GASF exam is a hot one of GIAC certification. GASF focuses on the skills you master to "outsmart" the mobile device; successfully obtaining the evidence mobile devices can contain in a forensically sound manner. We have cracked the latest GIAC Advanced Smartphone Forensics GASF exam dumps, which are the best material for you to prepare the test. Besides, the official GIAC GASF exam information, objectives and exam dumps are also important in the preparation.
GIAC GASF Exam Information
GASF Certification assures that you demonstrate an understanding of the fundamentals of mobile forensics, device file system analysis, mobile application behavior, event artifact analysis and the identification and analysis of mobile device malware.
Number of Questions: 75
Time limit: 2 hours
Passing Score: 69%
GIAC GASF Exam Certification Objectives
The following contents are covered in the GIAC GASF exam certification objectives.
Android Backup and Cloud Storage Forensics
Android Device Forensics and Analysis of File System, Evidence Locations and User Activity
iOS Backup and Cloud Storage Forensics
iOS Device Forensics and Analysis of File System, Evidence Locations and User Activity
Mobile Forensics Introduction
Mobile Malware and Spyware Detection and Analysis
Third-party Application Artifact Analysis
Third-party Application Forensics Introduction
Practice GIAC GASF Exam Dumps Questions
GIAC Advanced Smartphone Forensics GASF exam dumps questions can help you test the above objectives. Share some latest GIAC GASF exam dumps questions and answers below.
1.What are the three components that make up the International Mobile Subscriber Identity (IMSI)?
A. Mobile Station International Subscriber Directory Number (MSISDN), Mobile Network Code (MNC), Mobile Station Identification Number (MSIN)
B. Subscriber Identity Module (SIM), Mobile Station International Subscriber Directory Number (MSISDN), Mobile Network Code (MNC)
C. Mobile Country Code (MCC), Mobile Network Code (MNC), Mobile Station Identification Number (MSIN)
D. Mobile Country Code (MCC), Mobile Station International Subscriber Directory Number (MSISDN), Integrated Circuit Card Identification (ICCID)
Answer: C
2.What will happen when a user creates an encrypted backup of their personal iPhone on their work computer then later performs a backup to their personal computer at home?
A. The user will not be able to create the backup until they have deleted the original on their work computer
B. The user will be required to enter a new backup password on their personal computer
C. The user will be required to enter their backup password to start the backup process
D. The user will not need to enter a password on the personal computer
Answer: C
3.What is a risk to the security of an iPhone backup if the user selects to set a password and encrypt their backup?
A. The keychain is not captured with the backup and the password can be recovered from the Info.plist file
B. The clear text password will be cached in the user’s keychain and can be recovered searching the user’s keychain
C. The data is encrypted using a strong key but the password is saved to a file which is encoded using Base64, which is easily reversible
D. The backup file is encrypted and a copy of the keychain is saved in a local file which may be attacked using brute force tools
Answer: D
4.When analyzing the WhatsApp timestamp “1461184912” in iOS what timestamp conversion should be used?
A. Chrome
B. Webkit
C. UNIX Epoch
D. Mac Absolute
Answer: C
5.The jTAG method is designed to acquire data through which of the following?
A. Chip-level access
B. Twister box with RJ45 connection
C. Test Access Ports (TAPs)
D. Chip-level access USB connection
Answer: C