Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GIAC Security Certification: GASF GASF Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GASF Premium Access

View all detail and faqs for the GASF exam

Go to Exam

815 Students Passed

92% Average Score

93% Same Questions
Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
Questions # 11:

Which of the following files provides the most accurate reflection of the device’s date/timestamp related to the

last device wipe?

Options:

A.

/private/var/mobile/Library/AddressBook/AddressBook.sqlitedb

B.

/private/var/mobile/Applications/com.apple.mobilesafari/Library/history.db

C.

/private/var/mobile/Applications/com.viber/Library/Prefernces/com.viber.plist

D.

/private/var/mobile/Applications/net.whatsapp.WhatsApp/Library/pw.dat

Questions # 12:

Exhibit:

Question # 12

Where can an analyst find data to provide additional artifacts to support the evidence in the highlighted file?

Options:

A.

internal.db-wal

B.

browser2.db

C.

sysmon2.db-shm

D.

external.db

Questions # 13:

Where would an examiner find evidence of an iOS update to device from one version to another?

Options:

A.

NOR memory

B.

System partition

C.

Data partition

D.

SIM card

Questions # 14:

Examine the unpacked Android application below. Which important file, resident in most Android applications, is missing?

Question # 14

Options:

A.

dalvik-cache

B.

classes.dex

C.

com.skype.raider-1.apk

D.

classes-dex2jar.jar

Questions # 15:

What is the extension used for BlackBerry 10 backup files?

Options:

A.

.APK

B.

.BBB

C.

.ZIP

D.

.IPD

Questions # 16:

Which file type below is commonly associated with locational data and is an export option from within

Cellebrite Physical Analyzer and XRY to provide detailed visual output of geographic information?

Options:

A.

.plist

B.

.kml

C.

.xry

D.

.ipa

Questions # 17:

Which of the following is the term for the SMS malware that sends text messages to a premium number

generating large service bills for the user of the targeted device?

Options:

A.

Trojan

B.

Adware

C.

Potentially unwanted applications

D.

Click bait

Questions # 18:

While conducting forensic analysis of an associated media card, one would most often expect to find this particular file system format?

Options:

A.

HFS

B.

NTFS

C.

Yaffs2

D.

FAT

Questions # 19:

What information can be concluded by examining this XML file extracted from an Android device?

Question # 19

Options:

A.

Skype was installed but not utilized on the device

B.

A Skype account was configured and accessed on this device

C.

Skype was launched but a profile was not created

D.

A user logged into Skype with a temporary guest profile

Questions # 20:

What type of acquisition is being examined in the image below?

Question # 20

Options:

A.

iOS bypass lock

B.

Blackberry logical

C.

Android physical

D.

Windows Mobile file system

Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA