100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Advanced Digital Forensics Exam 3 Questions with Correct Answers. £19.09   Add to cart
Quickly navigate to
Preview
  2.  
  3. Advanced Digital Forensics
  4.  
  5. Advanced Digital Forensics

Exam (elaborations)

Advanced Digital Forensics Exam 3 Questions with Correct Answers.
 0 view  0 purchase
  • Module
  • Advanced Digital Forensics
  • Institution
  • Advanced Digital Forensics

Advanced Digital Forensics Exam 3 Questions with Correct Answers.Advanced Digital Forensics Exam 3 Questions with Correct Answers.Advanced Digital Forensics Exam 3 Questions with Correct Answers.

Preview 2 out of 6  pages

Document information

  • August 31, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • advanced digital forensics exam 3 questions with c

Written for

  • Advanced Digital Forensics
  • Advanced Digital Forensics

Seller

avatar-seller
Lectjoe

Reviews received

Content preview

Advanced Digital Forensics Exam 3 Questions with Correct
Answers.
How does Axiom Process identify Encrypted Files?
A) Hash Value Check
B) File Signature Check
C) Entropy Value Check
D) $MFT Attribute Check - Correct Answer C) Entropy Value Check

(T/F) In addition to identifying files that are encrypted, AXIOM will also display the
program that was used to encrypt the file. - Correct Answer False

When encountering encrypted files, what options does the examiner have to decrypt the
file? (Select All)
A) Ask the user for the password
B) Run a dictionary attack against the file
C) None. As of this time, encryption cannot be broken
D) Run a brute force attack against the file - Correct Answer A) Ask the user for the
password
B) Run a dictionary attack against the file
D) Run a brute force attack against the file

What type of database is typically used by mobile devices and applications to store data
on the device?
A) SQLite Database
B) Extensible Database
C) Access Database
D) DBase Database - Correct Answer A) SQLite Database

Which .plist file associated with an iOS backup keeps a record of the device name and
UDID (Unique Device Identifier)
A) Status.plist
B) Manifest.plist
C) Config.plist
D) Info.plist - Correct Answer D) Info.plist

AXIOM Process can extract information from which types of devices? (Select All)
A) Android
B) iOS
C) Windows
D) Flip Phones
E) Kindle Fire - Correct Answer A) Android
B) iOS
C) Windows
E) Kindle Fire

, (T/F) Since many of the techniques used by examiners for iOS exams rely on Apple's
built in backup features, the forensic capabilities of each iOS version are consistent
from version-to-version - Correct Answer False

Which of the following is not an identifying value of an Apple device?
A) IMEI (International Mobile Equipment Identity)
B) Cellular telephone number
C) Serial number assigned by Apple
D) UDID (Unique Device Identifier) - Correct Answer B) Cellular telephone number

(T/F) The UDID is unique to an Apple device and Apple maintains records for each
device based on the UDID - Correct Answer True

In which situation would an iOS device NOT pass the UDID into the registry of a
Windows computer when attached?
A) The device is locked
B) The device is not trusted
C) The device is not powered on
D) The device is trusted but not unlocked - Correct Answer C) The device is not
powered on

Which of the following is the format of an iOS UDID?
A) 12a6 iPad 3
B) 574-234-7121
C) 2C7D24D2346E0F4F8FE727EC0F3435AD22E1BF3C
D) 12a8 iPhone5/5C/5S/6/6+/7 - Correct Answer C)
2C7D24D2346E0F4F8FE727EC0F3435AD22E1BF3C

(T/F) The location of an iOS backup on a Windows computer depends on how iTunes
was installed. - Correct Answer True

If an examiner knows that a computer contains an encrypted iOS backup, where in
AXIOM Process is the examiner able to enter a password to decrypt and process the
backup?
A) Mobile Artifacts
B) Mobile Backup Passwords
C) Mobile Backup Decryption
D) AXIOM will not process encrypted backups - Correct Answer B) Mobile Backup
Passwords

(T/F) The passcode assigned to an iTunes backup is different from the passcode on the
device and different from the iCloud password - Correct Answer True

(T/F) It is possible to reset an iTunes backup password with all versions of iOS - Correct
Answer False

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjoe. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £19.09. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

77858 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling

Recently viewed by you

Exam (elaborations) ·

(0)

AAMC MCAT Practice Exam 2 fully solved 2023

£19.09
  • (0)
  Add to cart