What is the primary function of an embedded system?

A) General-purpose computing
B) Dedicated task execution
C) Web browsing
D) Running multiple operating systems
ANSWER: B

Which of the following is an example of an embedded system in consumer electronics?

A) Laptop
B) Digital camera
C) Desktop PC
D) Cloud server
ANSWER: B

Which memory type is non-volatile and commonly used in embedded firmware storage?
A) DRAM
B) SRAM
C) Flash memory
D) Cache
ANSWER: C

Which processor architecture is most commonly found in mobile devices?

A) x86
B) ARM
C) SPARC
D) PowerPC
ANSWER: B

Which communication protocol is frequently used for debugging embedded systems?

A) UART
B) PCIe
C) SATA
D) FTP
ANSWER: A

What is a key challenge in embedded system design for mobile devices?

A) High power consumption
B) Lack of internet access
C) High-cost manufacturing
D) Unlimited memory availability
ANSWER: A

Which of the following is a real-time operating system used in embedded systems?

A) Windows 10
B) FreeRTOS
C) Ubuntu
D) macOS
ANSWER: B

What is the primary function of JTAG in embedded systems?

A) Data storage
B) Power management
C) Debugging and programming
D) Wireless communication
ANSWER: C

Which component is typically responsible for power efficiency in mobile embedded

systems?
A) GPU
B) Battery management unit
C) Speaker system
D) Display brightness
ANSWER: B

What type of storage is most commonly used in modern mobile devices?

A) HDD
B) SSD
C) eMMC
D) Optical disc
ANSWER: C

What is the primary purpose of mobile phone digital forensics?

A) Identifying hardware defects
B) Recovering deleted data
C) Installing new applications
D) Formatting the device
ANSWER: B

Which forensic tool is commonly used for mobile phone data extraction?
A) Metasploit
B) Cellebrite UFED
C) Wireshark
D) Jenkins
ANSWER: B

Which mobile operating system is more customizable for forensic analysis?

A) iOS
B) Android
C) Windows Phone
D) Symbian
ANSWER: B

Which data is most commonly extracted in mobile phone forensics?

A) Installed wallpapers
B) SMS, call logs, and app data
C) Default ringtones
D) System boot logs
ANSWER: B

Which type of mobile phone memory is volatile?

A) NAND flash
B) eMMC
C) RAM
D) ROM
ANSWER: C

Which forensic method is best for extracting a complete image of a mobile device’s
memory?
A) Logical extraction
B) File carving
C) Chip-off technique
D) Cloud analysis
ANSWER: C

Which security feature in mobile devices hinders forensic investigations?

A) Wi-Fi connectivity
B) Secure Boot
C) Bluetooth pairing
D) FM Radio
ANSWER: B

What is the purpose of a Faraday bag in mobile forensics?

A) Improve signal strength
B) Block network signals
C) Charge the device faster
D) Reset the device password
ANSWER: B

Which encryption method is commonly used in modern smartphones?

A) AES
B) MD5
C) SHA-1
D) Base64
ANSWER: A

Which forensic process involves examining data without altering the original
content?
A) Live analysis
B) Static analysis
C) Data tampering
D) Active probing
ANSWER: B

What is the main limitation of logical data extraction in mobile forensics?

A) It retrieves only accessible files
B) It recovers all deleted data
C) It allows hardware manipulation
D) It bypasses encryption
ANSWER: A

Which file system is commonly used in Android mobile devices?

A) NTFS
B) FAT32
C) EXT4
D) HFS+
ANSWER: C

Which mobile forensic challenge is caused by device encryption?

A) Limited hardware access
B) Slower network connectivity
C) Inability to extract data without authentication
D) Increased device heating
ANSWER: C

What is the purpose of an IMEI number in mobile forensics?

A) Identify the device uniquely
B) Improve processor speed
C) Increase storage capacity
D) Manage Bluetooth connections
ANSWER: A

Which forensic approach allows remote data extraction from a mobile device?
A) Manual acquisition
B) Logical acquisition
C) Cloud forensics
D) SIM cloning
ANSWER: C
Which tool is commonly used to bypass screen locks in forensic investigations?
A) Wireshark
B) Cellebrite UFED
C) VirtualBox
D) Anaconda
ANSWER: B

What does the term "chip-off" mean in mobile forensics?

