Definitions

Question 1

What is GSM?

Answer 1

The Global System for Mobile Communications (GSM):

A standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets.

Question 2

What is UMTS?

Answer 2

UTMS (Universal Mobile Telecommunications System):
A 3G mobile cellular system for networks based on the GSM standard

Question 3

What is LTE?

Answer 3

LTE (Long Term Evolution Standard) and LTE+ are designed to be cellular networks. LTE / LTE+ are the standard & main technoogy for most 4G networks.

LTE+ is faster than the original LTE

Question 4

What is WAP?

Answer 4

Wireless Application Protocol (WAP):

a now obsolete technical standard for accessing information over a mobile cellular network. Introduced in 1999, WAP allowed users with compatible mobile devices to browse content such as news, weather and sports scores provided by mobile network operators, specially designed for the limited capabilities of a mobile device

Question 5

What is GPRS?

Answer 5

GPRS (General Packet Radio Service):

An expansion of GSM (Global System for Mobile Communications) networks that offer packet-switched data services. The GPRS architecture consists of different network components and interfaces that work together to provide data services. Developed as part of 2.5G

Question 6

What is EDGE?

Answer 6

The letter E represents the Enhanced Data rates for GSM Evolution (or EDGE) network. The network started to spread in popularity sometime in 2003 by offering speeds that were almost three times faster than any of its predecessors. Developed as part of 2.5G

Question 7

What is CDMA?

Answer 7

CDMA (Code Division Multiple Access) is CDMA (Code Division Multiple Access) is a technology used in mobile networks to allow multiple users to share the same frequency band simultaneously.

It was widely used in 3G but mostly replaced by more advanced technologies such as 4G LTE (Long-Term Evolution) and 5G

Question 8

What is BFU?

Answer 8

BFU (Before First Unlock).

When device is powered on but has not yet been unlocked for the first time since last powering on, or last reboot or reset - restricted features / functionality usually available.
Phone in this state are considered more challenging for examiners because the file based encryption will have not loaded the required file decryption keys into memory.

Question 9

What is AFU?

Answer 9

AFU - After First Unlock (when device is powered on and has already been unlocked one or more times since powering on or re-boot or reset). A more advantageous state for examination - more content likely to be available because the file decryption keys have been loaded into the device’s temporary memory and will remain there until the device is powered off

Question 10

What is a ICC?

Answer 10

ICC - Integrated Circuit Card

A general term for a smart card (a micro-controller based access module) - not just for mobile communication purposes.
An ICC is a physical card embedded with an integrated circuit (IC) that can process and store data. These cards are used in a variety of applications, including telecommunications, banking, identity verification, and security. The ICC enables the card to perform functions like authentication, encryption, and secure storage

Question 11

What is a SIM?

Answer 11

Subscriber Identity Module (SIM) is the ICC defined for 2G GSM networks including the PHYSICAL card & LOGICAL application. It is a mini computer

Question 12

What is a UICC?

Answer 12

Universal Integrated Circuit Card (UICC) is the PHYSICAL card as defined by UMTS, LTE & 5G networks

Question 13

What is a USIM?

Answer 13

Universal Subscriber Identity Module (USIM) is the LOGICAL application as designed for the UMTS, LTE & 5G networks.
It is possible to have a number of USIM applications installed on one UICC

Question 14

What is an IMSI?

Answer 14

International Mobile Subscriber Identity (IMSI)

• 15 digit number
• Used to uniqiely identify a USER on a GSM based mobile network. So identifies the SUBSCRIBER on a network
• Electronically stored in the SIM / UICC in the memory area
• May be protected by PIN / CHV
• Requires electronic extraction from the SIM / UICC to determine and may require PIN or PUK to acquire
• Defined by ITU-T Recommendation E.212.
• gives name and country of service provider

inputting IMSI into tools like numbering plans might give the country and service provider that issued the IMSI.

Question 15

What is an ICCID?

Answer 15

ICCID (Integrated Circuit Card ID).

Unique serial number usually printed on the SIM / UICC. Unique to that SIM or UICC.
Also known as SIM serial number.
Has a structure.

19 or 20 digits (ignore any digits or letters after this)

Electronically stored on the SIM / UICC on EFICCID

Service provider can ID phone number (& poss subscriber) from the ICCID

Reveals country of origin & service provider.

Question 16

What is an MSISDN

Answer 16

MSISDN (Mobile Station International Subscriber Directory Number)

i.e the TELEPHONE NUMBER

Can be stored on SIM as ‘own dialling number’ but this is user edited so is not reliable. Only reliable source is a request to the SP (using the ICCID or IMSI)

Length of MSISDN is county specific but max is 15.

Question 17

What is the CHV?

Answer 17

CHV (Card Holder Verification)

• Commonly known as a PIN but now correctly known as CHV
• 2 user editable locks are available. Usually PIN1 is used.
• 4 to 8 digits in length
• 3 incorrect attempts usually require an unblocking key or PUK to unlock
• Some providers use default values

Question 18

What is the UCHV?

Answer 18

UCHV (Unblock Card Holder Verification)

• Commonly called PIN unblocking key (PUK). Correct name is Unblock Card Holder Verification (UCHV)
• 8 digit code to unblock SIM/ UICC
• Set by and can be requested from the CSP. Cannot be edited by user.
• 10 failed PUK / UCHV attempts permanently destroys data on the SIM UICC. Important because SP sometimes give incorrect codes due to wrong database, or people may deliberately enter it wrong 9 times to leave only 1.

