Free Preparation Discussions
MENU
GIAC Certified Forensics Analyst Exam
- Topic 1: Demonstrate an understanding of abnormal activity within the structure of Windows memory/ Demonstrate an understanding of core structures of the Windows filesystems
- Topic 2: Demonstrate an understanding of the methodology required to collect and process timeline data from a Windows systems/ Identification of Normal System and User Activity
- Topic 3: Demonstrate an understanding of Windows system artifacts and how to collect and analyze data/ Demonstrate an understanding of how and when to collect volatile data from a system
- Topic 4: Demonstrate an understanding of abnormal activity within the structure of Windows memory/ Demonstrate an understanding of the techniques required
- Topic 5: Demonstrate an understanding of the Windows filesystem time structure/ Demonstrate an understanding of the techniques required to identify, document
- Topic 6: Differentiate normal and abnormal system and user activity using memory and disk resident artifacts/ Volatile Data Artifact Analysis of Windows Events
- Topic 7: Identify artifacts such as malicious processes, suspicious drivers and malware techniques such as code injection and rootkits/ Identify and document indicators of compromise on a systems
Free GIAC GIAC Certified Forensics Analyst Exam Actual Questions
The questions for GIAC Certified Forensics Analyst were last updated On Apr. 12, 2024
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose two.
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!