Quiz 2
Android Forensics Knowledge Quiz
Test your knowledge of Android forensics with our comprehensive quiz! This quiz covers vital areas of Android device analysis, helping both novices and experts enhance their understanding of mobile investigations.
- Engaging multiple-choice questions
- Focus on practical knowledge and real-world applications
- Ideal for digital forensics enthusiasts
Which of the following files can provide information about what applications are draining battery life?
USERDATA/system/batterystats.bin
USERDATA/system/batteryusage.apk
USERDATA/system/batteryinfo.sqlite
USERDATA/system/battery.json
What types of data should an examiner expect to find in the Android CACHE partition?
Provider and media data
Applications and browser data
Memory ranges and download data
Browser and download data
An analyst needs to find Google+ contacts on a physical image of an Android device. Where is the database containing this information located?
/com.google.android.gms/databases/pluscontacts.db
/com.google.android.gms/databases/contacts2.db
/com.google.android.gms/databases/icing_contacts.db
/com.android.providers.contacts/databases/pluscontacts.db
Which of the following EXT4 file system features reduces the lifespan of a device, if enabled?
Encryption
Storage larger than 4 GB
Journaling
Extended inode table
When using the "adb devices" command, how is a connected and trusted device identified?
Connected
Device
Authorized
Trusted
Which ADB command can be used to check the list of connected Android devices?
Adb list
Adb authorize
Adb connect
Adb devices
On an Android device, which file contains information related to installed applications, such as how they were downloaded?
AndroidManifest.xml
Usagestats.bin
Packages.list
Localappstate.db
Which of the following is a suggested step in acquiring an SD card when there is plenty of time for acquisition?
Acquire the SD card through the device and outside of the device
Acquire the SD card through the device only
Acquire the SD card outside of the device only
Do not acquire the SD card if encryption is enabled
When using the "adb devices" command, how is a connected and untrusted device identified?
Connected
Unauthorized
Disconnected
Device
On an Android device, which file contains applications information such as permissions and unique identifiers?
Packages.list
Dmappmgr.db
AndroidManifest.xml
Batterystats.bin
During the investigation of an Android device, some interesting pictures were found in the following folder: /data/user_de/0/com.android.providers.telephony/app_parts/. What is the source of the information?
WhatsApp contacts profile pictures
Web browsing cache
MMS attachments
Original pictures taken with the device camera
You are analyzing an Android device and need to find traces of usage of an SD card. Which database can contain information about files stored on the SD card?
Bugle_db
External.db
Logs.db
Internal.db
Which ADB command can you use to extract the list of installed applications on an Android device?
adb.exe view app_list
Adb.exe shell pm list packages
Adb.exe shell service list
Adb.exe shell dumpsys apps
An examiner has been tasked with extraction of the call logs on an Android device. Where should she expect these data to be located?
USERDATA/data/com.android.providers.media/external.db
CACHE/data/com.android.providers.contacts/databases
USERDATA/data/com.android.providers.contacts/databases
CACHE/data/com.android.providers.media/external.db
You are told to manually investigate an Android device for evidence of a messaging application. You find no application available through the menu and no Android Application Package file. Where else can you search for traces of the application?
Search the USERDATA/dalvik-cache directory for traces in the *.dex files
Search the /data/property for the SQLite databases in the *.db files
Search the /data/system directory for traces in the *.app files
Search the /data/backup for application backups in the * bak files
Applications are not required to save and store data in the USERDATA/data directory on Android devices, but most comply anyway. What overrides the decision to keep the application information in the default location?
Database version
Device manufacturer selection
Shared preference library
User decision
Which of the following commands can be used to extract daily usage stats for installed applications?
Adb usagestats
Adb shell dumpsys user
Adb shell service stats
Adb shell dumpsys usagestats
Which of the following features is typically required to be activated in order to obtain a file system or backup acquisition on an Android device?
Download Mode
Recovery partition
USB Debugging
Factory reset protect
Which of the following files contains metadata about the application?
Packages.dex
Packages.list
Application.dex
Metadata.xml
What is the name of the Android protocol used to communicate with a device?
Android Debug Bridge (ADB)
Android Communication System (ACS)
Android Data Bridge (ADB)
Android Bridge (AB)
{"name":"Quiz 2", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge of Android forensics with our comprehensive quiz! This quiz covers vital areas of Android device analysis, helping both novices and experts enhance their understanding of mobile investigations.Engaging multiple-choice questionsFocus on practical knowledge and real-world applicationsIdeal for digital forensics enthusiasts","img":"https:/images/course7.png"}