Indeed, I’ve been wondering for quite a while about those specifics. Unfortunately, to this date no documentation has been made available to definitively answer the question. There’s good reason to believe Apple has done this right and all blocks (apart from those previously mapped out) are encrypted, but until they confirm we really have no way of being certain.