CH5R1: Explain the four general tasks that may play a role in recovering from security incidents.CH5R2: Describe the basic requirements evidence must meet to be used in legal proceedings.CH5R3: List and explain the three general categories of legal systems used in the world. Give an example of each.CH5R6: Does an employer in the United States have an unconditional right to search employee desks or lockers on company premises? Why or why not? Is there a way by which the employer can legally perform such searches?CH5R7: Describe the three steps an investigator performs when collecting forensic evidence.CH5R8: Is it better to perform a clean “shut-down” or simply pull the plug when collecting a computer as evidence?CH5R9: Explain how an investigator can examine a hard drive and still convince a court that the examination is based on the information residing on the drive when the suspect last had possession of it.CH5R15: What is Moore’s Law?CH6R1: Explain the difference between authentication and authorization.CH6R2: Describe the general steps taken during the authentication process.CH6R3: Identify and describe the three basic authentication factors.CH6R12: Why might it improve security to make users change passwords periodically? What problems arise when passwords are changed periodically?CH6R17: Describe some biases that cause passwords to be more vulnerable to attack than they might be if they were completely random.CH6R25: Explain how biometric systems are vulnerable to the five generic attacks on authentication systems.CH7R2: Outline the symmetric encryption process and explain the components involved in the process.CH7R3: What is cryptanalysis? Give an example of a cryptanalytic problem.CH7R4: Describe how a simple substitution cipher works, like the Caesar cipher.CH7R5: Describe the components of a digital stream cipher.