Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC GASF Practice Exam with Questions & Answers

Questions 1

Based on the image below, which file system is being examined?

GASF Question 1

Options:
A.

Chinese knock-off

B.

Windows

C.

Android

D.

Blackberry

GIAC GASF Premium Access
Questions 2

What information can you determine by reviewing the (bp2p) file from a BlackBerry OS10 handset?

GASF Question 2

Options:
A.

Cloud accounts

B.

Bluetooth pairings

C.

Paired computers

D.

Connected Wireless Access points

Questions 3

Which of the following is a unique 56 bit number assigned to a CDMA handset?

Options:
A.

Mobile Station International Subscriber Directory Number (MSISDN)

B.

Electronic Serial Number (ESN)

C.

International Mobile Equipment Identifier (IMEI)

D.

Mobile Equipment ID (MEID)

Questions 4

What is the extension used for BlackBerry 10 backup files?

Options:
A.

.APK

B.

.BBB

C.

.ZIP

D.

.IPD

Questions 5

Where would an examiner find evidence of an iOS update to device from one version to another?

Options:
A.

NOR memory

B.

System partition

C.

Data partition

D.

SIM card

Questions 6

Which file will indicate if Siri was active on an iOS device?

Options:
A.

private/var/Library/Preferences/com.apple.suggestions.plist

B.

private/var/Library/SpringBoard/PushStore/com.apple.reminders.pushstore

C.

private/var/Library/Preferences/com.apple.SpeakSelection.plist

D.

private/var/Library/Preferences/com.apple.SiriViewService.plist

Questions 7

In addition to the device passcode, what other essential piece of information is most often required in order to decrypt the contents of BlackBerry OS 10 handsets?

Options:
A.

BlackBerry Blend username/pin

B.

BlackBerry Balance username/password

C.

BlackBerry Link ID/password

D.

BBM pin

Questions 8

An analyst is reviewing the contents of a media card that was found without an associated device. Based on the image below, with which mobile device is it most likely that this device was once paired?

GASF Question 8

Options:
A.

Android smartphone

B.

Chinese Knock-off

C.

Legacy BlackBerry

D.

Nokia device running Symbian OS

Questions 9

What is often more of a challenge with mobile forensics than other areas of forensics?

Options:
A.

Analysis and Reporting of Information

B.

Isolation of devices

C.

Identification of evidence

D.

Evidence collection

Questions 10

The files pictured below from a BlackBerry OS10 file system have a unique file extension.

GASF Question 10

What can be concluded about these files?

Options:
A.

Files are protected by the file system, so changing the file system makes them less accessible

B.

Files are encrypted to prevent them from being viewed without the decryption key

C.

Files are encoded for secure transmitting of data

D.

Files are located on a media card so they contain a unique file extension

Exam Code: GASF
Certification Provider: GIAC
Exam Name: GIAC Advanced Smartphone Forensics
Last Update: Sep 12, 2025
Questions: 75

How to Pass GASF Exams

PDF + Testing Engine
$164.99
$66
Add to Cart
Testing Engine
$124.99
$50
Add to Cart
PDF (Q&A)
$104.99
$42
Add to Cart

GIAC Related Exams

How to pass GIAC GCED - GIAC Certified Enterprise Defender Exam
GCCC - GIAC Critical Controls Certification (GCCC)
GPPA - GIAC Certified Perimeter Protection Analyst
GPYC - GIAC Python Coder (GPYC)
GCFR - GIAC Cloud Forensics Responder (GCFR)
GSNA - GIAC Systems and Network Auditor
GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET
GCFW - GIAC Certified Firewall Analyst
GICSP - Global Industrial Cyber Security Professional (GICSP)
GISP - GIAC Information Security Professional
G2700 - GIAC Certified ISO-2700 Specialist Practice Test
GCFA - GIACCertified Forensics Analyst
GSEC - GIAC Security Essentials
GCIH - GIAC Certified Incident Handler
GSSP-Java - GIAC Secure Software Programmer – Java
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.