A) Removing a device's battery
B) Extracting data by physically removing the memory chip
C) Formatting the device remotely
D) Accessing data via the cloud
ANSWER: B

Which component of a mobile phone stores the operating system?

A) SIM card
B) MicroSD card
C) Internal flash memory
D) Bluetooth module
ANSWER: C

What is a major risk of mobile forensics investigations?

A) Accidental data modification
B) Faster device performance
C) Improved battery life
D) Larger screen size
ANSWER: A

Which mobile forensic technique focuses on analyzing app data?

A) Network sniffing
B) Cloud acquisition
C) Application forensics
D) Physical data extraction
ANSWER: C
Which protocol is commonly used to intercept and analyze network traffic in digital
forensic investigations?
A. HTTP
B. FTP
C. Wireshark
D. TCP/IP
ANSWER: C

What type of evidence can be extracted from a mobile device in a forensic

investigation?
A. Call logs
B. SMS messages
C. GPS locations
D. All of the above
ANSWER: D

Which of the following is NOT a common challenge in mobile device forensics?

A. Encryption
B. Remote wiping
C. High storage capacity
D. Lack of internet connectivity
ANSWER: D

What role does an IMSI number play in mobile device forensics?

A. Identifies the mobile device hardware
B. Identifies the SIM card and subscriber
C. Encrypts stored data
D. Serves as a MAC address
ANSWER: B

Which of the following best describes an embedded system?

A. A standalone computer running a full OS
B. A computing system designed for a specific function within a device
C. A general-purpose device used for multiple applications
D. A system that cannot process digital evidence
ANSWER: B

Which network technology is most commonly used for mobile telephony today?
A. 2G
B. 3G
C. 4G LTE
D. Dial-up
ANSWER: C

Which of the following can be considered volatile evidence in mobile device

forensics?
A. SMS messages
B. RAM contents
C. Call logs
D. Photos
ANSWER: B

What tool is commonly used for forensic imaging of mobile devices?

A. Cellebrite UFED
B. Microsoft Excel
C. Windows Task Manager
D. Adobe Photoshop
ANSWER: A

Which mobile network component stores authentication credentials for subscribers?

A. Base Station Controller (BSC)
B. Mobile Switching Center (MSC)
C. Subscriber Identity Module (SIM)
D. Firewall
ANSWER: C

Which forensic method is used to extract deleted data from a mobile phone?
A. Logical extraction
B. File carving
C. Encryption
D. Formatting
ANSWER: B

Which of the following is a forensic challenge when investigating embedded systems?

A. Proprietary operating systems
B. Readily available forensic tools
C. Standard file formats
D. Large storage capacity
ANSWER: A

What is the primary function of a Mobile Switching Center (MSC) in

telecommunication networks?
A. Encrypting mobile data
B. Managing and routing voice calls and SMS
C. Storing digital forensic evidence
D. Acting as a firewall
ANSWER: B

What is the primary forensic concern with VoIP communications?

A. Easy identification of callers
B. Encryption and lack of call logs
C. Fixed caller locations
D. Unchanging IP addresses
ANSWER: B

Which of the following forensic techniques involves analyzing network packets?

A. Static analysis
B. Dynamic malware analysis
C. Packet sniffing
D. Logical imaging
ANSWER: C

Which of these is a unique identifier assigned to a mobile device?

A. MAC address
B. IMSI
C. IMEI
D. URL
ANSWER: C

What type of attack can compromise telecommunication networks and impact forensic
investigations?
A. Phishing
B. Denial-of-Service (DoS)
C. Keylogging
D. SQL Injection
ANSWER: B

Which protocol is commonly used for mobile data transmission?

A. SMTP
B. IPsec
C. LTE
D. Telnet
ANSWER: C

Which of the following can be extracted from a SIM card during a forensic
investigation?
A. Installed applications
B. Network traffic logs
C. Contacts and SMS messages
D. Encrypted passwords
ANSWER: C

Which of the following tools is used for forensic acquisition of mobile devices?
A. FTK Imager
B. Autopsy
C. Cellebrite
D. Nessus
ANSWER: C

Which embedded system is commonly examined in vehicle forensics?

A. BIOS
B. Infotainment system
C. Motherboard chipset
D. Network switch
ANSWER: B

Which mobile security feature makes forensic investigations more difficult?

