






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Definitions and explanations of terms related to device forensics and investigation, including primary and secondary data files, cloud roles, email protocols, and file carving. It also covers laws and regulations related to email communication and data privacy. likely a set of study notes or a summary for a course on device forensics and investigation.
Typology: Exams
1 / 10
This page cannot be seen from the preview
Don't miss anything!







Primary Data Files (MDF) - Correct Answer: Starting point of the database and points to other files in the database (tables, schemas, indexes, etc). File extension is .mdf Secondary Data Files (NDF) - Correct Answer: These are optional, While a database contains only one primary data file, it can contain zero/single/multiple secondary data files. The file name extension for secondary data files is .ndf Transaction LOG Data Files (LDF) - Correct Answer: Log information associated with the database. The transaction log file helps a forensic investigator to examine the transactions occurred on a database, and even recover data deleted from the database. The file name extension is .ldf IT Professionals - Correct Answer: responsible for managing and maintaining all the aspects of the cloud, such as cloud security architects, network administrators, security administrators, ethical hackers (Cloud Roles) Investigators - Correct Answer: responsible for conducting forensic examinations against allegations made regarding wrongdoings, found vulnerabilities and during attacks over the cloud. Work in collaboration with the external investigators, law enforcement agencies for forensic investigations on the internal assets (Cloud Roles)
Incident Handlers - Correct Answer: first responders for all the security incidents taking place on a cloud. They are the first line of defense against cloud security attacks and their primary role is to respond against any type of security incident immediately. (Cloud Roles) Law Advisors - Correct Answer: Make sure all forensic activities are within the jurisdiction and not violating any regulations or agreements (Cloud Roles) By default in Windows 10, the Dropbox client is installed at - Correct Answer: C:
Program Files (x86)\Dropbox | C:\Users<username>\Dropbox (syncing files) By default the Google Drive client is installed at - Correct Answer: C:\Program Files (x86)\Google\Drive | C:\Users<username>\Google Drive (syncing files) SMTP (25) - Correct Answer: Sending mail server, which allows a user to send emails to a valid email address. Users cannot use SMTP server to receive emails; however, in conjunction with POP or IMAP, they can use SMTP to receive emails with proper configuration.
X-Mailer - Correct Answer: is a free-form header to allow the recipient to know their mail software X-PMFLAGS - Correct Answer: is a Pegasus header X-Priority - Correct Answer: used by Outlook to assign a priority X-Sender - Correct Answer: is the Sender of the email also referred to the "From" header X-UIDL - Correct Answer: is used by POP for retrieving mail from a server PRIV.EDB - Correct Answer: It is a rich text database file that contains message headers, message text, and standard attachments. PUB.EDB - Correct Answer: It is a database file to store public folder hierarchies and contents. PRIV.STM - Correct Answer: It is a streaming Internet content file containing video, audio, and other media that are streams of MIMEs.
CAN-SPAM Act (Controlling the Assault of Non Solicited Pornography and Marketing Act) - Correct Answer: law that sets the rules for sending e-mails for commercial purposes, establishes the minimum requirements for commercial messaging, gives the recipients of e-mails the right to ask the senders to stop e- mailing them, and spells out the penalties in case if the rules are violated. Honor recipients opt-out request within 10 business days Data loss - Correct Answer: biggest threat to mobile devices. Communication API - Correct Answer: simplifies the process of interacting with web services and other applications such as email, internet, and SMS GUI API - Correct Answer: is responsible for creating menus and sub-menus in designing applications and acts as an interface where the developer has a chance of building other plugins Phone API - Correct Answer: provides telephony services related to the mobile carrier operator such as making calls, receiving calls, and SMS File Carving - Correct Answer: a method of recovering deleted files from the device's memory. It is an important technique in the process of forensic
Mail bombing - Correct Answer: primary objective behind mail bombing is to overload the email server and degrade the communication system by making it unserviceable. (DoS) Mail storms - Correct Answer: occurs when computers start communicating without human intervention. Personal email file extension (Outlook) - Correct Answer: (.pst) Offline email file extension (Outlook) - Correct Answer: (.ost) Server Storage Archive Microsoft Exchange (extensions) - Correct Answer: (.STM, .EDB) IBM Notes extension - Correct Answer: (.NSF, .ID) GroupWise extension - Correct Answer: (.DB) Surface Manager (Android Libraries) - Correct Answer: It takes care of displaying windows owned by different applications running on different processes
Media Framework (Android Libraries) - Correct Answer: offers various media codecs that allow the recording and playback of all the media formats (enable audio support) SQLite (Android Libraries) - Correct Answer: database engine that stores data in Android devices. OpenGL/ES and SGL (Android Libraries) - Correct Answer: used to render 2D (SGL) or 3D (OpenGL/ES) graphics content to the screen Free Type (Android Libraries) - Correct Answer: It renders the bitmap and vector fonts WebKit (Android Libraries) - Correct Answer: the browser engine used to display web pages Libc (Android Libraries) - Correct Answer: C system library tuned for embedded Linux-based devices. Cocoa Touch Layer (iOS Architecture) - Correct Answer: The most important framework among the available frameworks is UIKit. It defines simple application
Integrated Circuit Card Identifier (ICCID) - Correct Answer: a 19 or 20 digit unique identification/serial number printed on the SIM to identify each SIM internationally. International Mobile Subscriber Identity (IMSI) - Correct Answer: 15 digit subscriber identification number that defines a subscriber in the wireless world, including the country and mobile network to which the subscriber belongs. International Mobile Equipment Identifier (IMEI) - Correct Answer: identifies mobile equipment in 15 digits representing the manufacturer, model type, and country in which it is approved. can be obtained by keying in *#06# FoxMail - Correct Answer: Local Archive (index + messages: *.box)