What is the name of the Microsoft solution for whole disk encryption quizlet?

Jeff, the IT manager for Stormwind, has been asked to give Tom the right to read and change documents in the Stormwind Documents folder. The following table shows the current permissions on the shared folder:

Table A: Shared folder permissions

Group/User******NTFS****** Shared
Sales **************Read***** Change
Marketing ********Modify**** Change
R&D***************Deny***** Full Control
Finance************Read*******Read
Tom****************Read*******Change

Tom is a member of the Sales and Finance groups. When Tom accesses the Stormwind Documents folder, he can read all the files, but the system won't let him change or delete files. What do you need to do to give Tom the minimum amount of rights to do his job?

A
Give Finance Modify to NTFS security.
B
Give Tom Modify to NTFS security.
C
Give Sales Full Control to shared permissions.
D
Give Tom Full Control to NTFS security.
E
Give Finance Change to shared permissions.

Upgrade to remove ads

Only ₩37,125/year

• Flashcards

• Learn

• Test

• Match

• Flashcards

• Learn

• Test

• Match

Terms in this set (50)

A computer stores system configuration and date and time information in the BIOS when power to the system is off.

False

Because they are outdated, ribbon cables should not be considered for use within a forensics lab.

false

A forensics investigator should verify that acquisition tools can copy data in the HPA of a disk drive.

true

The Fourth Amendment states that only warrants "particularly describing the place to be searched and the persons or things to be seized" can be issued. The courts have determined that this phrase means a warrant can authorize a search of a specific place for ANYTHING.

false

Computer-stored records are data the system maintains, such as system log files and proxy server logs.

false

User groups for a specific type of system can be very useful in a forensics investigation.

true

FTK Imager software can acquire a drive's host protected area.

False

State public disclosure laws apply to state records, but FOIA allows citizens to request copies of public documents created by federal agencies.

True

The recording of all updates made to a workstation or machine is referred to as configuration management.

True

When data is deleted on a hard drive, only references to it are removed, which leaves the original data on unallocated disk space.

True

If you turn evidence over to law enforcement and begin working under their direction, you have become an agent of law enforcement, and are subject to the same restrictions on search and seizure as a law enforcement agent.

true

Hardware and software errors or incompatibilities are a common problem when dealing with older hard drives.

true

The ImageUSB utility can be used to create a bootable flash drive.

true

A RAID 3 array uses distributed data and distributed parity in a manner similar to a RAID 5 array.

True

FAT32 is used on older Microsoft OSs, such as MS-DOS 3.0 through 6.22, Windows 95 (first release), and Windows NT 3.3 and 4.0.

False

All suspected industrial espionage cases should be treated as civil case investigations.

False

Most digital investigations in the private sector involve misuse of computing assets.

True

A disaster recovery plan ensures that workstations and file servers can be restored to their original condition in the event of a catastrophe.

true

An emergency situation under the PATRIOT Act is defined as the immediate risk of death or personal injury, such as finding a bomb threat in an email.

True

Linux Live CDs and WinFE disks do not automatically mount hard drives, but can be used to view file systems.

True

To investigate employees suspected of improper use of company digital assets allows corporate investigators to conduct covert surveillance with little or no cause, and access company computer systems and digital devices without a warrant.

true

Someone who wants to hide data can create hidden partitions or voids-large unused gaps between partitions on a disk drive. Data that is hidden in partition gaps cannot be retrieved by forensic utilities.

False

Each MFT record starts with a header identifying it as a resident or nonresident attribute.

false

The shielding of sensitive computing systems and prevention of electronic eavesdropping of any computer emissions is known as FAUST by the U.S. Department of Defense

false

According to the National Institute of Standards and Technology (NIST), digital forensics involves scientifically examining and analyzing data from computer storage media so that it can be used as evidence in court.

false

How often should hardware be replaced within a forensics lab?

every 12 to 18 months.

(blank) can be used to restore backup files directly to a workstation.

Norton Ghost

(blank) would not be found in an initial-response field kit.

leather gloves and disposable latex gloves.

