Free Preparation Discussions
MENU
GIAC Certified Forensics Analyst Exam
- Topic 1: Demonstrate an understanding of abnormal activity within the structure of Windows memory/ Demonstrate an understanding of core structures of the Windows filesystems
- Topic 2: Demonstrate an understanding of the methodology required to collect and process timeline data from a Windows systems/ Identification of Normal System and User Activity
- Topic 3: Demonstrate an understanding of Windows system artifacts and how to collect and analyze data/ Demonstrate an understanding of how and when to collect volatile data from a system
- Topic 4: Demonstrate an understanding of abnormal activity within the structure of Windows memory/ Demonstrate an understanding of the techniques required
- Topic 5: Demonstrate an understanding of the Windows filesystem time structure/ Demonstrate an understanding of the techniques required to identify, document
- Topic 6: Differentiate normal and abnormal system and user activity using memory and disk resident artifacts/ Volatile Data Artifact Analysis of Windows Events
- Topic 7: Identify artifacts such as malicious processes, suspicious drivers and malware techniques such as code injection and rootkits/ Identify and document indicators of compromise on a systems
Free GIAC GIAC Certified Forensics Analyst Exam Actual Questions
Note: Premium Questions for GIAC Certified Forensics Analyst were last updated On Apr. 29, 2024 (see below)
Adrian, the Network Administrator for Peach Tree Inc., wants to install a new computer on the company's network. He asks his assistant to make a boot disk with minimum files. The boot disk will be used to boot the computer, which does not have an operating system installed, yet. Which of the following files will he include on the disk?
Which of the following file attributes are not available on a FAT32 partition?
Each correct answer represents a complete solution. Choose two.
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!