Chapter 11: E-mail and Social Media Investigations

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/29

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

30 Terms

1
New cards

For digital investigators, tracking intranet e-mail is easier because accounts use standard names the administrator establishes.
a. True
b. False

True

2
New cards

Investigating crimes or policy violations involving e-mail is different than investigating other types of computer abuse and crimes.
a. True
b. False

False

3
New cards

. E-mail programs either save e-mail messages on the client computer or leave them on the server.
a. True
b. False

True

4
New cards

All e-mail servers use databases that store multiple users' e-mails.
a. True
b. False

False

5
New cards

Like UNIX e-mail servers, Exchange maintains logs to track e-mail communication.
a. True
b. False

True

6
New cards

Forensic linguistics encompasses civil cases, criminal cases, cyberterrorism cases, and other legal proceedings.
a. True
b. False

True

7
New cards

E-mail crimes and violations rarely depend on the city, state, and country in which the e-mail originated.
a. True
b. False

False

8
New cards

Evidence artifacts vary depending on the social media channel and the device.
a. True
b. False

True

9
New cards

A challenge with using social media data in court is authenticating the author and the information.
a. True
b. False

True

10
New cards

You can send and receive e-mail in two environments: via the Internet or an intranet (an internal network).
a. True
b. False

True

11
New cards

What name is used for the configuration typically used for e-mail messages that are distributed from a central server to many connected client computers?
a. Client/server architecture b. Central distribution architecture
c. Client architecture d. Peer-to-peer architecture

Client/server architecture

12
New cards

In an e-mail address, what symbol separates the domain name from the rest of the address?
a. # b. .
c. @ d. -

@

13
New cards

In what type of e-mail programs can the user copy an e-mail message by dragging the message to a storage medium, such as a folder or drive?
a. Command-line b. Shell-based
c. Prompt-based d. GUI

d. GUI

14
New cards

What is the main information being sought when examining e-mail headers?
a. The date and time the e-mail was sent b. The originating e-mail's domain name or an IP address
c. The type of attachments included, if any d. The types of encryption used

The originating e-mail's domain name or an IP address

15
New cards

To retrieve e-mail headers in Microsoft Outlook, what option should be clicked after the e-mail has been selected?
a. File, Options b. Source Details
c. File, Properties d. Message Source

File, Properties

16
New cards

In Web-based e-mail, how are messages displayed and saved?
a. As web pages b. As .rtf files
c. As .txt files d. As CSS codes

As web pages

17
New cards

In which discipline do professionals listen to voice recordings to determine who's speaking or read e-mail and other writings known to be by a certain person and determine whether that person wrote the e-mail or letter in question?
a. Communication forensics b. Forensic linguistics
c. Linguistic analysis d. Communication linguistics

Forensic linguistics

18
New cards

To view Gmail Web e-mail headers, what should be clicked after the e-mail has been opened and the down arrow next to the Reply circular arrow has been clicked?
a. More options b. Message properties
c. Options d. Show original

Show original

19
New cards

To view e-mail headers on Yahoo!, what should be clicked on after "More" has been selected?
a. Advanced b. General Preferences
c. Message Properties d. View Raw Message`

View Raw Message

20
New cards

In Microsoft Outlook, what file extension is used with saved sent, drafted, deleted, and received e-mails?
a. .ost b. .eml
c. .msg d. .pst

pst

21
New cards

Which site can be used to verify the names of domains a message is flowing through?
a. www.dkim.org b. www.google.com
c. www.whatis.com d. www.juno.com

www.dkim.org

22
New cards

Which type of logging allocates space for a log file on the server, and then starts overwriting from the beginning when logging reaches the end of the time frame or the specified log size?
a. Continuous logging b. Automatic logging
c. Circular logging d. Server logging

Circular logging

23
New cards

Which files provide helpful information to an e-mail investigation?
a. Configuration and batch files b. Log and configuration files
c. Log files and scripts d. .rts and .txt files

Log and configuration files

24
New cards

Which location contains configuration information for Sendmail?
a. /etc/sendmail.cf b. /etc/syslog.conf
c. /etc/var/log/maillog d. /var/log/maillog

/etc/sendmail.cf

25
New cards

In which directory do UNIX installations typically store logs?
a. /etc/Log b. /log
c. /etc/var/log d. /var/log

/var/log

26
New cards

In which log does Exchange log information about changes to its data?
a. Checkpoint b. Communication
c. Transaction d. Tracking

Transaction

27
New cards

In Exchange, what type of file is inserted in the transaction log to mark the last point at which the database was written to disk in order to prevent loss of data?
a. Tracking b. Checkpoint
c. Temporary d. Milestone

Checkpoint

28
New cards

In Microsoft Exchange, which file is responsible for messages formatted with MAPI?
a. .edb b. .cfg
c. .mbx d. .mapi

.edb

29
New cards

Which information from Facebook simply tells you the last time a person logged on, the person's e-mail address and mobile number, and whether the account can be viewed publicly?
a. Extended subscriber b. Advanced subscriber
c. Subscriber profile d. Basic subscriber

Basic subscriber

30
New cards

What format is used for the flat plaintext files some e-mail systems use for message storage?
a. POP3 b. mbox
c. css d. SMTP

mbox