GIAC GASF GIAC Advanced Smartphone Forensics Online Training
GIAC GASF Online Training
The questions for GASF were last updated at Feb 16,2025.
- Exam Code: GASF
- Exam Name: GIAC Advanced Smartphone Forensics
- Certification Provider: GIAC
- Latest update: Feb 16,2025
Based on the image below, which file system is being examined?
- A . Chinese knock-off
- B . Windows
- C . Android
- D . Blackberry
What type of acquisition is being examined in the image below?
- A . iOS bypass lock
- B . Blackberry logical
- C . Android physical
- D . Windows Mobile file system
Which of the following files contains details regarding the encryption state of an iTunes backup file?
- A . Keychain-backup.plist
- B . Manifest.mbdb
- C . Manifest.plist
- D . Status.plist
In addition to the device passcode, what other essential piece of information is most often required in order to decrypt the contents of BlackBerry OS 10 handsets?
- A . BlackBerry Blend username/pin
- B . BlackBerry Balance username/password
- C . BlackBerry Link ID/password
- D . BBM pin
The device pictured below is in Download Mode to attempt a physical acquisition.
What can be ascertained by viewing the Android boot screen below?
- A . The Android is not rooted
- B . No ROM changes have ever occurred on this device
- C . The Original/Factory ROM is booting
- D . The Original ROM was at one time modified
An analyst investigating a Nokia S60 Symbian device wants to know if an Adobe Flash file on the handset is compromised.
Which file in the image will best target the Adobe Flash files?
- A . FLASHLITE.sis
- B . flashliteplugin.r03
- C . saflash.r01
- D . OnlinePrint.sis
As part of your analysis of a legacy BlackBerry device, you examine the installed applications list and it appears that no third-party applications were installed on the device.
Which other file may provide you with additional information on applications that were accessed with the handset?
- A . BlackBerry NV Items
- B . Content Store
- C . Event logs
- D . BBThumbs.dat
Which artifact must be carved out manually when examining a file system acquisition of an Android device?
- A . Deleted images
- B . Contacts
- C . SMS messages
- D . Phone numbers
When conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?
- A . HFS
- B . NTFS
- C . Yaffs2
- D . FAT
Cellebrite Physical Analyzer uses Bit Defender to scan for malware by flagging files who have known bad hash values.
This is an example of which type of mobile malware detection?
- A . Specific-based malware detection
- B . Signature-based detection
- C . Behavioral-based detection
- D . Cloud based malware detection
Latest GASF Dumps Valid Version with 71 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
