Exam (elaborations)
MDF FINAL EXAM 2024/2025 WITH 100% ACCURATE SOLUTIONS
- Course
- Institution
MDF FINAL EXAM 2024/2025 WITH 100% ACCURATE SOLUTIONS
[Show more]
Content preview
MDF FINAL EXAM 2024/2025 WITH 100% ACCURATESOLUTIONS
List 3 mobile device operating systems. - Precise Answer ✔✔Android,
iOS, Windows
Mobile forensics is a branch of digital forensics related to the recovery
of digital evidence from what types of devices? - Precise Answer
✔✔Cell Phones, GPS devices, drones, tablets
What is a brief definition or translation of the term "metadata?" - Precise
Answer ✔✔"data about data"
What are SIM card data files? - Precise Answer ✔✔ICCID, IMSI,
MSISDN
Metadata that can be specifically found in media files, such as pictures,
is known as? - Precise Answer ✔✔EXIF Data
What is the order of extraction methodologies from the bottom of the
"pyramid" to the top, with the bottom representing the most basic? -
Precise Answer ✔✔Manual, Logical, Hex Dump, Chip Off, Micro Read
Which of the following is not an example of a Hex Dump Extraction:
File system, Bootloader Physical, Client Physical, JTAG - Precise
Answer ✔✔File System
,What does a logical acquisition utilize - Precise Answer ✔✔a device's
API, and is achieved through USB or Bluetooth connections.
Physical acquisitions directly access what - Precise Answer ✔✔the flash
memory of a mobile device, resulting in a bit-for-bit copy of the data.
What will never be recovered through a logical acquisition? - Precise
Answer ✔✔Data in Unallocated space
The mobile forensics process is broken down in to what three main
categories? - Precise Answer ✔✔Seizure, acquisition, and
examination/analysis
Search warrants require what? - Precise Answer ✔✔Scope,
Oath/Affirmation, Probable Cause
At the crime scene, the examiner should place the device in _______
and/or a _______ to prevent changes to the mobile device. - Precise
Answer ✔✔Airplane mode, faraday bag
Describe 1 way of identifying the model of an iPhone, and 1 way of
identifying the iOS version of an iPhone. - Precise Answer ✔✔Model of
iPhone: looking at the back/bottom half of the phone @ A#; iOS
version: unlock phone>settings>general>about
iOS devices utilize what file systems? - Precise Answer ✔✔HFSX
,Within the file system of Apple mobile devices, which partition contains
the device firmware, the operating system, and pre-installed application
settings that are not typically available to the device user? - Precise
Answer ✔✔System Partition
What Apple protocol prevents users from downloading and installing
unauthorized apps? - Precise Answer ✔✔Code Signing
What is the iOS architecture layer that develops the visual interface,
provides basic application architecture, and supports key functions, such
as multi-tasking? - Precise Answer ✔✔Cocoa Touch
What does sandboxing do? - Precise Answer ✔✔Requires user
permission in order to allow applications to access data from other
applications
What are the Apple mobile device modes? - Precise Answer ✔✔DFU,
Normal, Recovery
What iOS backup is utilized when conducting an Advanced Logical
acquisition in Cellebrite Physical Analyzer? - Precise Answer
✔✔Method 1 = iTunes Backup, Method 2 = Apple File Conduit
What property list file, located in an iTunes backup, contains metadata
regarding application backup, identifying, and encryption-related
, information, such as application names, passcode/encryption status, and
keybagdata? - Precise Answer ✔✔Manifest.plist
What are pairing records? - Precise Answer ✔✔The records of every
time you've connected your phone to your computer and had your phone
"trust" it
Devices that utilize iOS or OSX operating systems store timestamps in
what raw format? - Precise Answer ✔✔Mac Absolute Time and Unix
Epoch Time
In iOS devices, SMS Messages are stored in what type of data structure?
- Precise Answer ✔✔SQLite Database
What data structure is stored in a raw binary or XML format and is
typically present within devices that utilize iOS and OSX? - Precise
Answer ✔✔Property List
What version of iPhones is it possible to conduct a physical acquisition
on when they're locked or the passcode is unknown? - Precise Answer
✔✔iPhone 4 and below
Devices that utilize the GSM communication protocol are uniquely
identified by what type of identifier? - Precise Answer ✔✔IMEI
What does ADB stand for? - Precise Answer ✔✔Android Debug Bridge
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller YANCHY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $16.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80364 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now