CH 7 Computer Forensics

11 terms by berevan

Create a new folder

Like this study set?

Create a free Quizlet account to save it and study later.

Sign up for an account

Already have a Quizlet account? .

Create an account

Advertisement Upgrade to remove ads


The process of creating a duplicate image of data; one of the five required functions of computer forensics tools.

brute-force attack

The process of trying every combination of characters—letters, numbers, and special characters typically found on a keyboard—to find a matching password or passphrase value for an encrypted file.

Computer Forensics Tool Testing (CFTT)

A project sponsored by the National Institute of Standards and Technology to manage research on computer forensics tools.


The process of sorting and searching through investigation data to separate known good data from suspicious data; along with validation, one of the five required functions of computer forensics tools


The process of pulling relevant data from an image and recovering or reconstructing data fragments; one of the five required functions of computer forensics tools.

keyword search

A method of finding files or other information by entering relevant characters, words, or phrases in a search tool.

National Software Reference Library (NSRL)

A NIST project with the goal of collecting all known hash values for commercial software and OS files.

password dictionary attack

An attack that uses a collection of words or phrases that might
be passwords for an encrypted file. Password recovery programs can use a password dictionary to compare potential passwords to an encrypted file's password or passphrase
hash values.


The process of rebuilding data files; one of the five required functions of computer forensics tools.


The process of checking the accuracy of results; along with discrimination, one of the five required functions of computer forensics tools.


A hardware device or software program that prevents a computer from writing data to an evidence drive. Software write-blockers typically alter interrupt 13 write functions to a drive in a PC's BIOS. Hardware write-blockers are usually bridging devices between a drive and the forensic workstation.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again


Reload the page to try again!


Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set