1,653 GCFA Certified Professionals - 197 GCFA Gold

www.giac.org

•  
• Overview
  • Mission Statement
  • FAQ
  • Code of Ethics
  • GIAC Ethics Council
  • Code of Ethics - Violation Submission
  • EEOC Policy
  • Proctor Policy
  • Program Overview (PDF)
  • Contact
• Why GIAC
  Certification Matters
• Certifications
  • Roadmap
  • Steps To
  • Security Admin
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GREM
    • GSEC
    • GCED
    • GSOC
    • GPEN
    • GWAPT
  • Management
    • GISP
    • GSLC
    • GCPM
  • Audit
    • G7799
    • GSNA
  • Legal
    • GLEG
  • Software Security
    • GSSP-NET
    • GSSP-C
    • GSSP-JAVA
  • GSE
  • GSE-Malware
  • GSE-Compliance
  • DoD 8570
  • Retired Certifications
• Certified
  Professionals
  • Listings
    • G7799
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GISP
    • GREM
    • GSEC
    • GCED
    • GSLC
    • GSSP-NET
    • GSNA
    • GSOC
    • GPEN
    • GCPM
    • GLEG
    • GSSP-C
    • GSSP-JAVA
    • GWAPT
    • Retired Certifications
  • Profiles From The
    Front Lines
  • Does Certification Really Matter?
  • GIAC Hero
  • Business Card Logos
• GIAC Gold
• GIAC Expert Level
  • GSE
  • GSE-Malware
  • GSE-Compliance
• Skills Test and Report (STAR)
• GIAC Help and Information – NEW
• Challenge Info
• Registration Info
  • GIAC Pricing
  • Challenge Certification
• Exams
  • Practice Tests
  • Deadlines
  • Exam Technical Issues
• Proctor Program – NEW
  • Program Details
  • FAQ
  • KRYTERION Sites
  • Proctor Policy
  • Proctor Forms
  • Computer Requirements
• Retakes & Extensions
• Recertification
• Exam Feedback Procedure
• Grievance Procedure
• Resources
  • Overview
  • Interview with
    Dr. Cole
  • Student Comments
  • D1: Access
  • D2: Network
  • D3: Management
  • D4: Application
  • D5: Cryptography
  • D6: Architecture
  • D7: Operations
  • D8: Planning
  • D9: Law
  • D10: Physical
• ADA Accomodation Policy
• Job Listings
• SANS Portal
• SANS Home
• SANS Software Security Institute
• SANS Reading Room
• Direct Links G7799 GSAE GPCI GSNA GAWN-C GCDS GLFR GLIT GBLC GLEG GCIP GHSC GISP GFSP GEWF GEIT GLDR GCIM GCPM GSLC GCSC GSPA GOEC GISO GISF SSP-CNSA GGSC-0400 SSP-DRAP SSP-MPA GGSC-0200 GSEC GGSC-0100 GPEN GSOC GWAS GWAPT SSP-GHD GCWN GCFA GCED GHTQ GCIA GCIH GCFW GIPS GCUX GAWN GNET GREM GSIP GSSP-C GSSP-JAVA GSSP-NET
•  

Click to read the GCFA description.

• • Analyst
  • Name
  • Practical
  • Version
  • Score
  • Expires
• • 192
    - GOLD
  • Roger Hiew
  • Analysis of an unknown USB JumpDrive image
  • v1.5
  • 92
  • Expired
• • 191
    - GOLD
  • George Ng
  • Forensic Analysis on a compromised Windows 2000 system
  • v2.0
  • 84
  • Expired
• • 190
    - GOLD
  • Matthew Carpenter
  • Forensic Analysis: Leila Conlay versus Robert Lawrence, Harassment Case
  • v1.5
  • 95
  • Expired
• • 189
    - GOLD
  • Yijia Zhou
  • Pass
  • v2.0
  • 92
  • Expired
• • 188
    - GOLD
  • Rhonda Diggs
  • Forensic Investigation of USB Flashdrive Image for CC Terminals
  • v2.0
  • 94
  • Apr 30, 2013
• • 187
    - SILVER
  • Carlton Foster
  • --
  • --
  • 84
  • Apr 30, 2013
• • 186
    - SILVER
  • Del Russ
  • --
  • --
  • 95
  • Apr 30, 2013
• • 185
    - SILVER
  • David Edwards
  • --
  • --
  • 81
  • Expired
• • 184
    - SILVER
  • Lawrence Pesce
  • --
  • --
  • 87
  • Expired
• • 183
    - SILVER
  • Natalia Smishko
  • --
  • --
  • 81
  • Expired
• • 182
    - SILVER
  • Joe Burke
  • --
  • --
  • 88
  • Expired
• • 181
    - SILVER
  • Keith Craig
  • --
  • --
  • 87
  • Expired
• • 180
    - GOLD
  • David Shettler
  • Forensic Analysis of a Misused System
  • v2.0
  • 85
  • Expired
• • 179
    - GOLD
  • Michael Halm
  • Forensic analysis of a Fedora Core 3 Notebook
  • v1.5
  • 95
  • Expired
• • 178
    - SILVER
  • Andrew Koh
  • --
  • --
  • 96
  • Expired
• • 177
    - SILVER
  • T. Brian Granier
  • --
  • --
  • 93
  • Sep 30, 2011
• • 176
    - SILVER
  • Robert Polk
  • --
  • --
  • 96
  • Apr 30, 2013
• • 175
    - SILVER
  • Andrew Schwartz
  • --
  • --
  • 91
  • Apr 30, 2013
• • 174
    - GOLD
  • Andrew Christensen
  • Steganography for spies and spybots for hackers
  • 1.5
  • 96
  • Expired
• • 173
    - GOLD
  • Juan Carlos Reyes Muñoz
  • ANALYSIS OF AN IMAGE PROVIDED FROM THE GIAC WEBSITE
  • v2.0
  • 92
  • Mar 31, 2013
• • 172
    - GOLD
  • Leonard Ong
  • Forensic with Open-Source Tools and Platform: USB Flash Drive Image Forensic Analysis
  • v2.0
  • 93
  • Mar 31, 2013
• • 171
    - GOLD
  • Dean Farrington
  • CC Terminals Harassment Case
  • v2.0
  • 92
  • Mar 31, 2013
• • 170
    - GOLD
  • Michael Spellane
  • Computer forensics investigation - Image file analysis
  • v1.5
  • 84
  • Mar 31, 2013
• • 169
    - GOLD
  • Conall O'Brien
  • Careless Crackers kill Computers
  • v1.5
  • 96
  • Expired
• • 168
    - GOLD
  • Bertha Marasky
  • Camouflaged and Attacked?
  • v1.5
  • 88
  • Expired
• • 167
    - GOLD
  • Jessica Dillinger
  • Analysis of WinHex
  • v1.5
  • 85
  • Mar 31, 2013
• • 166
    - GOLD
  • Patricia Watson
  • Analyze an Unknown Image and Perform Forensic Tool Validation
  • v1.5
  • 85
  • Expired
• • 165
    - GOLD
  • Michael Aylor
  • Forensic Analysis of Camouflage and Validation of X-Ways Forensics Tool
  • v1.5
  • 92
  • Expired
• • 164
    - GOLD
  • Howard Heerwagen
  • Forensic Image Analysis of a USB Flashdrive
  • v2.0
  • 91
  • Expired
• • 163
    - GOLD
  • Ben Doyle
  • Forensic analysis of a seized USB Flashdrive image
  • v2.0
  • 95
  • Expired
• • 162
    - GOLD
  • Jure Simsic
  • Analysis of an unknown disk
  • v1.5
  • 91
  • Feb 28, 2013
• • 161
    - GOLD
  • Steve Armstrong
  • Report on the Forensic Analysis of a recovered Floppy Disk
  • v1.5
  • 89
  • Expired
• • 160
    - GOLD
  • Ove Hansen
  • Analysis of a FAT16 formatted image using Linux, TSK and Autopsy
  • v2.0
  • 95
  • Expired
• • 159
    - GOLD
  • Paul Wright
  • Oracle Database Forensics using LogMiner
  • v1.5
  • 93
  • GSM
• • 158
    - GOLD
  • Anton Chuvakin
  • Infected or Owned?