Within a computing investigation, the ability to perform a series of steps again and again to produce the same results is known as

repeatable findings

When using the File Allocation Table (FAT), where is the FAT database typically written to?

The outermost track

What is the name of the Microsoft solution for whole disk encryption

BitLocker

The term (blank) describes rooms filled with extremely large disk systems that are typically used by large business data centers.

Server Farm

Which ISO standard below is followed by the ASCLD?

17025:2005

The term (blank) is used to describe someone who might be a suspect or someone with additional knowledge that can provide enough evidence of probable cause for a search warrant or arrest.

person of interest

(blank) is the term for a statement that is made by someone other than an actual witness to the event while testifying at a hearing.

hearsay

Which operating system listed below is not a distribution of the Linux OS?
a. minix
b. debian
c. slackware
d. fedora

a. minix

Most manufacturers use what technique in order to deal with the fact that a platter's inner tracks have smaller circumference than the outer tracks?

Zone Bit Recording (ZBR)

What metadata record in the MFT keeps track of previous transactions to assist in recovery after a system failure in an NTFS volume?

$LogFile

the (blank) imaging tool produces three proprietary formats: IDIF, IRBF, IEIF.

ILOOKIX

Typically, the (blank) requires a bootable DVD or USB flash drive that runs an independent OS in a suspect's RAM, with the goal of preserving data during an acquisition.

Software Write Blockers

(blank) software is used in a Linux environment to mount and write data only to NTFS partitions

NTFS-3G

The (blank) states that to provide the content of a written document, recording, or photograph, ordinarily the original writing, recording, or photograph is required.

Best Evidence Rule

When conducting a digital forensics analysis under (blank) for an attorney, you must keep all findings confidential

Attorney-Work-product Rules

A data acquisition method used when a suspect computer can't be shut down to perform a static acquisition

Live acquisitions

A data acquisition method that captures only specific files of interest to a case, but also collects fragments of unallocated (deleted) data.

Sparse Acquisition

An encryption technique that performs a sector-by-sector encryption of an entire drive; each sector is encrypted in its entirety, making it unreadable when copied with a static acquisition method.

Whole disk encryption

A data acquisition method that captures only specific files of interest to the case or specific types of files, such as Outlook.pst files

logical acquisitions

Two or more disks combined into one large drive in several configurations for special needs

Redundant array of independent disks (RAID)

What is lossless compression?

Compressing a file in a way that the file size is reduced, but the original file can be restored completely.

What can be done to help prevent the buildup of static electricity?

Antistatic pads can be placed around electronic work benches and work stations. Floors and carpets can be cleaned at least once a week to minimize dust buildup.

Verified questions

linear algebra

Determine if the statement is true or false, and justify your answer. If A is a square matrix, then row(A) = col(A).

Verified answer

calculus

Verify that the Fundamental theorem for line integrals can be used to evaluate the given integral, and then evaluate the integral. $\int_{C} \nabla\left(e^{-t} \cos y\right) \cdot d \mathbf{r}$, where C is the line segment from (0,0) to $(\ln 2,2 \pi)$.

Verified answer

linear algebra

Let $V$ be the vector space of all $2\times 2$ matrices with trace equal to 0. Prove that $V$ is isomorphic to $\mathcal{P}_2$ by constructing an isomorphism from $V$ to $\mathcal{P}_2$. Verify your answer.

Verified answer

calculus

Use Pascal's Triangle to write out the expansions of $$ ( a + b ) ^ { 6 } $$ and $$ ( a - b ) ^ { 4 }. $$

Verified answer

Recommended textbook solutions

Numerical Analysis

9th EditionJ. Douglas Faires, Richard L. Burden

873 solutions

Elementary Number Theory

7th EditionDavid Burton

776 solutions

Excursions in Modern Mathematics

8th EditionPeter Tannenbaum

983 solutions

Teoria Elementar Dos Números

7th EditionDavid Burton

776 solutions

Other Quizlet sets

A6 M4

15 terms

carlee_young

A1 M8 Reporting with different opinions and other…

18 terms

sydni_crowe8

Human Nutrition - Module G

35 terms

nephtaly25

Pharm cardio study questions

52 terms

mandikay4Plus