USD/m
You will be charged $120 USD upfront and auto renewed at the end of each cycle. You may cancel anytime under Payment Settings. For more information, see our Terms and Privacy.
Payments are encrypted using 256-bit SSL. Powered by Stripe.