Mobile Device Forensics Indian Medical PG Practice Questions and MCQs
Practice Indian Medical PG questions for Mobile Device Forensics. These multiple choice questions (MCQs) cover important concepts and help you prepare for your exams.
Mobile Device Forensics Indian Medical PG Question 1: Workers handling electronic waste are at highest risk of occupational exposure to heavy metals in which of the following settings?
- A. Burning
- B. Incineration
- C. In a landfill
- D. Recycling (Correct Answer)
Mobile Device Forensics Explanation: **Recycling**
- Workers in **e-waste recycling facilities** are directly exposed to the hazardous components of electronic waste, including heavy metals like **lead, mercury, cadmium, and beryllium**, during manual dismantling, shredding, and material separation processes.
- This direct and often unprotected contact during handling and processing significantly increases their risk of **occupational exposure** to these toxic substances, leading to various health conditions.
*Burning*
- While burning e-waste releases toxic fumes and heavy metals, the question specifically asks about health conditions due to occupational exposure, implying direct handling by workers.
- The primary health risk from burning is to those in the immediate vicinity or exposed to resultant atmospheric pollution, rather than direct occupational handling within a controlled facility.
*Incineration*
- **Incineration** (controlled burning in specialized facilities) is designed to minimize direct human exposure to waste during processing, although emissions still pose environmental risks.
- Workers in incineration plants face exposure risks largely related to emissions control and ash handling, which differ from the direct handling of raw e-waste.
*In a landfill*
- Workers in **landfills** primarily face risks from general waste decomposition, methane gas, and leachate, which can contain heavy metals that seep into soil and groundwater.
- While heavy metals from e-waste can leach from landfills, direct occupational exposure to high concentrations of various heavy metals from raw, unprocessed e-waste is less prominent compared to recycling facilities.
Mobile Device Forensics Indian Medical PG Question 2: Res ipsa loquitur is?
- A. Oral evidence
- B. Fact speaks for itself (Correct Answer)
- C. Medical maloccurrence
- D. Common knowledge
Mobile Device Forensics Explanation: ***Fact speaks for itself***
- **Res ipsa loquitur** is a legal doctrine meaning "the thing speaks for itself," implying that the very nature of an accident or injury suggests negligence.
- This doctrine is applied when an injury typically would not occur without **negligence**, and the defendant had exclusive control over the instrumentality causing the injury.
*Oral evidence*
- **Oral evidence** refers to testimony given verbally in court by a witness.
- While evidence is presented in court, "res ipsa loquitur" is a principle of inference, not a specific type of evidence.
*Medical maloccurrence*
- A **medical maloccurrence** is an undesirable or unexpected outcome in medical treatment that may or may not be due to negligence.
- It describes an event, whereas "res ipsa loquitur" is a legal principle used to infer negligence.
*Common knowledge*
- **Common knowledge** refers to facts or information that are generally known by the public.
- While the application of "res ipsa loquitur" might sometimes rely on common sense, it is a specific legal doctrine, not just a general acknowledgment of common facts.
Mobile Device Forensics Indian Medical PG Question 3: DNA fingerprinting was first used by Alec Jeffreys in a criminal case for detecting:
- A. Immigration purpose
- B. Disputed paternity
- C. Murder
- D. Rape (Correct Answer)
Mobile Device Forensics Explanation: ***Rape***
- **Alec Jeffreys** first applied DNA fingerprinting in 1986 to solve the **Narborough murders case** in Leicestershire, UK.
- The technique was used to analyze **semen samples** from two rape-murder victims (1983 and 1986), linking them to a single perpetrator.
- The **DNA evidence from semen** (sexual assault evidence) was the key forensic material that demonstrated the power of DNA fingerprinting in criminal investigation.
- This led to the conviction of **Colin Pitchfork** in 1988, marking the first use of DNA profiling to solve a criminal case.
*Immigration purpose*
- While DNA fingerprinting is used for immigration cases to confirm family relationships, this was **not its initial application** by Jeffreys.
- Its use in immigration came later, after its breakthrough in criminal forensics.
*Disputed paternity*
- Paternity testing is a common application of DNA fingerprinting, but it was **not the first criminal case** where Jeffreys demonstrated its utility.
- The technique's power in establishing biological relationships was recognized after its initial use in criminal investigations.
*Murder*
- While the Narborough case did involve murders, the question focuses on what was **detected through DNA evidence**.
