Mobile Ver 2

What does the Mobile Switching Center do

Routs calls SMS and data and connects BTS HLR and authentication systems

What is the MSC’s role

Acts as the brain of the cellular network

What does the Base Transceiver Station do

Handles radio communication between phone and tower and aids triangulation

What is the purpose of BTS

Provides tower equipment for calls data and location services

What does the Home Location Register store

IMSI phone number service plan and enabled features

Why is HLR important

Authenticates and locates subscribers

What does a SIM store

IMSI and phone number

What is SIM cloning

Copying SIM identity to another card

What is ESN

Electronic Serial Number hardware ID

Why is ESN a risk

Because it can sometimes be modified

What is a PUK code

Unlocks SIM after too many wrong PIN attempts

What happens after too many wrong PUK attempts

SIM becomes permanently unusable

What is ICCID

A long SIM card number identifying country carrier account and check digit

What is 2G GSM used for

Voice and SMS with slow data

What is EDGE

An enhanced 2G faster data technology

What is 3G UMTS used for

Email and slow internet

What is 4G LTE used for

Fast data and video streaming

What is 5G known for

Extremely fast speed low latency IoT AR VR support

What is WiFi used for

Local network internet access

What devices run iOS

iPhone iPad iPod

What is APFS

Apple’s modern file system

What is the XNU kernel

A Mach microkernel combined with BSD and IOKit

What does Core Services include

SQLite storage and other system services

What does the Media Layer handle

Audio video and images

What layer contains app frameworks

Cocoa and Cocoa Touch

Where are iOS photos stored

DCIM folder

Where is model and serial info stored in iOS

iPod_control/device/sysinfo

What other folders hold iOS user data

Contacts Notes Calendar Apple Music and iTunes data

What is Android based on

Linux open source OS

What are older Android versions named after

Desserts

What is the first layer of Android architecture

Linux Kernel

What is the HAL

Hardware Abstraction Layer for device communication

What are Native Libraries used for

Graphics media databases

What is ART

Android Runtime providing app sandboxing

What does the Java API Framework do

Provides system services to apps

What are Android System Apps

Preinstalled core apps

What does the Bootloader partition do

Starts the device

What is stored in the Boot partition

Kernel and ramdisk

What does the Recovery partition do

Handles updates and troubleshooting

What does the User Data partition store

Apps settings and personal files

What is the Cache partition used for

Temporary data

What is stored in the System partition

Core OS files

What is the purpose of the /cache directory

App activity and artifacts

What is the purpose of the /data directory

High value app data storage

What is stored in /mnt

Mounted storage

What is stored in /acct

User accounting and permissions

What are the three ADB components

Client daemon and server

What is ADB used for

Logs screenshots filesystem access and data pulls

What mobile evidence can be extracted

Calls texts emails photos videos GPS logs and identifiers

What is the least invasive mobile forensic method

Manual

What is the most invasive mobile forensic method

MicroRead

List all SWGDE mobile forensic levels

Manual Logical File System Physical Noninvasive Physical Invasive ChipOff MicroRead

What is an Active device state

Unlocked and in use

What is a Quiescent state

Locked but powered on

What is a SemiActive state

Screen off with limited function

What is a Nascent state

Device powered off

What does rooting Android require

OEM unlock developer mode and USB debugging

What does rooting provide

Superuser access

What data becomes accessible after rooting

SMS MMS app messages GPS logs deleted data and hidden folders

What should you NOT allow during mobile seizure

Network connections syncing or modifying the device

What SHOULD you do during seizure

Use Faraday bag and document everything

How many combinations in a 6digit iPhone PIN

One million

What tool helps brute force iPhone PINs

XRY

What can iTunes extraction provide

iOS version serial number phone number backup location and logs

Where do you locate iTunes device information

Device info pages backups logs DCIM and hidden directories

Where are deleted iPhone files stored

.Trashes/501

When are deleted iPhone files permanently removed

When overwritten

What does MSC stand for

Mobile Switching Center

What does HLR stand for

Home Location Register

Why is ART important for forensics

It sandboxed apps isolating data and malware

Difference between Logical and File System extraction

Logical gets user level data file system gets deeper directory structure

Where are iOS photos stored

DCIM folder

Which Android directory contains app data

/data

What is the most invasive forensic technique

MicroRead

Where are deleted files on iPhone located

.Trashes/501