A. Two-factor authentication
B. Unencrypted storage
C. Root access
D. Open ports
ANSWER: A

Which type of network attack could compromise a forensic investigation?

A. Brute force attack
B. Phishing
C. Man-in-the-middle (MITM) attack
D. Buffer overflow
ANSWER: C

Which forensic tool is best for extracting call logs from an Android device?
A. Wireshark
B. EnCase
C. Magnet AXIOM
D. Hashcat
ANSWER: C

What is the main role of a Home Location Register (HLR) in mobile networks?
A. Storing subscriber data and authentication information
B. Managing call switching
C. Analyzing network traffic
D. Monitoring malware activity
ANSWER: A

Which of the following is a forensic concern in cloud-based mobile applications?

A. Lack of user data
B. Easy data retrieval
C. Data stored across multiple jurisdictions
D. No encryption
ANSWER: C

Which mobile forensic technique bypasses authentication to access data?

A. Manual examination
B. Logical acquisition
C. Chip-off analysis
D. Cloud synchronization
ANSWER: C

What is a common artifact recovered in mobile device forensics?

A. Deleted browser history
B. RAM snapshots
C. TCP/IP headers
D. GPU drivers
ANSWER: A

Which embedded device is commonly analyzed in IoT forensics?

A. Wireless router
B. USB flash drive
C. External hard disk
D. Printer cartridge
ANSWER: A
Which of the following is an example of a passive network forensic technique?
A. Network sniffing
B. SQL injection
C. Port scanning
D. Keylogging
ANSWER: A

Which type of digital forensic analysis is used to examine data in transit?

A. Disk forensics
B. Network forensics
C. Mobile forensics
D. Malware analysis
ANSWER: B
Which of the following is a primary security concern in mobile device forensics?
A. Encrypted storage
B. Read-only access
C. Limited storage capacity
D. Slow processing speed
ANSWER: A

What is the primary goal of malware analysis in digital forensics?

A. To improve device performance
B. To identify, classify, and mitigate malicious software
C. To recover deleted SMS messages
D. To encrypt forensic evidence
ANSWER: B

Which phase of mobile forensics involves acquiring data from a suspect device?
A. Analysis Phase
B. Collection Phase
C. Examination Phase
D. Reporting Phase
ANSWER: B

Which of the following is an example of an ontology in digital forensics?

A. A knowledge-based structure defining relationships between forensic artifacts
B. A cryptographic algorithm used for hashing forensic evidence
C. A mobile forensic extraction tool
D. A standard network protocol
ANSWER: A

Which malware type is designed to disguise itself as legitimate software?

A. Worm
B. Trojan
C. Ransomware
D. Spyware
ANSWER: B

What is the primary objective of the collection phase in mobile forensics?

A. Modifying digital evidence
B. Preserving and acquiring data without altering its integrity
C. Running malware on the device
D. Formatting the storage
ANSWER: B

Which of the following is an important consideration when examining embedded

systems for forensic evidence?
A. Proprietary hardware and software
B. Ease of access
C. Standard file systems
D. Cloud storage availability
ANSWER: A

What is the role of hash functions in mobile forensics?

A. Encrypting user data
B. Ensuring data integrity and authenticity
C. Compressing forensic images
D. Deleting unnecessary evidence
ANSWER: B

Which type of malware locks a user out of their device and demands payment?
A. Adware
B. Ransomware
C. Keylogger
D. Rootkit
ANSWER: B

What is a key challenge in collecting evidence from embedded systems?

A. High processing power
B. Proprietary firmware and restricted access
C. Standardized file structures
D. Large display screens
ANSWER: B

Which of the following is an example of volatile data?

A. Call history
B. RAM contents
C. SMS messages
D. Photos stored in internal memory
ANSWER: B

Which forensic collection method involves physically removing chips from a mobile
device?
A. Logical extraction
B. Chip-off analysis
C. Network forensics
D. Cloud acquisition
ANSWER: B

Which malware is designed to spread from one system to another without human
intervention?
A. Worm
B. Trojan
C. Spyware
D. Rootkit
ANSWER: A

What is the purpose of the examination phase in digital forensics?

