Quiz Maker LogoMake your own QuizCopy & Edit
Make your own quizManage my QuizzesPlans / FeaturesGuides and HelpContactPrivacy & Security

Quiz 5

In Base64, how many bits are used to represent 64 different values?
6
7
8
5
SQL temporary files can contain evidentiary data, but these data may be missed by non-forensic SQLite viewers. Write-ahead logs (WALSs) are one type of temporary file. What data are stored in the WALs?
Database restore points
Original data before a transaction change
Data change archive
New data changes
When reviewing mobile applications, what type of data are sometimes stored outside of the messaging database?
Attachments
Participants
Message body
Datetime stamps
Which two file formats are typically used on iOS devices to store user data?
APK and SQLite
plist and MDB
Plist and SQLite
Plist and ESE
How can an examiner identify whether an SQLite database is using write-ahead logging as its mechanism for storing temporary data?
Analyze the SQLite header and check the 18th and 19th bytes; if the first is 02 and the second is 01, then the database is using WAL.
Analyze the SQLite header and check the 18th and 19th bytes; if they are both 01, then the database is using WAL.
Analyze the SQLite header and check the 18th and 19th bytes; if they are both 02, then the database is using WAL.
Analyze the SQLite header and check the 18th and 19th bytes; if the first is 01 and the second is 02, then the database is using WAL.
During analysis of an iOS backup, you find that the file sharing app Dropbox is installed. Which file should you investigate to find information about the account ID and file and folder names?
Spotlight.db
DB files.-sqlite
Dropbox.db
Com.get.dsopbox.plist
What can be used in conjunction with an MDM software to provide additional monitoring for installed applications?
MAM
AirWatch
MIM
BES
What is the name of the file stored in an iOS backup that contains information about Apple Pay transactions?
Pass.json
Manifest.plist
Keychain
Apple_pay.plist
A junior analyst is questioning findings from an SQLite query that joined two tables on a mobile device's chat application. The analyst is confused as to why they only have 200 records when over 400 showed up in the chat messages table before running the query. What is the reason for the discrepancy?
The analyst did not SELECT the proper columns when doing the JOIN.
The analyst forgot to adjust for epoch time, which caused a discrepancy in the results based on the first JOIN command.
The analyst ran a LEFT JOIN instead of an INNER JOIN.
The analyst ran an INNER JOIN instead of a LEFT JOIN.
What is the AS keyword used for in the SELECT statement below?
SELECT
ZTEXT AS "Message Text",
ZDATE AS "Message Date”,
ZSTATE AS "Message Direction/State"
FROM
ZVIBERMESSAGE
To change the column names in the output
To search messages for the specified string
To change the column names in the source database table
To convert the message data values to human readable format
Which of the following is true concerning third-party chat applications?
Third-party chat applications store all their data in the stock Android messaging databases.
Commercial forensic tool support is very good.
Forensic tools cannot parse data from third-party chat applications.
All potentially helpful data are likely to be encrypted.
An analyst has identified a BLOB stored in an SQLite database and believes it may be critical for a case. How can the data be viewed if the tool does not have the native capability to read binary data?
Internally view as text
Switch to hex view
Convert to XML
Export to an external viewer
Which JOIN would an examiner use to show all resulting rows where both items are a match?
RIGHT
INNER
FULL
LEFT
What format is typically used by databases to store files internally?
ZIP
BLOBs
Baseb64
SQLite
Where might an analyst find evidence of file transfers performed as part of a file sharing service?
SMS messages
.bak files
Cache Files
.bbm files
Where can an examiner find evidence of file transfer through the Dropbox application, besides the folder containing the app data?
Browser history
Maps history
Call logs
Contacts
A junior analyst feels it would not be beneficial to review a weather application's history as part of a forensics investigation of an iOS device, but a coworker analyst feels the history should be included. What information from this application's history would aid in the examination?
Traffic route information tracked by the weather application
GPS location data that can place the user at a specific place at a certain time
User account information that is requested in order to view the application
Data that are shared and recorded between third-party applications by the same developer
Which of the following is an encoding schema?
Serpent
Base64
AES
Blowfish
What are JavaScript Object Notation (JSON) files typically used for in smartphones?
Encoding small data sets
Increasing transfer speed between devices
Enabling dynamic web browsing
Transferring data between an application and a web server
What type of database file has an examiner likely uncovered if they find the following four bytes starting at offset 0x10?
 
542D 4442
Mongo
WAL
SQLite
Realm
{"name":"Quiz 5", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"In Base64, how many bits are used to represent 64 different values?, SQL temporary files can contain evidentiary data, but these data may be missed by non-forensic SQLite viewers. Write-ahead logs (WALSs) are one type of temporary file. What data are stored in the WALs?, When reviewing mobile applications, what type of data are sometimes stored outside of the messaging database?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}

More Quizzes

840
Sok sikert!
841400
What Type of Flooring Are You?
1050
How well you know me?
1475
Living
210
1580
Bobby the Bee's Geography Quiz Level 2
20100
Quiz3
10559
Which Q&Ampaign character are you?
10565
How much do U know?
1780
Who should be the Gen 4 Heir? (Late Night)
100
Social Archetype Quiz
9475
Quiz Maker Logo Make your own Quiz
Powered by: Quiz Maker