The purpose of this Sample Question Set is to provide you with information about the GIAC Advanced Smartphone Forensics (GASF) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the GASF certification test. To get familiar with real exam environment, we suggest you try our Sample GIAC GASF Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual GIAC Advanced Smartphone Forensics (GASF) certification exam.
These sample questions are simple and basic questions that represent likeness to the real GIAC Advanced Smartphone Forensics exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium GIAC GASF Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
GIAC GASF Sample Questions:
01. SQLite databases used by applications store structured data, and they have the extension ____________.
a) .db
b) .sql
c) .data
d) .table
02. During Android forensics, what can be extracted from the device's cache partition?
(Select all that apply)
a) App data
b) Temporary files
c) System logs
d) User photos
03. What type of data is commonly found in the "Call History" section of an iOS backup?
a) App installation records
b) GPS location history
c) Text messages
d) Call logs
04. How would an examiner review items deleted from a SQLITE database?
a) Using a Hex Viewer
b) Converting the database to a txt file
c) Reviewing the file header
d) Selecting the raw data from the table
05. When conducting Android device forensics, which file systems may be encountered on the device?
(Select all that apply)
a) NTFS
b) HFS+
c) FAT32
d) EXT4
06. In iOS backup forensics, what data can be found in the "Keychain" component of a backup?
a) App data
b) System logs
c) SMS messages
d) Wi-Fi passwords
07. What is "rooting" in the context of Android mobile forensics?
a) A file compression technique
b) Gaining superuser access to the device's operating system
c) A method to analyze iOS device backups
d) A term for tracking a lost device's location
08. Which type of file system permission can hinder the extraction of data from Android devices?
(Select all that apply)
a) Read
b) Write
c) Execute
d) Hidden
09. When analyzing third-party application artifacts, what is "metadata," and why is it significant?
a) Metadata is the main app executable file.
b) Metadata refers to data about the app's performance.
c) Metadata is information about the app's data, such as timestamps and file properties.
d) Metadata indicates the app's version number.
10. To access cloud data from an Android device, forensic experts often need to obtain a:
a) SIM card
b) Warrant
c) Physical access to the device
d) Google Drive app
Answers:
Question: 01
Answer: a |
Question: 02
Answer: b, c |
Question: 03
Answer: d |
Question: 04
Answer: a |
Question: 05
Answer: c, d |
Question: 06
Answer: d |
Question: 07
Answer: b |
Question: 08
Answer: a, b, c |
Question: 09
Answer: c |
Question: 10
Answer: b |
Note: For any error in GIAC Advanced Smartphone Forensics (GASF) certification exam sample questions, please update us by writing an email on feedback@edusum.com.
