2
C702 PA Main Study test questions with accurate detailed
|| || || || || || || || ||
solutions
Subscriber Identity Module: - ✔✔A subscriber identity module (SIM) can store sensitive data
|| || || || || || || || || || || || ||
such as user contacts, messages, and the time stamps associated with them. It also contains
|| || || || || || || || || || || || || || ||
technical information such as the Integrated Circuit Card Identifier (ICCID), International Mobile
|| || || || || || || || || || || ||
Subscriber Identity (IMSI), last dialed numbers (LDNs), and service provider name (SPN), which
|| || || || || || || || || || || || ||
help a forensic investigator during cell phone data acquisition.
|| || || || || || || ||
Mobile Switching Center: - ✔✔The mobile switching center (MSC) processes calls and messages
|| || || || || || || || || || || ||
within a network and routes them between landline and wireless networks.
|| || || || || || || || || || ||
Base Transceiver Station: - ✔✔A base transceiver station (BTS) is a radio transceiver equipment
|| || || || || || || || || || || || || ||
that facilitates users with wireless communication between a mobile phone and a network.
|| || || || || || || || || || || ||
Base Station Controller: - ✔✔A base station controller (BSC) manages the transceiver equipment
|| || || || || || || || || || || || ||
and performs channel assignment. It is a part of the GSM architecture that controls one or more
|| || || || || || || || || || || || || || || || ||
BTSes and the cell site radio signals to reduce the load on the switch.
|| || || || || || || || || || || || ||
Base Station Subsystem: - ✔✔This is one of the major sections of a cellular network. It controls
|| || || || || || || || || || || || || || || || ||
the BSC and BTS units. It is responsible for:
|| || || || || || || ||
||
Handling the traffic || || ||
The network switching system and signaling between cell phones
|| || || || || || || ||
Home Location Register: - ✔✔This is the database at the MSC that stores the data related to the
|| || || || || || || || || || || || || || || || || ||
subscribers and other services. || || ||
,2
Visitor Location Register: - ✔✔This is the database used for the mobile phones roaming outside
|| || || || || || || || || || || || || || ||
their service area. It contains the current location of the mobile user as well as the Temporary
|| || || || || || || || || || || || || || || || ||
Mobile Subscriber Identity (TMS || || ||
Authentication Center: - ✔✔An authentication center (AuC) stores the user's IMSI, encryption, || || || || || || || || || || || ||
and authentication keys.
|| ||
Equipment Identity Register: - ✔✔An equipment identity register (EIR) is a database that || || || || || || || || || || || || ||
contains a list of mobile devices along with their IMEI numbers. A mobile network operator can
|| || || || || || || || || || || || || || || ||
analyze the EIR to track the IMEI of a mobile device and check if it is valid (whitelisted or
|| || || || || || || || || || || || || || || || || || ||
blacklisted), suspected, or stolen/blocked (blacklisted), and accordingly take action, if required. || || || || || || || || || ||
Minimum Linux Kernel that supports ext4 - ✔✔v2.6.19 onwards || || || || || || || ||
net share - ✔✔Retrieve information on all resources that are shared on the local computer.
|| || || || || || || || || || || || || ||
How should a forensic investigator preserve evidence on a cell phone during transport without
|| || || || || || || || || || || || || ||
altering any digital evidence? - ✔✔Place the device in a Faraday bag
|| || || || || || || || || || ||
What should a forensic investigator collect to analyze the email artifacts of a Tor Browser
|| || || || || || || || || || || || || || ||
session? - ✔✔Memory dump || || ||
SysTools MailPro+ - ✔✔examine local mail files and folders and collect them as evidence for
|| || || || || || || || || || || || || || ||
Mozilla Thunderbird data || ||
EaseUS Data Recovery Wizard - ✔✔Is used to perform format recovery and unformat and
|| || || || || || || || || || || || || ||
recover deleted files emptied from Recycle Bin or data lost due to partition loss or damage,
|| || || || || || || || || || || || || || || ||
software crash, virus infection, unexpected shutdown, or any other unknown reasons under
|| || || || || || || || || || || ||
Windows 10, 8, 7, 2000/XP/Vista/2003/2008 R2 SP1/Windows 7 SP1. This software supports
|| || || || || || || || || || || ||
hardware RAID and hard drive, USB drive, SD card, memory card, etc.