- The DNA profiling was performed on **semen samples** (rape evidence), not on evidence directly proving murder.
- The forensic breakthrough was in linking the sexual assault evidence to the perpetrator, which then solved the murder cases.
Mobile Device Forensics Indian Medical PG Question 4: In the context of Indian law, what is the legal classification of the first offense of stalking?
- A. Cognizable and bailable under Indian law (Correct Answer)
- B. Non-cognizable and bailable under Indian law
- C. Non-cognizable and non-bailable under Indian law
- D. Cognizable and non-bailable under Indian law
Mobile Device Forensics Explanation: ***Cognizable and bailable under Indian law***
- Under Section 354D of the **Indian Penal Code (IPC)**, the **first offense** of stalking is classified as **cognizable and bailable**.
- **Cognizable** means a police officer can arrest the accused without a warrant and begin investigation without magistrate's permission.
- **Bailable** means the accused has an automatic right to be released on bail.
- First offense carries punishment of imprisonment up to **3 years** and fine.
- **Note:** Subsequent offenses become **non-bailable** with imprisonment up to 5 years.
*Non-cognizable and bailable under Indian law*
- This is incorrect as the first offense of stalking is **cognizable**, not non-cognizable.
- If it were non-cognizable, police would require a **magistrate's order** to investigate and arrest.
*Non-cognizable and non-bailable under Indian law*
- Both classifications are incorrect for the first offense.
- The first offense of stalking is **cognizable and bailable**, not non-cognizable and non-bailable.
*Cognizable and non-bailable under Indian law*
- While correctly identifying the cognizable nature, this incorrectly classifies the first offense as non-bailable.
- **Non-bailable** classification applies only to **subsequent offenses** of stalking under Section 354D IPC.
- For first offense, bail is a matter of right, not court discretion.
Mobile Device Forensics Indian Medical PG Question 5: DNA fingerprinting is used for paternity testing and forensic identification of suspects. Which of the following is the most accurate description of DNA fingerprinting?
- A. DNA is isolated from blood, skin, or sperm and its fragment size distribution is analyzed by gel electrophoresis
- B. DNA can be isolated from blood, skin, or sperm and analyzed for variable patterns of restriction fragments arising from tandemly repeated sequences (microsatellites) (Correct Answer)
- C. DNA is isolated from blood, skin, or sperm and hybridized with probes from the HLA locus to visualize HLA gene patterns
- D. DNA is copied from blood, skin, or sperm RNA using reverse transcriptase and analyzed for the pattern of complementary DNAs
Mobile Device Forensics Explanation: ***DNA can be isolated from blood, skin, or sperm and analyzed for variable patterns of restriction fragments arising from tandemly repeated sequences (microsatellites)***
- **DNA fingerprinting**, also known as **DNA profiling**, primarily relies on the analysis of highly variable regions of DNA, specifically **tandemly repeated sequences** like microsatellites or STRs (short tandem repeats).
- These regions exhibit individual-specific variation in the number of repeats, which, when cut by **restriction enzymes**, produce fragments of varying lengths, generating a unique **restriction fragment length polymorphism (RFLP)** pattern.
*DNA is isolated from blood, skin, or sperm and its fragment size distribution is analyzed by gel electrophoresis*
- While **gel electrophoresis** is a part of the process to separate DNA fragments by size, this option is incomplete as it doesn't specify *what* fragments are being analyzed or *why* they differ between individuals.
- The crucial aspect of DNA fingerprinting is the analysis of **variable short tandem repeats (STRs)** or **variable number tandem repeats (VNTRs)**, which generate these distinct fragment sizes.
*DNA is isolated from blood, skin, or sperm and hybridized with probes from the HLA locus to visualize HLA gene patterns*
- **HLA (Human Leukocyte Antigen)** typing is used for tissue matching in transplantation and for studying autoimmune diseases, but it is **not the primary method** for DNA fingerprinting in paternity or forensic cases.
- While HLA genes are polymorphic, the specific patterns examined in DNA fingerprinting are typically **non-coding repetitive sequences** which are more variable and less complex to interpret for individual identification.
*DNA is copied from blood, skin, or sperm RNA using reverse transcriptase and analyzed for the pattern of complementary DNAs*
- **DNA fingerprinting** directly analyzes **genomic DNA**, not RNA. The process of reverse transcribing RNA into cDNA is typically used for studying gene expression.
- **RNA is less stable** than DNA and does not contain the same highly variable **repetitive sequences** (like STRs or VNTRs) that are fundamental to DNA fingerprinting.
