PDF GASF Study Guide

GIAC Advanced Smartphone Forensics Questions and Answers

Question 5

Using an emulator and running an application through a series of processes to figure out how it would behave on an actual device is called:

Options:

Forensic analysis

Dynamic analysis

Web analysis

Static analysis

Question 6

As part of your analysis of a legacy BlackBerry device, you examine the installed applications list and it

appears that no third-party applications were installed on the device. Which other file may provide you with additional information on applications that were accessed with the handset?

Options:

BlackBerry NV Items

Content Store

Event logs

BBThumbs.dat

Question 7

What does access to iOS DFU mode provide an examiner?

Options:

Ability to decrypt the SD card of a Symbian device

Ability to acquire the info.mkf file on a Blackberry device and brute force the password

Ability to root an Android device and perform a physical acquisition

Ability to bypass the lock screen of an older iOS device

Question 8

While conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?

Options:

HFS

NTFS

Yaffs2

FAT

Halloween Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

GIAC Advanced Smartphone Forensics Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer: