- All Exams Instant Download
What is the name of this advanced searching capability?
Physical Analyzer provides a function to narrow down a search based on a timestamp, a type, a party or date. What is the name of this advanced searching capability?A . Watchlist EditorB . TagsC . TimelineD . Event of InterestView AnswerAnswer: C Explanation: Physical Analyzer offers the Timeline feature to...
Which artifact must be carved out manually when examining a file system acquisition of an Android device?
Which artifact must be carved out manually when examining a file system acquisition of an Android device?A . Deleted imagesB . ContactsC . SMS messagesD . Phone numbersView AnswerAnswer: C
Which of the following files contains details regarding the encryption state of an iTunes backup file?
Which of the following files contains details regarding the encryption state of an iTunes backup file?A . Keychain-backup.plistB . Manifest.mbdbC . Manifest.plistD . Status.plistView AnswerAnswer: C Explanation: The Manifest.plist lists if the backup is encrypted. This will come into use and be required should the backup file need to be...
What can be ascertained by viewing the Android boot screen below?
The device pictured below is in Download Mode to attempt a physical acquisition. What can be ascertained by viewing the Android boot screen below?A . The Android is not rootedB . No ROM changes have ever occurred on this deviceC . The Original/Factory ROM is bootingD . The Original ROM...
When conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?
When conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?A . HFSB . NTFSC . Yaffs2D . FATView AnswerAnswer: D
Which of the following is a unique 56 bit number assigned to a CDMA handset?
Which of the following is a unique 56 bit number assigned to a CDMA handset?A . Mobile Station International Subscriber Directory Number (MSISDN)B . Electronic Serial Number (ESN)C . International Mobile Equipment Identifier (IMEI)D . Mobile Equipment ID (MEID)View AnswerAnswer: D Explanation: The Mobile Equipment ID (MEID), also found under...
Where can an analyst find data to provide additional artifacts to support the evidence in the highlighted file?
Where can an analyst find data to provide additional artifacts to support the evidence in the highlighted file? A . internal.db-walB . browser2.dbC . sysmon2.db-shmD . external.dbView AnswerAnswer: A
Which Apple developer suite was targeted?
In 2015, Appleās iTunes store was found to be hosting several malicious applications that were infected as a result of hacked version of the developer toolkit used to create applications. Which Apple developer suite was targeted?A . XcodeB . ADBC . Momentics IDED . XamarinView AnswerAnswer: A Explanation: Reference: http://money.cnn.com/2015/09/21/technology/apple-xcode-hack/index.html
Based on the image below, which file system is being examined?
Based on the image below, which file system is being examined? A . Chinese knock-offB . WindowsC . AndroidD . BlackberryView AnswerAnswer: A Explanation: Reference: https://forums.techguy.org/threads/virus-in-china-mobile.992051/
Which of the following is required in addition to the Apple ID of the custodian to access IOS backup files that are stored in ICloud?
Which of the following is required in addition to the Apple ID of the custodian to access IOS backup files that are stored in ICloud?A . iTunes passwordB . Device passcodeC . Manifest.plistD . Keychain-backup.plistView AnswerAnswer: B