Mobile Device Forensics Indian Medical PG Question 6: Which is NOT a method of crime scene search?
- A. Grid method
- B. Quadrant method
- C. Strip search method
- D. Vehicle search method (Correct Answer)
Mobile Device Forensics Explanation: ***Vehicle search method***
- A vehicle search method is not a recognized technique for **crime scene investigation** or for searching an area for evidence.
- While vehicles may be searched *at* a crime scene, "vehicle search method" does not refer to a systematic general **crime scene search pattern**.
*Grid method*
- The **grid method** is a highly thorough search pattern that involves two passes over an area, typically in perpendicular directions.
- It is effective for ensuring no evidence is missed, especially in **large outdoor scenes**.
*Quadrant method*
- The **quadrant method**, also known as the **zone method**, divides a crime scene into smaller, manageable sections or "quadrants."
- This method is particularly useful for **large or complex scenes** where multiple searchers can be assigned to different zones.
*Strip search method*
- The **strip search method**, also known as the **lane search method**, involves searchers moving in parallel lines across an area.
- It is effective for **large outdoor scenes** and for systematically covering a wide area.
Mobile Device Forensics Indian Medical PG Question 7: Which of the following is a third generation intrauterine device?
- A. TCu-380A (Correct Answer)
- B. Cu-7
- C. TCu-200
- D. Progestasert
Mobile Device Forensics Explanation: **TCu-380A**
- The **TCu-380A** is a copper-containing intrauterine device designed with a T-shape and has a surface area of 380 mm² of copper.
- It is classified as a **third-generation IUD** due to its enhanced design and higher copper content, providing greater contraceptive efficacy and a longer duration of action compared to older models.
*Cu-7*
- The **Cu-7** is a first-generation copper IUD, characterized by its "7-shaped" design and lower copper content.
- It had a shorter lifespan and lower efficacy compared to later generations of copper IUDs.
*TCu-200*
- The **TCu-200** is a second-generation copper IUD, a T-shaped device with 200 mm² of copper surface area.
- While improved over first-generation devices, it offered less longevity and efficacy than the current third-generation models.
*Progestasert*
- **Progestasert** was one of the first hormone-releasing IUDs, releasing progesterone.
- It is significantly different from copper IUDs and is not classified among the copper-containing generations; it had a shorter lifespan and less common use today compared to modern levonorgestrel-releasing IUDs.
Mobile Device Forensics Indian Medical PG Question 8: A physician is accused of death threats via anonymous email. Investigation reveals the email was sent through multiple proxy servers and TOR network from a public WiFi location. The suspect's home computer shows no direct evidence. Evaluate which combination of digital artifacts would MOST conclusively link the suspect to the anonymous communication?
- A. TOR browser installation artifacts, typing pattern analysis (keystroke dynamics), linguistic stylometry of email content, correlation with suspect's known writings, WiFi connection logs on suspect's devices matching crime timeframe, and browser artifacts showing proxy/anonymizer research preceding the incident (Correct Answer)
- B. IP address logs from public WiFi and timestamp correlation alone
- C. Eyewitness testimony of suspect's presence at WiFi location
- D. Confession obtained during interrogation
Mobile Device Forensics Explanation: ***TOR browser installation artifacts, typing pattern analysis (keystroke dynamics), linguistic stylometry of email content, correlation with suspect's known writings, WiFi connection logs on suspect's devices matching crime timeframe, and browser artifacts showing proxy/anonymizer research preceding the incident***
- This multimodal approach establishes a link by combining **behavioral biometrics** (keystroke dynamics and stylometry) with **forensic artifacts** (TOR installation and research) to overcome the technological anonymity provided by several proxy layers.
- Evidence of **premeditation** (researching anonymizers) and **temporal-spatial correlation** (WiFi logs matching the crime scene) provides the high level of certainty required for legal attribution in digital forensics.
*IP address logs from public WiFi and timestamp correlation alone*
- While this places a device at the location, it fails to account for **TOR network masking**, which hides the original source IP from external logs.
- **IP addresses** alone are insufficient for definitive attribution, as they do not identify the specific user behind the terminal or account for MAC address spoofing.
*Eyewitness testimony of suspect's presence at WiFi location*
- Presence at a public location is **circumstantial** and does not prove that the suspect was the individual interacting with the specific digital service at that time.
