Early mobile phone systems were followed by digital _____ networks.
2G
True or False: The architectural functionality that distinguishes 2G from 3G is that 2G systems were circuit switched and 3G systems are packet switched.
True
True or False: One of the benefits of packet switching is the ability to connect more readily to the Internet.
True
It’s (easy, difficult ) to stay current with the available mobile device models.
difficult
Apple has taken major steps to standardize the development of apps for its and _____ .
iPad; iPhone
Some devices and many apps report the _____ of the device. That can make it much easier to track the owner’s movements.
geolocation
When working on a mobile device, there are several sources of information available to the investigator. Probably the most useful source of information available to an investigator is _____ .
Web searching
An examiner should decide whether to obtain a _____ extraction or _____ extraction or both of a mobile device.
physical; logical
T or F: If you have a device that supports physical extraction, that is the way to image the device. Logical extractions are useful only when the physical option is not available because of the device itself.
True
T or F: physical extractions are bit-by-bit copies of the file system including deleted data.
True
Examiners make it a practice to run an extracted image (once, twice).
twice
The _____ extraction is fairly fast and one might want to examine it for obvious evidence while a tool is making a physical image of the target.
logical
Just like computers, the _____ defines the basic components of the mobile device.
architecture
_____ are storage expansion cards that many mobile devices can accept.
SD or secure digital cards
SD cards are “nonvolatile,” meaning that even if the power is turned off on the device, you won’t lose your favorite tunes or your pictures.
True
In many cases, you can keep your subscriber information when you change mobile phones by simply switching the _____ card to the new phone.
SIM
Often it is desirable to _____ the SIM in much the same way as one would take a physical image of the mobile device or a computer in order to retain a copy for evidentiary purposes.
clone
T or F: It’s always possible to recover deleted file items such as e-mails, texts, and photos from a mobile device.
False
_____ describes the events and concomitant evidence that make up the events of the crime.
chain of evidence
_____ chains show events in the order in which they occurred.
temporal
_____ chains of evidence describe the events of a crime in terms of cause and effect.
casual
_____ crime assessment attempts to tie elements of a crime together into a single crime scene and use the timelines to build a picture and describe the events and supporting evidence of the crime.
hybrid
It is likely that the mobile device is extremely accurate as a yardstick for measuring when events happen as the device may be synchronized to a _____ clock.
network
When a mobile device is set to use _____ , it will recognize any _____ network in its range.
WiFi, WiFi
-
Recording The Crime Scene64
-
Collection of Crime-Scene Evidence37
-
Physical Evidence28
-
Pictograms15
-
Death Investigation54
-
Crime - Scene Reconstruction25
-
Chapter 10 - Bloodstain Pattern Analysis46
-
Chapter 11 - Drugs72
-
Chapter 12 - Forensic Toxicology53
-
Chapter 13 - Hairs and Fibers47
-
Chapter 14 - Trace Evidence0
-
Chapter 15 - Biological Stain Analysis56
-
Chapter 16 - Fire/Explosion61
-
Chapter 17 - Documents37
-
Chapter 18 - Computer Forensics88
-
Chapter 19 - Digital/Multimedia Forensics46