|| || || || || || || || || || ||
, 2
AWS CloudTrail - ✔✔provides AWS API call history for AWS accounts including calls made via
|| || || || || || || || || || || || || ||
the AWS Management Console or Command Line tools, AWS Software Development Kits and
|| || || || || || || || || || || || || ||
other AWS services || ||
Amazon CloudWatch - ✔✔Allows the inspection, access and storage of log files from various
|| || || || || || || || || || || || || ||
AWS sources such as AWS CloudTrail, EC2 instances, and Route 53.
|| || || || || || || || || ||
It helps in collecting all log data to a centralized location and analyzes them by performing
|| || || || || || || || || || || || || || || ||
custom search queries || ||
These logs can be viewed as log streams that capture a sequence of log events from the same
|| || || || || || || || || || || || || || || || || ||
instance or resource. || ||
adb pull - ✔✔On an unlocked and unrooted Android device, the investigator can perform logical
|| || || || || || || || || || || || || || ||
acquisition by connecting the device to the forensic workstation via USB and running the adb pull
|| || || || || || || || || || || || || || ||
command to acquire data
|| || || ||
Android Debug Bridge (ADB) - ✔✔Is a command-line tool that allows investigators to connect
|| || || || || || || || || || || || || ||
the device to a forensic workstation through a USB and communicate with it
|| || || || || || || || || || || ||
The ADB commands facilitate device actions such as copying files back and forth, installing and
|| || || || || || || || || || || || || || ||
uninstalling applications, and running shell commands on a device || || || || || || || ||
To use ADB commands to control an Android device over USB, the investigator should first
|| || || || || || || || || || || || || || ||
enable the USB debugging feature || || || ||
OWASP Top 10 IoT Vulnerabilities - ✔✔1. Weak or Guessable Passwords
|| || || || || || || || || || ||
Attackers can use easy-to-guess or publicly available passwords to gain access to the systems.
|| || || || || || || || || || || || || ||
Using backdoors in device firmware or client software also grants unauthorized access to the
|| || || || || || || || || || || || || ||
deployed systems. ||
C702 PA Main Study test questions with accurate detailed
|| || || || || || || || ||
solutions
Subscriber Identity Module: - ✔✔A subscriber identity module (SIM) can store sensitive data
|| || || || || || || || || || || || ||
such as user contacts, messages, and the time stamps associated with them. It also contains
|| || || || || || || || || || || || || || ||
technical information such as the Integrated Circuit Card Identifier (ICCID), International Mobile
|| || || || || || || || || || || ||
Subscriber Identity (IMSI), last dialed numbers (LDNs), and service provider name (SPN), which
|| || || || || || || || || || || || ||
help a forensic investigator during cell phone data acquisition.
|| || || || || || || ||
Mobile Switching Center: - ✔✔The mobile switching center (MSC) processes calls and messages
|| || || || || || || || || || || ||
within a network and routes them between landline and wireless networks.
|| || || || || || || || || || ||
Base Transceiver Station: - ✔✔A base transceiver station (BTS) is a radio transceiver equipment
|| || || || || || || || || || || || || ||
that facilitates users with wireless communication between a mobile phone and a network.
|| || || || || || || || || || || ||
Base Station Controller: - ✔✔A base station controller (BSC) manages the transceiver equipment
|| || || || || || || || || || || || ||
and performs channel assignment. It is a part of the GSM architecture that controls one or more
|| || || || || || || || || || || || || || || || ||
BTSes and the cell site radio signals to reduce the load on the switch.
|| || || || || || || || || || || || ||
Base Station Subsystem: - ✔✔This is one of the major sections of a cellular network. It controls
|| || || || || || || || || || || || || || || || ||
the BSC and BTS units. It is responsible for:
|| || || || || || || ||
||
Handling the traffic || || ||
The network switching system and signaling between cell phones
|| || || || || || || ||
Home Location Register: - ✔✔This is the database at the MSC that stores the data related to the
|| || || || || || || || || || || || || || || || || ||
subscribers and other services. || || ||
,2
Visitor Location Register: - ✔✔This is the database used for the mobile phones roaming outside
|| || || || || || || || || || || || || || ||
their service area. It contains the current location of the mobile user as well as the Temporary
|| || || || || || || || || || || || || || || || ||
Mobile Subscriber Identity (TMS || || ||
Authentication Center: - ✔✔An authentication center (AuC) stores the user's IMSI, encryption, || || || || || || || || || || || ||
and authentication keys.
|| ||
Equipment Identity Register: - ✔✔An equipment identity register (EIR) is a database that || || || || || || || || || || || || ||
contains a list of mobile devices along with their IMEI numbers. A mobile network operator can
|| || || || || || || || || || || || || || || ||
analyze the EIR to track the IMEI of a mobile device and check if it is valid (whitelisted or
|| || || || || || || || || || || || || || || || || || ||
blacklisted), suspected, or stolen/blocked (blacklisted), and accordingly take action, if required. || || || || || || || || || ||
Minimum Linux Kernel that supports ext4 - ✔✔v2.6.19 onwards || || || || || || || ||
net share - ✔✔Retrieve information on all resources that are shared on the local computer.
|| || || || || || || || || || || || || ||
How should a forensic investigator preserve evidence on a cell phone during transport without
|| || || || || || || || || || || || || ||
altering any digital evidence? - ✔✔Place the device in a Faraday bag
|| || || || || || || || || || ||
What should a forensic investigator collect to analyze the email artifacts of a Tor Browser
|| || || || || || || || || || || || || || ||
session? - ✔✔Memory dump || || ||
SysTools MailPro+ - ✔✔examine local mail files and folders and collect them as evidence for
|| || || || || || || || || || || || || || ||
Mozilla Thunderbird data || ||
EaseUS Data Recovery Wizard - ✔✔Is used to perform format recovery and unformat and
|| || || || || || || || || || || || || ||
recover deleted files emptied from Recycle Bin or data lost due to partition loss or damage,
|| || || || || || || || || || || || || || || ||
software crash, virus infection, unexpected shutdown, or any other unknown reasons under
|| || || || || || || || || || || ||
Windows 10, 8, 7, 2000/XP/Vista/2003/2008 R2 SP1/Windows 7 SP1. This software supports
|| || || || || || || || || || || ||
hardware RAID and hard drive, USB drive, SD card, memory card, etc.
|| || || || || || || || || || ||
, 2
AWS CloudTrail - ✔✔provides AWS API call history for AWS accounts including calls made via
|| || || || || || || || || || || || || ||
the AWS Management Console or Command Line tools, AWS Software Development Kits and
|| || || || || || || || || || || || || ||
other AWS services || ||
Amazon CloudWatch - ✔✔Allows the inspection, access and storage of log files from various
|| || || || || || || || || || || || || ||
AWS sources such as AWS CloudTrail, EC2 instances, and Route 53.
|| || || || || || || || || ||
It helps in collecting all log data to a centralized location and analyzes them by performing
|| || || || || || || || || || || || || || || ||
custom search queries || ||
These logs can be viewed as log streams that capture a sequence of log events from the same
|| || || || || || || || || || || || || || || || || ||
instance or resource. || ||
adb pull - ✔✔On an unlocked and unrooted Android device, the investigator can perform logical
|| || || || || || || || || || || || || || ||
acquisition by connecting the device to the forensic workstation via USB and running the adb pull
|| || || || || || || || || || || || || || ||
command to acquire data
|| || || ||
Android Debug Bridge (ADB) - ✔✔Is a command-line tool that allows investigators to connect
|| || || || || || || || || || || || || ||
the device to a forensic workstation through a USB and communicate with it
|| || || || || || || || || || || ||
The ADB commands facilitate device actions such as copying files back and forth, installing and
|| || || || || || || || || || || || || || ||
uninstalling applications, and running shell commands on a device || || || || || || || ||
To use ADB commands to control an Android device over USB, the investigator should first
|| || || || || || || || || || || || || || ||
enable the USB debugging feature || || || ||
OWASP Top 10 IoT Vulnerabilities - ✔✔1. Weak or Guessable Passwords
|| || || || || || || || || || ||
Attackers can use easy-to-guess or publicly available passwords to gain access to the systems.
|| || || || || || || || || || || || || ||
Using backdoors in device firmware or client software also grants unauthorized access to the
|| || || || || || || || || || || || || ||
deployed systems. ||
