Mobile Forensics
Mobile Forensics (اَلْعَرَبِيَّةُ)
Mobile ForensicsMobile Forensics (Español)Análise Forense Rápida (Português)Mobile Forensics (Français)Mobile Forensics (اَلْعَرَبِيَّةُ)
Mobile Forensics (اَلْعَرَبِيَّةُ)
Mobile ForensicsMobile Forensics (Español)Análise Forense Rápida (Português)Mobile Forensics (Français)Mobile Forensics (اَلْعَرَبِيَّةُ)
  • Introduction
  • Preparations
    • Knowledge
    • Safety
    • Trust
    • Backup
  • Methodology
  • التحقق من أجهزة الكمبيوتر التي تعمل بنظام ويندوز (Windows)
    • فحص البرامج التي تبدأ مع تمهيد تشغيل الكمبيوتر
    • فحص العمليات قيد التشغيل
    • مراجعة اتصالات الشبكة
    • استخراج البيانات لإجراء تحليل إضافي
  • Checking Mac Computers
    • Review Programs Launching at Startup
    • Review Running Processes
    • Review Kernel Extensions
    • Review Network Connections
    • Review XProtect Logs
    • Extract Data for Further Analysis
  • فحص الهواتف الذكية
    • ملاحظة: المنهج
    • بنية نظام الهاتف الذكي
    • فحص الأجهزة المرتبطة بتطبيقات الدردشة
    • التحقق من الرسائل المشبوهة
    • مراقبة حركة المرور على الشبكة
    • ملاحظة: مراقبة حركة مرور الشبكة على لينوكس (Linux)
  • Checking Android Devices Basic
    • Review Installed Applications
    • Check Storage
    • Check if the Phone is under Android Device Policy
    • Check if the Phone is Rooted
    • Check if Developer Options is Enabled
    • Analyze Applications
    • Extract Data for Further Analysis
    • Optional : Check for Indicators of Stalkerware Installation
  • Checking Android Devices Advanced
    • Wireshark
    • MVT
    • Other Tools
  • Checking iOS Devices
    • Review iCloud Accounts
    • Review Installed Applications
    • Check for Mobile Device Management Profiles
    • Check for Shortcuts
    • Check for Jailbreaks
    • Enable and Check App Privacy Report
    • Extract Data for Further Analysis
    • Analyzing Extracted Data
    • About Lockdown Mode
  • Checking Devices Remotely
    • Mac Computers
    • Android
  • Concluding a Forensic Gathering
  • References and Further Learning
  • License and Credits
Powered by GitBook
On this page
  1. Checking Android Devices Basic

Check if the Phone is under Android Device Policy

The Device Administrators feature allows an organization (usually companies employing the device owner) to remotely administer the device, such as to remotely wipe data when the device is stolen. However, this remote functionality can also be abused by an attacker to steal user data.

Go to Settings > Security > Device Administrators and make sure that none is enabled.

If the Android Device Policy app is installed and enabled in the above setting, make sure the Google Workspace domain that is managing the device is trusted. To do this, check signed-in Google accounts on the device (if they are under trusted Google Workspace domain).

PreviousCheck StorageNextCheck if the Phone is Rooted

Last updated 2 months ago