Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

COMP47370_DataAndDatabasesForensics > 99 - Sample Exam iOS > Flashcards

99 - Sample Exam iOS Flashcards

1
Q

iOS Forensics - Contacts

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. Addressbook.sqlitedb & AddressbookImages.sqlitedb
  2. ABPerson (rowid, last, first)
    * *ABMultiValue** (record_id, label)
    * *ABMultivalueEntry** (parent_id)
    * *ABMultiValueLabel** (rowid)
  3. look above
  4. NSDate: +978’307’200
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

iOS Forensics - Call History

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. call_history.db
  2. call
  3. Rowid
    Address
    Date
    Duration
    Flags (4=incoming, 5=outgoing, 8=blocked, 16=FaceTime, Else=Dropped)
  4. unixepoch
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

iOS Forensics - Chats

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. ChatStorage.sqlite
  2. zwamessage
  3. ZMESSAGEDATE
    ZTEXT
  4. NSDate: +978’307’200
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

iOS Forensics - Calendar

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. Calendar.sqlitedb & Extras.db
  2. Alarm, Event, ZALARM
  3. -
  4. NSDate: +978’307’200
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

iOS Forensics - SMS

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. sms.db
  2. message
    msg_group
    group_member
    sqlite_sequence
    msg_pieces
  3. ROWID
    Address
    date
    text
    flags (2=received, 3=sent, 129=deleted)
  4. unixepoch
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

iOS Forensics - Location

Name the following:

  1. Important databases
  2. Important tables
  3. Important fields / flags (if any)
  4. Timestamp used
A
  1. consolidated.db
  2. CellLocation & WifiLocation
  3. Latitude, Longitude, Timestamp
  4. NSDate: +978’307’200
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

iOS Forensics - Contacts

What is the path of the db file(s)?

A

/private/var/mobile/Library/Addressbook/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

iOS Forensics - Call History

What is the path of the db file(s)?

A

/var/wireless/Library/CallHistory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

iOS Forensics - Chats

What is the path of the db file(s)?

A

/private/var/mobile/Containers/Shared/AppGroup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

iOS Forensics - Calendar

What is the path of the db file(s)?

A

/private/var/mobile/Library/Calendar/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

iOS Forensics - SMS

What is the path of the db file(s)?

A

/var/mobile/Library/SMS/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

iOS Forensics - Location

What is the path of the db file(s)?

A

/Library/Caches/locationd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

COMP47370_DataAndDatabasesForensics (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions