Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Malware anal 2 > Forensic Acquisition Methods > Flashcards

Forensic Acquisition Methods Flashcards

1
Q

Physical Acq. via device interaction

A

Acquires all data on device, producing a binary file to be decoded for analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

JTAG

A

Using the JTAG interface on the devices ECB, acquires binary file to be decoded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Manual Scroll

A

Physically using the device and interacting with the device for surface level analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Logical Acquisition

A

Only acquires active data on device that the OS allows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

File system Acquisition

A

Allows access to full file system on the device, may recover deleted/hidden files on the device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Physical Acquisition

A

acquires all non-volatile data, binary file dump containing unallocated areas and deleted files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Proprietary Bootloader

A

a custom bootloader can be
injected into the handsets RAM to prevent the operating system from launching as normal, can then be instructed to execute custom operations.

forensic tools can use the bootloader to access the non-volatile memory on a mobile
device allowing for no permanent changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Malware anal 2 (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions