Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home GIAC GASF

GIAC GASF Exam Practice Questions (P. 3)

  • Full Access (71 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
Which of the following is required in addition to the Apple ID of the custodian to access IOS backup files that are stored in ICloud?
  1. A
    iTunes password
  2. B
    Device passcode
  3. C
    Manifest.plist
  4. D
    Keychain-backup.plist

Correct Answer:
B

Question #12
In 2015, Apples iTunes store was found to be hosting several malicious applications that were infected as a result of hacked version of the developer toolkit used to create applications. Which Apple developer suite was targeted?
  1. A
    Xcode
  2. B
    ADB
  3. C
    Momentics IDE
  4. D
    Xamarin

Correct Answer:
A
Reference:
http://money.cnn.com/2015/09/21/technology/apple-xcode-hack/index.html

Question #13
An Android device user is known to use Facebook to communicate with other parties under examination. There is no evidence of the Facebook application on the phone. If there was Facebook usage where would an examiner expect to find these artifacts?
  1. A
    com.android.chrome/app_chrome/Default/Local Storage
  2. B
    dmappmgr.db
  3. C
    /data/system/packages.xml
  4. D
    AndroidManifest.xml

Correct Answer:
B
Reference:
https://www.ctsforensics.com/assets/news/35550_Web-update.pdf

Question #14
Physical Analyzer provides a function to narrow down a search based on a timestamp, a type, a party or date. What is the name of this advanced searching capability?
  1. A
    Watchlist Editor
  2. B
    Tags
  3. C
    Timeline
  4. D
    Event of Interest

Correct Answer:
C
Physical Analyzer offers the Timeline feature to narrow down what happened on the smartphone during a specific time, type, party, etc. This is commonly used to narrow down time periods. Data that is manually carved will not be shown here. There is also an option to create a custom timeline specification.

Question #15
The files pictured below from a BlackBerry OS10 file system have a unique file extension. What can be concluded about these files?

  1. A
    Files are protected by the file system, so changing the file system makes them less accessible
  2. B
    Files are encrypted to prevent them from being viewed without the decryption key
  3. C
    Files are encoded for secure transmitting of data
  4. D
    Files are located on a media card so they contain a unique file extension

Correct Answer:
A
Reference:
https://forums.crackberry.com/blackberry-q10-f272/protected-media-911023/

Previous Questions Next Questions

All Pages