Quiz 4
Mobile Forensics Quiz
Test your knowledge on mobile forensics with this comprehensive quiz! It covers topics related to iOS and Android devices, including malware, backup strategies, data extraction, and application analysis.
Key Features:
- Multiple choice questions
- Focus on real-world forensic scenarios
- Enhance your understanding of mobile security
While collecting a user's iOS 11 device, a forensic examiner is informed by the user that they no longer know the backup password. What can the forensic examiner do in order to perform a good forensic acquisition?
Use the Reset All Settings feature on the device.
The examiner has no options as the password cannot be changed.
Have the user call Apple to obtain a temporary password.
Use brute-forcing techniques to guess the password.
Assuming you have obtained permission and have the relevant authority to do so, what is needed to access and download an iCloud backup?
Apple ID and password
A different iCloud account to transfer the backup to
A local backup stored on a computer
The phone from which the backup was created
Which of the following libraries is victim to the exploit used by the Stagefright malware?
LibCorefright
LibStagefright
CoreLibStagefright
LibVideoCodec
Which of the following is a potential malware infection indicator?
FBI warning label
Unusually large phone bills
Data plan usage reduction
Ads linked to search activity
If an analyst wants to find out whether a backup is encrypted, what file could they look in?
Manifest.mbdb
Info.plist
Info.mbdb
Manifest.plist
What are the forensic implications if a user decides not to encrypt backups of their iOS 13+ device?
The backups will not contain Contact data.
The backups will not contain Keychain data.
The backups will not contain Notes data.
The backups will not contain Message data.
During analysis of a Windows PC, an iOS backup is found. Which backup file do you need to check to see whether the backup is encrypted?
Info.plist
Status.plist
Encryption.plist
Manifest.plist
How can an analyst get access to the .ipa files for an iOS device?
Jailbreak the device.
Perform an advanced logical acquisition.
Retrieve the files via an iCloud backup.
Retrieve the files via an iTunes backup.
As with traditional computing platforms, there are mobile malware versions of backdoors, Trojans, and worms. Which of the following best describes a mobile malware backdoor?
A program that collects data about the user's activity and content from a mobile device
A program that purports to be one thing but additionally performs other fun
A program that replicates itself, creating similar or exact copies
A program that provides unauthorized remote access to a mobile device
An analyst is examining an Android device that may contain malware. Which operating system folder should they examine to view the downloaded .apk files for suspicious applications on the device?
Root/system
Root/data
Root/app-cache
Data/App
After an analyst unpacks the contents of an Android Application Package file, which resulting file is needed to create a jar file for analysis?
Modules.dex
Modules.apk
Classes.dex
Classes.apk
Which kernel vulnerability on iOS devices, if exploited, allows an attacker to send specially crafted WiFi packets and install malware?
AWDL
AFC
Sysdiagnose
CrashReporter
What should a forensic analyst be aware of when collecting data from iCloud?
Multiple data pulls may result in an iCloud password reset request.
There are no tools that support iCloud extractions.
ICloud services do not offer strong authentication mechanisms.
Too many incorrect logon attempts may wipe data from a mobile device.
A forensic analyst is performing static analysis on an Android application to determine its capabilities. What should be examined to identify what the user has allowed the application to access?
Services
Activities
Content providers
Requested permissions
During analysis of an iOS device, you need to investigate for suspicious profiles. Where should you go on the device to find provisioning profiles?
Settings > Control Center > Device Management
Settings > Device Management > Profiles
Settings > General > Profiles
Settings > General > Device Management
You are asked to examine an iOS backup of an iPhone 7 device. The device is currently locked. The investigator wants to know what applications are on the backup to determine whether this is the correct phone before asking for the PIN to unlock the device. What can you examine in the iOS backup to find this information?
Info.plist
Manifest.db
Sessions.plist
Status.plist
Which of the following tools can be used to access an iCloud Backup?
Andriller
UFED Physical Analyzer
FTK Imager
Elcomsoft Phone Breaker
You are analyzing an iOS device and want to locate all the IPA files for installed applications. Which folder should you investigate in a full file system extraction?
If an analyst wants to manually analyze a database file from an iOS backup, what tool could they use?
SQLite Browser
Excel
PHPmyadmin
Chrome
What malware was unknowingly submitted to the iTunes App Store by developers, many of whom where in China?
AceDeceiver
RedGhost
XcodeGhost
RedDrop
{"name":"Quiz 4", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge on mobile forensics with this comprehensive quiz! It covers topics related to iOS and Android devices, including malware, backup strategies, data extraction, and application analysis.Key Features:Multiple choice questionsFocus on real-world forensic scenariosEnhance your understanding of mobile security","img":"https:/images/course7.png"}