Quiz 6 Forensics
In older versions of exchange, what type of file was responsible for messages formatted with Messaging Application Programming Interface, and served as the database file?
.edb
What kind of files are created by Exchange while converting binary data to readable text in order to prevent loss of data?
.tmp
Which option below is the correct path to the sendmail configuration file?
/etc/mail/sendmail.cf
On a UNIX system, where is a user's mail stored by default?
/home/username/mail
Syslog is generally configured to put all e-mail related log information into what file?
/var/log/maillog
Where does the Postfix UNIX mail server store e-mail?
/var/spool/postfix
What frequencies can be used by GSM with the TDMA technique?
800 to 1000 MHz
The _______________ component is made up of radio transceiver equipment that defines cells and communicates with mobile phones; sometimes referred to as a "cell phone tower".
Base transceiver station (BTS)
What digital network technology is a digital version of the original analog standard for cell phones?
D-AMPS
Which e-mail recovery program below can recover files from VMware and VirtualPC virtual machines, as well as ISOs and other types of file backups?
DataNumen Outlook Repair
Select the program below that can be used to analyze mail from Outlook, Thunderbird, and Eudora.
Fookes Aid4Mail
In order to retrieve logs from exchange, the PowerShell cmdlet _______________________ can be used.
GetTransactionLogStats.ps1
Select below the option that is not a typical feature of smartphones on the market today:
Hard drive
Which of the NIST guidelines below requires using a modified boot loader to access RAM for analysis?
Hex dumping
What standard introduced sleep mode to enhance battery life, and is used with TDMA?
IS-136
Most Code Division Multiple Access (CDMA) networks conform to ____________ , created by the Telecommunications Industry Association (TIA).
IS-95
What organization is responsible for the creation of the requirements for carriers to be considered 4G?
ITU-R
Within NIST guidelines for mobile forensics methods, the ______________ method requires physically removing flash memory chips and gathering information at the binary level.
Manual extraction
What type of mobile forensics method listed by NIST guidelines involves looking at a device's content page by page and taking pictures?
Manual extraction
Exchange uses an Exchange database and is based on the _______________________, which uses several files in different combinations to provide e-mail service.
Microsoft Extensible Storage Engine (ESE)
Which component of cell communication is used to route digital packets for the network and relies on a database to support subscribers?
Mobile switching center (MSC)
What type of Facebook profile is usually only given to law enforcement with a warrant?
Neoprint profile
One of the most noteworthy e-mail scams was 419, otherwise known as the _______________.
Nigerian Scam
Nonvolatile memory on a mobile device can contain OS files and stored user data, such as a __________________ and backed-up files.
Personal Information Manager
Which of the following is not a type of peripheral memory card used in PDAs?
RamBus (RB)
GSM refers to mobile phones as "mobile stations" and divides a station into two parts, the __________ and the mobile equipment (ME).
SIM card
What information is not typically included in an e-mail header?
The sender's physical location
E-mail administrators may make use of _________________, which overwrites a log file when it reaches a specified size or at the end of a specified time frame.
circular logging
What method below is not an effective method for isolating a mobile device from receiving signals?
placing the device into a plastic evidence bag
The _______________ utility can be used to repair .ost and .pst files, and is included with Microsoft Outlook.
scanpst.exe
T/F Most Code Division Multiple Access networks conform to IS-95. The systems are referred to as CDMAOne, and when they went to 3G service, they became CDMAThree.
F
The ___________________ technology is designed for GSM and Universal Mobile Telecommunications Systems (UMTS) technology, supports 45 Mbps to 144 Mbps transmission speeds.
LTE
Where is the OS stored on a smartphone?
ROM
T/F Search and seizure procedures for mobile devices are as important as procedures for computers.
T
T/F The Pagefile.sys file on a computer can contain message fragments from instant messaging applications.
T
T/F The use of smart phones for illicit activities is becoming more prevalent.
T
T/F While travelling internationally with a GSM phone, you can pop in a SIM card for the country you're currently in, rather than get a new phone.
T
T/F The DomainKeys Identified Mail service is a way to verify the names of domains a message is flowing through and was developed as a way to cut down on spam.
T
In what state is sending unsolicited e-mail illegal?
Washington
The ________________ technology uses the IEEE 802.16e standard and Orthogonal Frequency Division Multiple Access (OFDMA) and supports transmission speeds of 12 Mbps
WiMAX
What command below could be used on a UNIX system to help locate log directories?
find
On what mobile device platform does Facebook use a SQLite database containing friends, their ID numbers, and phone numbers as well as files that tracked all uploads, including pictures?
iPhone
The Suni Munshani v. Signal Lake Venture Fund II, LP et al case is an example of a case that involves e-mail ____________.
spoofing
T/F Committing crimes with e-mail is uncommon, and investigators are not generally tasked with linking suspects to e-mail.
F
T/F In an e-mail address, everything before the @ symbol represents the domain name.
F
Which service below does not put log information into /var/log/maillog?
Exchange
T/F An Internet e-mail server is generally part of a local network, and is maintained and managed by an administrator for internal use by a specific company.
F
T/F Because mobile phones are seized at the time of arrest, a search warrant is not necessary to examine the device for information.
F
What service below can be used to map an IP address to a domain name, and then find the domain name's point of contact?
ARIN
What digital network technology was developed during World War II?
CDMA
