Wednesday, Dec 12th

Last update06:08:55 PM GMT

You are here: Glossary

Glossary of Computer Forensics Terms

Search for glossary terms (regular expression allowed)
Begins with Contains Exact term
All A B C D E F G H I J K L M N O P Q R S T U V W
Page:  « Prev ... 2 3 4 5 6
Term Definition
Shareware

Software that is distributed free on a trial basis with the understanding that if it is used beyond the trial period, the user will pay. Some shareware versions are programmed with a built-in expiry date or limited functionality (Known as ‘Crippleware’).

Slack space

The unused space in a disk cluster. DOS and Windows file systems use fixed-size clusters. Even if the actual data being stored requires less storage than the cluster size, an entire cluster is reserved for the file. The unused space is called the slack space.

Social engineering

A term for personal (social) tactics employed in support of attempts to achieve unauthorized access to a computer/information system. Social engineering attacks are typically carried out by telephoning users or operators and pretending to be an authorised user, to attempt to gain illicit access to systems. This is something of a catchall category for any tricks used to obtain the intended access or to obtain information critical to achieving that access.

Spam

The act of bombarding a target (system, Usenet news group, set of e-mail addresses) with sufficient volume of data (or a volume of sufficiently massive data items) such that degradation or even denial of service is achieved. This term is also used to describe the perceived harassment of an individual receiving, through their email account, profligately broadcast data (junk e-mail advertising). To cause a person or newsgroup to be flooded with irrelevant or inap¬propriate messages.

Steganography

The art and science of communicating in a way that hides the existence of the communication. It is used to hide a file inside another. For example, a child pornography image can be hidden inside another graphic image file, audio file, or other file format.

Swap file

Space on a hard disk that is used to extend a computer's memory. Files not used recently are temporarily stored on the hard disk, leaving room for new files.

TCP/IP

Transmission Control Protocol/Internet Protocol. This is the basic communication language or protocol of the Internet.

Temporary or swap files

Many computers use operating systems and applications that store data temporarily on the hard drive. These files, which are generally hidden and inaccessible, may contain information that the investigator finds useful.

Terminal

A device that allows you to send commands to a computer somewhere else. At a minimum, this usually means a keyboard, a display screen, and some simple circuitry.

Timeline

The linear representation of project tasks based on calendar measure¬ment. The timeline can be represented in days, weeks, months, quarters, or years.

Traceroute

A Unix/Linux tool that traces (identifies) the route taken by data packets as they traverse (hop) across a network connection between two hosts and displays the time and location of the route taken to reach the destination computer. In Windows, this same utility is known as Tracert.

Track density

The space between tracks on a disk The smaller the space between tracks, the more tracks on a disk. Older drives with wider track densities allowed wandering.

Trojan horse

A useful and seemingly innocent program containing additional hidden code that allows the unauthorized collection, exploitation, falsification, or destruction of data. A Trojan horse performs some unexpected or unauthorized (usually malicious) actions, such as displaying messages, erasing files, or formatting a disk.

Uniform Resource Locator (URL)

An URL is the address of a file accessible on the Internet.

Uninterruptible Power Supply (UPC)

A power supply that can continue to provide a regulated supply to equipment even after a mains power failure, which consists of a surge protector with a built in battery. This unit damps power surges from the outlet and runs the equipment attached to it for a short time on its battery in case of power loss (i.e., the lights go out). In the case of a computer, this enables the users to save their work and ‘power down’ (turn off) the computer if the power fails.

Universal Serial Bus (USB)

A hardware interface for low-speed peripherals such as the keyboard, mouse, joystick, scanner, printer, and telephony devices.

Unix

A time-sharing operating system allowing powerful processors to share their power with many users. Xenix, AIX and Linux are some versions of Unix produced by other companies.

USB Storage devices

Small storage devices accessed using a computer’s USB ports, that allow the storage of large volumes of data files and which can be easily removed, transported and concealed. They are about the size of a car key or highlighter pen, and can even be worn as a watch or around the neck on a lanyard.

Virtual Private Network

This usually refers to a network in which some of the parts are connected using the public Internet, but the data sent across the Internet is encrypted, so the entire network is ‘virtually’ private.

Virus

A malicious, self-replicating (or in some instances, executable) program with the potential to leave a computer or entire network inoperable. A virus attaches itself and spreads to files, programs, e-mail messages, and other storage media and may drain system resources (disk space, connections, and memory) and modify or wipe out files or display messages.

Volatile memory

Memory that loses its content when power is turned off or lost.

Volume boot sector

Since every partition may contain a different file system, each partition contains a ‘volume boot sector’ that is used to describe the type of file system on the partition and usually contains boot code necessary to mount a file system. This code is different from the Master Boot Record. The job of the volume boot code is to find a file in the root folder (io.sys in the case of DOS) that is then loaded and run to continue the boot process at a higher level. On Linux systems, the LILO boot loader serves the same purpose. It locates the Super Block that describes the rest of the file system.

WAN

Wide Area Network

Warning banner

Text that appears when someone logs on to a company computer that tells them the appropriate use of the machine or Internet access.

Web cache

Web caching is a technique to improve Web browser performance by storing frequently requested Web pages, images, and other Web objects in a special location on the user’s hard drive for faster access. On subsequent requests for the same object, the cache delivers the object from its storage rather than passing the request on to the origin server.

Web server

A computer on the Internet or intranet that serves as a storage area for a Web page. When asked by a Web browser, the server sends the page to the browser.

Wipe

Slang term for deliberately overwriting a piece of media and removing any trace of files or file fragments. (Also called Nuking)

Wireless network card

An expansion card present in a computer that allows cordless connection between that computer and other devices on a computer network. This replaces the traditional network cables. The card communicates by radio signals to other devices present on the network.

Write-blocker

A physical device that prevents a computer from recording data on an evidence disk.

Page:  « Prev ... 2 3 4 5 6
All A B C D E F G H I J K L M N O P Q R S T U V W