Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Mobile Forensics > Final Exam > Flashcards

Final Exam Flashcards

1
Q

What file system is the Android operating system based on?

A

Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some important folders common to most Android devices?

A 
Boot.
System.
Recovery.
Data.
Cache.
Misc.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why do forensic examiners not use write blockers for mobile devices?

A

They prevent commands from being pushed to the device which are needed for successful acquisition of the device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Android Debug Bridge

A

ADB is a command line tools that allows you to communicate with the Android device and control it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does enabling USB debugging option do?

A

Enables communication between the device and a

workstation on which the Android SDK is installed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is rooting?

A

Gaining access on the device to allow superuser capabilities and provide open access to the Android device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Disadvantages of Rooting

A

Errors may result in irreparable damage, void warranty, and increased exposure to malware attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

3 Types of Data Extraction: Android

A

Manual.
Logical.
Physical.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the two hardware techniques used to obtain a

physical extraction?

A

Chip off.

JTAG.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Where are preinstalled application stored on Android devices?

A

/system/appdirectory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the definition of data recovery?

A

The process of retrieving deleted data from a device when it cannot be accessed normally.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In an SD card, should the data be acquired through the device or separate from the
device?

A

Both.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is file carving?

A

The process of reassembling computer files from fragments in the absence of file system metadata.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What can we use to rename an APK file in order to see the contents of the file?

A

.zip

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

4 Main Tools Used in Acquisition and Analysis of Android Devices

A

AFLogical.
Cellebrite.
MobileEdit.
Autopsy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Instead of icons for apps, what do Windows phones us?

17
Q

What does Windows Phone use to achieve
least privilege and isolation for its
applications?

18
Q

What is an obstacle examiners face with

Windows Phone forensics?

A

Physical and logical extractions are not supported.

19
Q

What are the two types of BlackBerry users?

A

Consumers who buy.

Enterprise users provided with the device by their employers.

20
Q

Where are the third-party apps’ data stored on a Blackberry device?

21
Q

What can a BES administrator do that a forensic

examiner must remain aware of?

A

Reset user passwords and initialize a remote wipe.

22
Q

Why does the support vary for each model of

BlackBerry devices?

A

BlackBerry file systems vary greatly per model.

Mobile Forensics (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions