CertsTopics Logo

Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium GIAC GASF Dumps Questions Answers

Page: 1 / 3
Total 75 questions
Get GASF Full Access Download GASF PDF

GIAC Advanced Smartphone Forensics Questions and Answers

Question 1

Which of the following files provides the most accurate reflection of the device’s date/timestamp related to the

last device wipe?

Options:

A.

/private/var/mobile/Library/AddressBook/AddressBook.sqlitedb

B.

/private/var/mobile/Applications/com.apple.mobilesafari/Library/history.db

C.

/private/var/mobile/Applications/com.viber/Library/Prefernces/com.viber.plist

D.

/private/var/mobile/Applications/net.whatsapp.WhatsApp/Library/pw.dat

Buy Now
Question 2

What is the essential piece of information is most often required in order to decrypt the contents of BlackBerry OS 10 handsets?

Options:

A.

BlackBerry Blend username/pin

B.

BlackBerry Balance username/password

C.

BlackBerry Link ID/password

D.

BBM pin

Question 3

Which cloud based system can be utilized by Android owners to backup user data?

Options:

A.

Amazon Web Services (AWS)

B.

Samsung Kies

C.

Android Device Manager

D.

Google

Question 4

What type of storage does an iOS device use for user data?

Options:

A.

SSD

B.

SIM

C.

NAND

D.

NOR

Question 5

Using an emulator and running an application through a series of processes to figure out how it would behave on an actual device is called:

Options:

A.

Forensic analysis

B.

Dynamic analysis

C.

Web analysis

D.

Static analysis

Question 6

As part of your analysis of a legacy BlackBerry device, you examine the installed applications list and it

appears that no third-party applications were installed on the device. Which other file may provide you with additional information on applications that were accessed with the handset?

Options:

A.

BlackBerry NV Items

B.

Content Store

C.

Event logs

D.

BBThumbs.dat

Question 7

What does access to iOS DFU mode provide an examiner?

Options:

A.

Ability to decrypt the SD card of a Symbian device

B.

Ability to acquire the info.mkf file on a Blackberry device and brute force the password

C.

Ability to root an Android device and perform a physical acquisition

D.

Ability to bypass the lock screen of an older iOS device

Question 8

While conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?

Options:

A.

HFS

B.

NTFS

C.

Yaffs2

D.

FAT

Question 9

Which file, located on the Android file system, may be examined to correlate files related to external SD cards that were once used in an Android device?

Options:

A.

Internal.db

B.

Main.db

C.

DataManager. Db

D.

external.db

Question 10

Which of the following is one potential risk of using the ALWAYS OFF rule for handling cell phones?

Options:

A.

Overwriting data

B.

Engaging password or PIN protection mechanism

C.

Destruction of call logs and cell tower information

D.

Improper handling by the user

Question 11

Which of the following items is found in the Kernel Space for an iOS device?

Options:

A.

Cocoa Touch framework

B.

System Area

C.

Applications

D.

Core Services

Exam Detail
Vendor: GIAC
Certification: Security Certification: GASF
Exam Code: GASF
Exam Name: GIAC Advanced Smartphone Forensics
Last Update: Nov 21, 2024
GASF Question Answers
Page: 1 / 3
Total 75 questions
Get GASF Full Access Download GASF PDF