A. To collect digital evidence
B. To analyze and interpret acquired data
C. To destroy irrelevant data
D. To create forensic reports
ANSWER: B

What security risk does an unpatched embedded system pose?

A. It reduces battery consumption
B. It improves forensic accessibility
C. It remains vulnerable to exploits and malware attacks
D. It prevents unauthorized access
ANSWER: C

Which mobile forensic tool is commonly used for logical and physical extractions?
A. Microsoft Word
B. Cellebrite UFED
C. Adobe Photoshop
D. Windows Defender
ANSWER: B

Which of the following best describes ontology in forensic investigations?

A. A framework that structures forensic knowledge
B. A hashing algorithm used in forensic imaging
C. A method for remotely wiping data
D. A wireless encryption protocol
ANSWER: A

What is a primary concern when handling malware-infected mobile devices during

forensic collection?
A. Data fragmentation
B. Risk of malware spreading to forensic tools or systems
C. Large file sizes
D. Network latency
ANSWER: B

Which forensic collection technique retrieves data without modifying the file
system?
A. Logical extraction
B. Chip-off analysis
C. Network sniffing
D. Remote access
ANSWER: A

Which phase of mobile forensics involves verifying and organizing extracted

evidence?
A. Collection Phase
B. Examination Phase
C. Identification Phase
D. Reporting Phase
ANSWER: B

What security measure can prevent malware from infecting an embedded system?
A. Installing a firewall
B. Enabling automatic software updates
C. Using default login credentials
D. Disabling network connectivity permanently
ANSWER: B

Which forensic method is useful for analyzing malware’s runtime behavior?

A. Static analysis
B. Dynamic analysis
C. Hashing
D. File carving
ANSWER: B

Which attack vector is commonly used to spread mobile malware?

A. Phishing emails
B. Malicious app downloads
C. USB drive infections
D. All of the above
ANSWER: D

What is a key challenge in forensic analysis of embedded systems?

A. Standardized file formats
B. Proprietary operating systems and hardware restrictions
C. High storage capacity
D. Limited power consumption
ANSWER: B

What is a key consideration in forensic examination of malware?

A. Identifying its origin and impact
B. Formatting the infected device
C. Deleting suspicious files
D. Changing network settings
ANSWER: A

Which type of evidence can be retrieved from mobile RAM?

A. Deleted contacts
B. Active application data
C. Encrypted call logs
D. Stored browser history
ANSWER: B

What is an important forensic consideration when analyzing cloud-stored mobile

data?
A. Jurisdictional and legal challenges
B. Physical access to the device
C. Lack of encryption
D. Small storage size
ANSWER: A

Which technique is used for data recovery in the examination phase?

A. File carving
B. Network packet analysis
C. Malware injection
D. Database encryption
ANSWER: A

Which security measure can prevent unauthorized forensic access to mobile data?
A. Data encryption
B. Weak passwords
C. Disabling firewalls
D. Using default security settings
ANSWER: A

Which type of malware is designed to monitor user activities?

A. Adware
B. Spyware
C. Ransomware
D. Rootkit
ANSWER: B

Which protocol is commonly targeted by mobile malware to intercept data?

A. HTTPS
B. SMS
C. Bluetooth
D. USB-C
ANSWER: C

What forensic issue arises from remote data wiping?

A. Difficulty in recovering deleted evidence
B. Increased battery consumption
C. Improved data security
D. Increased network bandwidth
ANSWER: A

What is a major risk of forensic investigations on network-connected mobile

devices?
A. Unauthorized remote access or tampering
B. Reduced processing speed
C. Difficulty in taking screenshots
D. Low storage capacity
ANSWER: A

Which file system is commonly used in Android mobile devices?

A. NTFS
B. FAT32
C. APFS
D. EXT4
ANSWER: D

What type of forensic analysis is used to examine executable malware files?

A. Network forensics
B. Static malware analysis
C. Mobile forensic imaging
D. User behavior analysis
ANSWER: B

Which forensic challenge is unique to embedded systems?

A. Frequent software updates
B. Limited forensic tools for proprietary firmware
C. Large file sizes
D. Standardized operating systems
ANSWER: B

What role does ontology play in forensic analysis?

A. Helps define relationships between digital artifacts
B. Encrypts forensic reports
C. Automates evidence collection
D. Generates random forensic hashes
ANSWER: A