Exam Cheat Sheet

Only available on StudyMode
  • Download(s) : 85
  • Published : February 16, 2013
Open Document
Text Preview
Cyber Stalking
Stalking: series of actions that would cause a person to fear death or injury

Spam (Bulk email marketing)
Internet version of junk mail
Where do they get email addys?
- legitimate companies
- Newsgroup Extractors
- Websites Extractors
Avoiding Spam
- Use phoney address
- Use anonymous remailer
- Use “AT” in your email address instead of @.

Internet Fraud / Identity Theft
Credit Card Fraud: The unauthorized use of credit cards to obtain money or property Common ways of obtaining credit card numbers
- Unsecure Website
- Identity Theft Scheme
- Conventional Methods (Swapping hand held terminal)
- SQL Injection: Inserting SQL into input fields of an online form - Man/Mafia in the middle: Asks for verification with credit card information to make purchases Avoiding Fraud
- Ensure a site is secure
- Reputable source
- Watch your credit card statements
- Confirm legitimacy of a company
Fraud Types
Spoofing: Pretending to be someone other than the actual source Phishing: Claiming to be a legitimate business in an attempt to trick people into divulging sensitive information by getting them to go to a specified website Spear Phishing: Targeting certain individuals

Infallible forecast Scam: Display ability to predict stock twice. 25% of victims are likely to think they are infallible and may likely invest with them. Computer problem areas
- Use of SIN as a primary key in databases
- Ecommerce
- Vulnerability of Computer Networks

Pharming: Accomplished using DNS
Poisoning: Redirects users to spoofed website

Evidence: proof about a fact that did or did not happen
- Testimony of a witness
- Physical evidence
- Electronic evidence
Artifact - change in evidence that causes investigator to think the evidence relates to the crime Inculpatory - evidence that supports a given theory
Exculpatory - evidence that contradicts a given theory
Circumstantial - shows circumstances that logically lead to a conclusion of fact Hearsay - second-hand evidence
Admissible - evidence that is allowed in court
Inadmissible - evidence that cannot be presented at trial
Tainted – evidence obtained by illegal search or seizure
Material - evidence relevant and significant to lawsuit
Immaterial - evidence that is not relevant or significant
Search Warrant
- Issued only if law enforcement provides sufficient proof that there is probable cause a crime has been committed - Premises, things, and persons to be searched must be specified Electronic Evidence

- Volatile and may be easily changed
- Conversely is difficult to delete entirely

Types of FRSC Intelligence
- Evidence Collection
- Admissibility of Evidence
- Proper Chain of Custody
- Supply patterns of behavior or imply motives
- Methods used by investigators must achieve these objectives: > Protect the suspect system
> Discover all files
> Recover deleted files
> Reveal contents of hidden files
? Access protected or encrypted files
> Use steganalysis to identify hidden data
> Analyze data in unallocated and slack space
> Print analysis of the system
- Provide an opinion of the system layout
- Provide expert testimony or consultation

Physical evidence collected
- Seize a computer
- Using OS to power down is risky as temporary files might be deleted and date/time stamps changed - Current best practice is to unplug the PC from its power source, preserving the data environment - Don’t turn on a PC without having write-blocking software or devices in place - Write-blocking devices prevent any writes to a drive such as may occur when simply turning on a system - Create a drive image

> Drive imaging or mirror imaging
> Sector-by-sector or bit-stream imaging
- Protect data from any type of alteration
- Work from a forensic copy of the original drive or device

IPv4
- 4 fields of 8 bits usually expressed as 4 decimal values each ranging from 0-255 Ex: 192.75.12.10

IPv6
- 8 fields of 16 bits...
tracking img