____ is a batch file containing customized settings for MS-DOS that runs automatically.
Autoexec.bat
As data is added, the MFT can expand to take up 75% of the NTFS disk.
False
____ records are data the system maintains, such as system log files and proxy server logs.
Computer-generated
One technique for extracting evidence from large systems is called ____.
sparse acquisition
Confidential business data included with the criminal evidence are referred to as ____ data.
commingled
The purpose of the ____ is to provide a mechanism for recovering encrypted files under EFS if there's a problem with the user's original private key.
recovery certificate
Environmental and ____ issues are your primary concerns when you're working at the scene to gather information about an incident or a crime.
safety
Evidence is commonly lost or corrupted through ____, which involves police officers and other professionals who aren't part of the crime scene processing team.
professional curiosity
The first 5 bytes (characters) for all MFT records are MFTR0.
False
In the NTFS MFT, all files and folders are stored in separate records of ____ bytes each.
1024
____, located in the root folder of the system partition, is the device driver that allows the OS to communicate with SCSI or ATA drives that aren't related to the BIOS.
NTBootdd.sys
Real-time surveillance requires ____ data transmissions between a suspect's computer and a network server.
sniffing
____________________ refers to a disk's structure of platters, tracks, and sectors.
Geometry
____ is the file structure database that Microsoft originally designed for floppy disks.
FAT
Drive slack includes RAM slack (found primarily in older Microsoft OSs) and ____________________ slack.
file
Courts consider evidence data in a computer as ____ evidence.
physical
____ is a 16-bit real-mode program that queries the system for device and configuration data, and then passes its findings to NTLDR.
NTDetect.com
If a corporate investigator follows police instructions to gather additional evidence without a search warrant after you have reported the crime, you run the risk of becoming an agent of law enforcement.
True