UCHV can be input on the handset or cardreader by the forensic tool (preferred method)

Question 19

What is a TMSI?

Answer 19

TMSI - Temporary Mobile Subscriber Identity.

TMSI is a temporary identifier used in mobile networks to protect the privacy and security of a subscriber. It helps mobile network operators manage and secure communication between a mobile device and the network without revealing the permanent identity of the subscriber (such as the IMSI International Mobile Subscriber Identity)

Question 20

What is a PCB?

Answer 20

A PCB (Printed Circuit Board) is a flat, typically rigid board that holds and connects electronic components using conductive tracks, pads, and other features etched from one or more layers of copper laminated onto or between sheets of non-conductive material.

Question 21

What is an IMEI?

Answer 21

IMEI (International Mobile Equipment Identity)

It is the ‘serial number’ of a mobile device handset. 15 or 16 digit number.

Used by the network operator to ensure the device is a valid piece of equipment to be allowed on the mobile network.

Identifes the device make, model & manufacturer

Question 22

What is a TAC?

Answer 22

TAC is a Type Allocation Code.

• Unique identifier that represents the first 8 digits of the device’s IMEI number.
• Identifies the make, model, and country of origin - agency that issued the IMEI e.g Britsh Approvals Board for Telecommunications (BABT) - not necessarily where it was manufactured.
• The first 2 digits are the reporting body identifier (e.g 35 = BABT)

35 = BABT
01 = CTIA
86 = TAF
91 = MSAI
00 = Test
98 = Reserved for future use
99 = GHA

• Digits 3 to 8 are the Mobile Equipment Model Identifier - allocated to the device manufacturer for a specific model (e.g 195000 = Siemens MC60)

Question 23

What is a CD (in terms of the IMEI)?

Answer 23

CD (Check Digit)

• 15th digit of an IMEI is a check digit (CD). Used to check the validity of the IMEI.
• Check digit is calculated with the ‘Luhn’ formula (open source). This is a checksum formula used to check the first 14 digits of the IMEI
• Early handsets this was always a value of zero. Now can be anything up from 0 to 9
• The CD is NOT transmitted on the network so WILL NOT have a value on call / charge data records (CDR) obtained. On CDR it will always show a zero.

Question 24

What is a Cell (in terms of wireless communication)

Answer 24

A Cell in wireless communication refers to a specific geographic area covered by a cell tower (or base station) in a cellular network. Each cell is assigned a cell ID.

A cell provides network coverage to mobile devices within its area, enabling seamless wireless communication. This web of cells forms the backbone of our daily communication, allowing us to stay connected as we move about.

Question 25

What is a BTS?

Answer 25

A Base Transceiver Station (BTS)

A Base Transceiver Station (BTS) is a critical part of mobile network infrastructure that manages wireless communication between mobile devices and the telecom network. It facilitates the transmission and reception of radio signals, handles tasks like frequency management and handovers, and ensures that users can communicate over voice, data, and other services seamlessly. BTS technology continues to evolve with the introduction of 4G LTE and 5G to meet the increasing demands for data, speed, and connectivity

Question 26

What is the MCC?

Answer 26

Mobile Country Code (MCC)

A three-digit code that identifies the country in which a mobile network operates.

Question 27

What is a LAI?

Answer 27

A group of cells form a Location Area and can be identified by the Location Area Identity (LAI). Can cover a wide area.

• The LAI is broadcast frequently by BTS’s on the broadcast channel on the network
• The LAI is served by one or (usually) more BTS’s
• Combining the Mobile County Code (MCC), Mobile Nertwork Code (MNC) and Location Area Code (LAC) gives the Location Area Identity (LAI)

Question 28

What is the MNC?

Answer 28

The Mobile Network Code (MNC) is a two- or three-digit number used in mobile telecommunications to identify a specific mobile network operator within a country.

The Mobile Network Code (MNC) is a critical identifier in mobile telecommunications, used alongside the Mobile Country Code (MCC) to uniquely identify mobile network operators. It ensures that mobile devices can connect to the correct network both at home and when roaming, allowing for proper authentication, service provision, and billing

Question 29

What is a CGI?

Answer 29

The Cell Global Identity (CGI) is a unique identifier used in mobile networks to distinguish individual cells within a network. It helps identify the specific location of a mobile device by referring to the cell that the device is currently connected to.

The CGI is a vital component of location management, call routing, and mobility in cellular networks.

• Combining the Mobile County Code (MCC), Mobile Nertwork Code (MNC) and Location Area Code (LAC) gives the Location Area Identity (LAI)
• Combining all the above plus the Cell Identity Code gives the Cell Global Identity (CGI)

Question 30

What is a Chipset?

Answer 30

A chipset refers to the collection of integrated circuits that manage and control the device’s core functions. It serves as the backbone of the device, handling communication between the processor, memory, storage, and other components. The chipset enables the device to perform tasks such as processing data, running applications, connecting to networks, and managing power consumption.

In mobile devices, chipsets are often referred to as SoCs (System on a Chip), as they integrate multiple components onto a single chip

Question 31

What is Jailbreaking & Rooting?

Answer 31

Jailbroken and rooted refer to two similar processes used to gain privileged or unrestricted access to mobile devices’ file systems and operating systems, typically beyond what is allowed by default by the manufacturer.

This process is used on iOS (jailbreaking) and Android (rooting) devices, and it gives the user administrative rights, allowing them to bypass certain security mechanisms and restrictions put in place by the OS or manufacturer.