Mobile Forensics Knowledge Quiz
Mobile Forensics Knowledge Quiz
Test your knowledge in mobile forensics with our comprehensive quiz! This quiz covers various aspects of mobile device analysis, including data acquisition, database management, and forensic tools.
Join us to discover:
- Key features of mobile forensic tools
- Database structures used in smartphones
- Investigative techniques for data retrieval
What AXIOM feature is specifically designed to allow for the identification of time-based events that occurred around when a specific artifact was saved to the device?
Timestamp time
Timeline view
Relative time
Relationship view
Where might an analyst configure Physical Analyzer watch lists and other application settings?
Tools menu
Options menu
Watch List menu
Plug-ins menu
Which of the following SQL statements is used to retrieve specific information from an SQLite database?
JOIN
UPDATE
DELETE
SELECT
During an examination of a smartphone, an analyst finds one text message with the words "hid the treasure." When the analyst does a key word search on the physical image of the phone, there are 542 hits on this phrase. What would best explain this discrepancy?
Garbage collection
Reuse of freelist
Wear leveling
User deleted texts
An analyst is given a GSM phone with a SIM card and asked to examine it to determine the phone's original location of purchase. What can the analyst check to quickly determine the SIMs country of origin?
Device Serial Number
Electronic Serial Number
International Mobile Equipment Identifier
International Mobile Subscriber Identity
Which partition can typically be replaced to gain complete access to the data or root the device?
EDL
Data
Recovery
System
An analyst is using Cellebrite PA to examine a Smartphone. Which Cellebrite PA workspace area contains basic device information such as operating system and serial number?
Extraction Summary
Data Files
Timeline
Installed Applications
Which type of database is most commonly found on smartphones, especially iPhones and Androids?
PostgreSQL
MySQL
SQLite
SQL Server Compact
What does a Mac Absolute timestamp represent?
The number of seconds since 01/01/1970 00:00:00
The number of seconds since 01/01/2001 00:00:00
The number of microseconds since 01/01/1601 00:00:00
The number of milliseconds since 01/01/1970 00:00:00
An examiner has identified a database of interest in a device she is investigating. Which part of the database would she look at to identify the database categories?
Rows
Properties
Columns
Tables
What is the primary purpose of garbage collection on a device with flash memory?
To maintain optimal read speeds
To maintain optimal write speeds
To extend the life of the device
To ensure the even distribution of data
From which chipset manufacturer is EDL mode available?
Qualcomm
Mediatek
Spreadtrum
Exynos
Which version of Android made full disk encryption mandatory if the device hardware meets requirements set by Google?
Nougat v7
Marshmallow v6
Oreo v8
Lollipop v5
What feature of AXIOM allows analysts to show investigators or decision makers how chat messages natively appeared on a mobile device?
Communications view
Application view
Conversation view
Timeline view
The Integrated Circuit Card Identification (ICCID) is an 18 to 20-digit number located on the SIM card. Why is this number useful in an investigation?
It identifies the network security provider.
It contains the subscriber account number of the device owner.
It contains the serial number of the device associated with the SIM card.
It uniquely identifies each SIM card.
What type of acquisition obtains all the data from the first to the last bit on one or more chips in a mobile device?
Logical acquisition
Physical acquisition
Manual acquisition
File system acquisition
A senior forensic examiner is asked by a junior examiner to explain the difference between a logical acquisition and a file system acquisition. What would be the most accurate answer to the question?
A logical acquisition obtains the contents of logical storage objects, while a file system acquisition only copies system files such as settings and configurations.
A logical acquisition obtains the specific contents of logical storage objects, while a file system acquisition attempts to copy all files and directories.
A logical acquisition obtains the contents of logical storage objects, while a file system acquisition acquires all memory data at a bit-by-bit level.
A logical acquisition obtains the contents of logical storage objects, while a file system acquisition examines specific files for additional deleted data.
An investigator has acquired a mobile device and needs to begin parsing and analysis. Which tool would best serve this purpose?
Physical Analyzer
UFED Touch 2
Reader
Analytics
A law enforcement officer who just acquired a suspect's GSM smartphone, in the powered-on state, is afraid that it may be remotely wiped. If no Faraday bag is available, which method of isolation should be used?
Turn the phone's Wi-Fi settings off
Place the phone in Airplane mode
Remove the device's battery
Remove the device's SIM card
What is the Android mode that can be used to flash the ROM of the device?
ADB Mode
Recovery Mode
Download Mode
Device Firmware Update
{"name":"Mobile Forensics Knowledge Quiz", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge in mobile forensics with our comprehensive quiz! This quiz covers various aspects of mobile device analysis, including data acquisition, database management, and forensic tools.Join us to discover:Key features of mobile forensic toolsDatabase structures used in smartphonesInvestigative techniques for data retrieval","img":"https:/images/course3.png"}
More Quizzes
Quiz 3
20100
Quiz 4
20100
Quiz 6
1586
Entering the network
105281
Cyber
15821
Quiz 2
20100
MOC - Last Hurrah
934697
Security Malware
105106
Test 2 Part 1(revisit)
1585
SSRF, impacts of SSRF, prevention of SSRF, SSRF attack scenarios, SSRF with metadata url in cloud systems
13623
IAS TERMINOLOGY REVIEWER [no caps and no commas :)]
924690
Cybersecurity Knowledge Test
14714