Weekend Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. GIAC
  3. Security Certification: GASF
  4. GASF
  5. GASF - GIAC Advanced Smartphone Forensics

GIAC GASF GIAC Advanced Smartphone Forensics Exam Practice Test

Page: 1 / 8
Total 75 questions
Get GASF Full Access Download GASF PDF

GIAC Advanced Smartphone Forensics Questions and Answers

Question 1

Which artifact(s) can be extracted from a logical image only if the device the image was acquired from was jailbroken?

Options:

A.

SMS/MMS

B.

Email

C.

Call Logs

D.

Photos

Question 2

Which of the following items is found in the Kernel Space for an iOS device?

Options:

A.

Cocoa Touch framework

B.

System Area

C.

Applications

D.

Core Services

Question 3

In 2015, Apple’s iTunes store was found to be hosting several malicious applications that were infected as a result of hacked version of the developer toolkit used to create applications. Which Apple developer suite was targeted?

Options:

A.

Xcode

B.

ADB

C.

Momentics IDE

D.

Xamarin

Question 4

What is the MAIN difference between a Full Root and a Shell/Soft Root?

Options:

A.

Full root is permanent

B.

Full root Leaves traces behind on the device

C.

Soft root Allows system level access without a password

D.

Soft root Utilizes Shell root

Question 5

An analyst investigating a Nokia S60 Symbian device wants to know if an Adobe Flash file on the handset is compromised.

Question # 5

Which file in the image will best target the Adobe Flash files?

Options:

A.

FLASHLITE.sis

B.

flashliteplugin.r03

C.

saflash.r01

D.

OnlinePrint.sis

Question 6

Examine the file, Bluetooth, what is the name of the device being examined?

Question # 6

Options:

A.

CON

B.

WIN7

C.

CON….M

D.

WIN10

Question 7

You have conducted a keyword search over flash.bin and notice that multiple instances of the same data

appear many times throughout the flash image. What is this an example of?

Options:

A.

Flash Translation Layer (FTL)

B.

Logical Block Addressing (LBA)

C.

NAND degradation

D.

Wear-leveling

Question 8

What is the essential piece of information is most often required in order to decrypt the contents of BlackBerry OS 10 handsets?

Options:

A.

BlackBerry Blend username/pin

B.

BlackBerry Balance username/password

C.

BlackBerry Link ID/password

D.

BBM pin

Question 9

Property list (Plist) files are used by iOS devices to store datA. Which of the file formats below is common to

plist files?

Options:

A.

HTML

B.

SQL

C.

DMG

D.

Binary

Question 10

Which of the following actions described below would populate the suggestions table on an Android phone?

Options:

A.

Google Maps recommends locations, which are cached in the table

B.

Google Maps tracks previously entered destinations by the user

C.

The table contains previously saved or bookmarked destinations

Question 11

Which of the following files provides the most accurate reflection of the device’s date/timestamp related to the

last device wipe?

Options:

A.

/private/var/mobile/Library/AddressBook/AddressBook.sqlitedb

B.

/private/var/mobile/Applications/com.apple.mobilesafari/Library/history.db

C.

/private/var/mobile/Applications/com.viber/Library/Prefernces/com.viber.plist

D.

/private/var/mobile/Applications/net.whatsapp.WhatsApp/Library/pw.dat

Load More GASF Questions 
Page: 1 / 8
Total 75 questions
Get GASF Full Access Download GASF PDF