- Testimony is subject to **human error and bias**, lacking the objective scientific rigor found in **digital footprint analysis** and linguistic fingerprints.
*Confession obtained during interrogation*
- Confessions may be **retracted or ruled inadmissible** if any procedural errors or coercion are alleged during the interrogation process.
- Without **corroborating digital evidence**, a confession alone lacks the technical proof necessary to explain how the suspect bypassed complex security and **anonymization protocols**.
Mobile Device Forensics Indian Medical PG Question 9: A hospital's electronic medical records system was allegedly tampered with to alter a patient's medication history before a medico-legal case. The accused claims system errors caused the changes. Multiple users have access. How would you BEST establish intentional tampering versus system malfunction?
- A. Rely on testimony of IT administrator alone
- B. Compare only the final version with the original record
- C. Check only the current database entries for inconsistencies
- D. Correlate database transaction logs with user authentication logs, audit trails, system logs, and backup differentials to establish specific user actions, timing patterns inconsistent with normal workflow, and evidence of privilege escalation or unauthorized access (Correct Answer)
Mobile Device Forensics Explanation: ***Correlate database transaction logs with user authentication logs, audit trails, system logs, and backup differentials to establish specific user actions, timing patterns inconsistent with normal workflow, and evidence of privilege escalation or unauthorized access***
- Intentional tampering is best proven by correlating **multi-source forensic data**, which identifies specific **user-linked actions** that deviate from automated system processes.
- Unlike system glitches, which appear as random or non-specific patterns, deliberate modification is evidenced by **targeted SQL queries**, **privilege escalation**, or changes occurring during unauthorized login sessions.
*Rely on testimony of IT administrator alone*
- Forensic evidence must be **objective and verifiable**; subjective testimony is insufficient for high-level medico-legal cases without technical proof.
- An administrator may have **conflicts of interest** or lack the specific technical data needed to distinguish between a hardware fault and a malicious act.
*Compare only the final version with the original record*
- Comparing versions reveals *that* a change occurred, but it fails to show **how, when, or by whom** the modification was made.
- This method cannot differentiate between a **legitimate clinical update**, an automated system synchronization error, or manual tampering.
*Check only the current database entries for inconsistencies*
- Looking at current entries provides only a **static view** of the data and does not capture the **chronological sequence** of events required for forensic reconstruction.
- Inconsistencies could be blamed on **bug-ridden software** or data corruption unless a full **audit trail** links those inconsistencies to specific user accounts.
Mobile Device Forensics Indian Medical PG Question 10: An autopsy surgeon receives a laptop allegedly containing child pornography. Initial examination shows no illegal images in accessible folders, but forensic tools detect suspicious encrypted container files. Anti-forensic timestamp manipulation is suspected. Which analytical approach would provide the MOST legally defensible evidence?
- A. Interview suspect first before digital analysis
- B. Screenshot visible content and prepare report
- C. Decrypt containers and rely solely on file content analysis
- D. Hash comparison against known illegal image databases, analysis of file system journals, examination of thumbnail cache and temporary internet files, coupled with entropy analysis of encrypted containers (Correct Answer)
Mobile Device Forensics Explanation: ***Hash comparison against known illegal image databases, analysis of file system journals, examination of thumbnail cache and temporary internet files, coupled with entropy analysis of encrypted containers***
- This approach is most defensible because **hash values** provide unique digital signatures that match against known databases (like **NCMEC**) without needing to view every image.
- **File system journals** and **thumbnail caches** provide objective proof of possession and usage history that bypasses manual **timestamp manipulation**.
*Interview suspect first before digital analysis*
- Interviewing before securing a **forensic image** of the data risks the suspect remotely wiping or destroying evidence via **kill switches**.
- Digital evidence must be preserved and analyzed objectively before testimony to maintain a solid **chain of custody**.
*Screenshot visible content and prepare report*
- Screenshots do not capture **metadata** or hidden data, and they are easily challenged in court as they do not prove the **integrity** of the original file.
- This method ignores the **encrypted containers**, failing to address the primary locations where illegal material is likely hidden.
*Decrypt containers and rely solely on file content analysis*
- Relying only on content analysis might fail if encryption keys cannot be recovered or if the suspect claims the files were **planted**.
- This narrow approach lacks the corroborating evidence provided by **entropy analysis** and **internet temporary files** which show the intent and history of the user's actions.
More Mobile Device Forensics Indian Medical PG questions available in the OnCourse app. Practice MCQs, flashcards, and get detailed explanations.