Final Exam Study Guide
Final Exam Study Guide CIT 365
Popular in Mobile Device Forensics
Popular in Information technology
This 2 page Study Guide was uploaded by Marcos Pedro Ferreira Leal Silva on Wednesday December 9, 2015. The Study Guide belongs to CIT 365 at Pace University taught by Darren Hayes in Fall 2015. Since its upload, it has received 43 views. For similar materials see Mobile Device Forensics in Information technology at Pace University.
Reviews for Final Exam Study Guide
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 12/09/15
Mobile Device Forensics Dr Darren Hayes Final Exam Summary Other Mobile Devices GPS Devices have become extremely popular since 2009 Nowadays they re available in all kind of flavors from Smartphones or GPS inside cars or even attatched to Action Cameras like goPro Blackboxes were commonly used in aircrafts for years but recently they ve become really popular in cars too The connection of smartphones using bluetooth when in the car has become really common in the last years this leaves traces on both devices Wereable technology like smartwatches and smart glasses have akso become popular in the past few years Mobile Security Everyday lots of apps are hacked because of new exploits discovered by attackers Most of its exploits are corrected in future releases and updates but some people simply don t update their apps and are subject to attacks Some exploits are hardware like the Rogue Power Charger wich charge the phone at the same time it extracts information from it Bluetooth attacks require the attacker to be close to the attacked because of the range of bluetooth but some information can still be retrieved Using some bluesnarfing techniques is possible to access all the phone information because some phones uses bluetooth when updating to a new device The most common attacks are still the Rogue Access Points which is when an attacker create a fake access point that would provide access to the internet but the attacker collect all the traffic information that goes through Scareware is a type of ad that makes the user believe that his device is infected and that it could be cleaned using some specific application which is most of the time untrue and simply a way to install malicious applications outside the market Unlocker and Cheats to famous games are a popular doonNay to malwares Many antivirus for mobiles but all consume battery and slows the phone because they need to check all the actions of the user making the device less productive in general Handset Forensics Blackberry devices are heavily encrypted making the investigation really hard on the device itself Backups could be easier to analyze on the desktop Tools File Juicer iOS BlackLight Mac and Windows Cellebrite AccessData Forensic Windows EXIF analyzer may be able to extract location that could lead to the position of the subject Flasher Boxes Pros and Cons Weak Points Flasher boxes are invasive Changes to the data may occur Some flasher boxes are technically challenging and complicated to use Some do not create an audit trail or processing log They do not perform hash verifications There are many different boxes for the array of devices in the market place Each flasher box can come with many different software interfaces Proprietary and commercially sensitive information is often required for the correct interpretation of the extracted data Analyzing the recovered data can be time consuming Strong Points A complete and reliable understanding of all activity is possible through the extraction and analysis of a hex dump taken from a suspect device Truly deleted data from the handset can be retrieved Damaged devices can be forensically examined Data from devices where the SIM card is missing damaged or PIN protected can be recovered Devices without a battery can be forensically examined Data from PIN and other protected areas of a handset can be accessed Analyzing the extracted data with automated processes is possible with such tools as GetData Phone Image Carver TagView Hexaminer CellPhone Analyzer EnCase and FTK using EnScripts and regular expression search terms Utilizing the mobile forensic analysis software provided by CelleBrite Physical Pro and MicroSystemation XRY Physical may also provide quality evidence when they cannot achieve an extraction of the raw data Flasher boxes are alternative cost effective solutions that provide truly deleted recovery capability for organizations on limited budgets Device Handling Remove the SIM Card Turn Off WiFi amp Bluetooth Turn on Airplane Mode Find Power Cabling Charge the Phone Put it in a faraday bagarson can that prevent external communications If the passwords is known write it down in the bag
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'