CH5R1: Explain the four general tasks that may play a role in recovering from security incidents.
CH5R2: Describe the basic requirements evidence must meet to be used in legal proceedings.
CH5R3: List and explain the three general categories of legal systems used in the world. Give an example of each.
CH5R6: Does an employer in the United States have an unconditional right to search employee desks or lockers on company premises? Why or why not? Is there a way by which the employer can legally perform such searches?
CH5R7: Describe the three steps an investigator performs when collecting forensic evidence.
CH5R8: Is it better to perform a clean “shut-down” or simply pull the plug when collecting a computer as evidence?
CH5R9: Explain how an investigator can examine a hard drive and still convince a court that the examination is based on the information residing on the drive when the suspect last had possession of it.
CH5R15: What is Moore’s Law?
CH6R1: Explain the difference between authentication and authorization.
CH6R2: Describe the general steps taken during the authentication process.
CH6R3: Identify and describe the three basic authentication factors.
CH6R12: Why might it improve security to make users change passwords periodically? What problems arise when passwords are changed periodically?
CH6R17: Describe some biases that cause passwords to be more vulnerable to attack than they might be if they were completely random.
CH6R25: Explain how biometric systems are vulnerable to the five generic attacks on authentication systems.
CH7R2: Outline the symmetric encryption process and explain the components involved in the process.
CH7R3: What is cryptanalysis? Give an example of a cryptanalytic problem.
CH7R4: Describe how a simple substitution cipher works, like the Caesar cipher.
CH7R5: Describe the components of a digital stream cipher.