Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home GIAC GASF

GIAC GASF Exam Practice Questions (P. 4)

  • Full Access (71 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #16
Where can an analyst find data to provide additional artifacts to support the evidence in the highlighted file?

  1. A
    internal.db-wal
  2. B
    browser2.db
  3. C
    sysmon2.db-shm
  4. D
    external.db

Correct Answer:
A

Question #17
Which of the following is a unique 56 bit number assigned to a CDMA handset?
  1. A
    Mobile Station International Subscriber Directory Number (MSISDN)
  2. B
    Electronic Serial Number (ESN)
  3. C
    International Mobile Equipment Identifier (IMEI)
  4. D
    Mobile Equipment ID (MEID)

Correct Answer:
D
The Mobile Equipment ID (MEID), also found under the battery cover, is a 56 bit number which replaced the ESN due to the limited number of 32 bit
ESN numbers. The MEID is listed in hex, where the first byte is a regional code, next three bytes are a manufacturer code, and remaining three bytes are a manufacturer-assigned serial number.
Reference:
https://sites.google.com/site/bbayles/index/cdma_hardware_id

Question #18
Which of the following files provides the most accurate reflection of the device’s date/timestamp related to the last device wipe?
  1. A
    /private/var/mobile/Library/AddressBook/AddressBook.sqlitedb
  2. B
    /private/var/mobile/Applications/com.apple.mobilesafari/Library/history.db
  3. C
    /private/var/mobile/Applications/com.viber/Library/Prefernces/com.viber.plist
  4. D
    /private/var/mobile/Applications/net.whatsapp.WhatsApp/Library/pw.dat

Correct Answer:
A

Question #19
Which of the following is the term for the SMS malware that sends text messages to a premium number generating large service bills for the user of the targeted device?
  1. A
    Trojan
  2. B
    Adware
  3. C
    Potentially unwanted applications
  4. D
    Click bait

Correct Answer:
A
Reference:
https://pdfs.semanticscholar.org/7f33/9156f47345bd102c9b05f45f9bfe4c182720.pdf

Question #20
When examining the iOS device shown below the tool indicates that there are 4 chat messages recovered from the device. Which of the following locations may contain additional chat information?

  1. A
    Memory ranges from a physical dump of the device
  2. B
    Databases installed and maintained by the application
  3. C
    Internet history plist files found in logical acquisitions
  4. D
    IP connections used by the application

Correct Answer:
B

Previous Questions Next Questions

All Pages