  • v1.5
  • 92
  • Expired
• • 157
    - GOLD
  • Joseph Chen
  • Analysis of a 64MB Lexar Media USB JumpDrive
  • v2.0
  • 92
  • Expired
• • 156
    - GOLD
  • Oscar Ruiz
  • Spanish-Forensic Analysis of a Windows 98b system
  • v1.5
  • 89
  • Expired
• • 155
    - GOLD
  • Regis Cassidy
  • Forensic Analysis on a Windows 2000 Server
  • v1.5
  • 96
  • Expired
• • 154
    - GOLD
  • Alberto Partida
  • Forensic Analysis of an Apple iBook G4
  • v1.5
  • 90
  • Jan 31, 2013
• • 153
    - GOLD
  • Richard Grime
  • NTLast as a Forensic Tool
  • v1.5
  • 91
  • Jan 31, 2013
• • 152
    - GOLD
  • Francisco Pecorella
  • Analyze an image and Perform Forensic
  • v1.5
  • 93
  • Expired
• • 151
    - GOLD
  • Jonathan Taylor
  • Evaluaton of a Zero-Day Worm Variant at a Health Clinic
  • v1.5
  • 92
  • Jan 31, 2013
• • 150
    - GOLD
  • Steven Becker
  • Analyze an Unknown Image and Forensic Tool Validation: Sterilize
  • v1.5
  • 93
  • Jan 31, 2013
• • 148
    - GOLD
  • Manuel Santander
  • Analysis of a Windows XP Professional compromised system
  • v1.5
  • 91
  • Jan 31, 2013
• • 147
    - GOLD
  • Merlin Namuth
  • Analysis of a Commercial Keylogger installed on multiple systems
  • v1.5
  • 87
  • Jan 31, 2013
• • 146
    - GOLD
  • Raul Siles
  • HONORS-Analysis of a USB Flashdrive Image - Honors
  • v2.0
  • 96
  • GSE
• • 145
    - GOLD
  • Kevin Wenchel
  • Analysis of a USB Flashdrive Image
  • v1.5
  • 96
  • Jan 31, 2013
• • 144
    - GOLD
  • Slade Griffin
  • A Touch of Superiority in Linux
  • v1.5
  • 99
  • Expired
• • 143
    - GOLD
  • Byrne Ghavalas
  • Forensic Analysis of a Windows 2000 Server
  • v1.5
  • 97
  • Expired
• • 142
    - GOLD
  • Rob Ferrill
  • Forensic analysis of a Windows XP SP1
  • v1.5
  • 95
  • Jan 31, 2013
• • 141
    - GOLD
  • Mark Read
  • Forensic analysis of a honeypot RedHat Linux 6.2
  • v1.5
  • 93
  • Expired
• • 140
    - GOLD
  • Chris Russel
  • Compromise analysis of a University SGI Indy workstation running IRIX
  • v1.5
  • 87
  • Expired
• • 139
    - GOLD
  • Russell Shepherd
  • Forensic analysis of a compromised Solaris server
  • v1.5
  • 91
  • Expired
• • 138
    - GOLD
  • Jessica Deline
  • Analysis on a compromised RedHat 8.0 machine
  • v1.5
  • 76
  • Expired
• • 137
    - GOLD
  • Jeff Bryner
  • Analysis on a compromised Linux RedHat 8.0 Honeypot
  • v1.5
  • 97
  • Dec 31, 2012
• • 136
    - GOLD
  • Jerry Shenk
  • Forensic analysis of a Windows 98 system
  • v1.5
  • 99
  • Dec 31, 2012
• • 135
    - GOLD
  • John Hayday
  • Forensic Analysis on a Windows 2000 system
  • v1.5
  • 92
  • Dec 31, 2012
• • 134
    - GOLD
  • Nihar Khedekar
  • Forensic Investigation of a Hacked Redhat 7.1 System
  • v1.5
  • 97
  • Expired
• • 133
    - GOLD
  • Pramod Pawar
  • Perform Forensic Analysis on a Red Hat Linux release 7.1.2 Server
  • v1.5
  • 99
  • Expired
• • 132
    - GOLD
  • Vijaykumar VK
  • Forensic Analysis of a Red Hat Linux release 7.1 Server
  • v1.5
  • 91
  • Expired
• • 131
    - GOLD
  • Layne Bro
  • Use of SSH as a forensic tool
  • v1.5
  • 91
  • Expired
• • 130
    - GOLD
  • Peter Hewitt
  • Forensic Analysis on a compromised Windows 2000 Honeypot
  • v1.5
  • 95
  • Dec 31, 2012
• • 129
    - GOLD
  • James Perry
  • Forensic Tool Validation of Compromised Computer Inventory System
  • v1.5
  • 97
  • Expired
• • 128
    - GOLD
  • Michael Wilson
  • How not to use a rootkit
  • v1.5
  • 97
  • Expired
• • 127
    - GOLD
  • James Shewmaker
  • Analysis of a Red Hat Honeypot
  • v1.5b
  • 95
  • GSM
• • 126
    - GOLD
  • Jeri Malone
  • Forensic Analysis on a compromised Linux Web Server
  • v1.4
  • 81
  • Nov 30, 2012
• • 125
    - GOLD
  • Tom Chmielarski
  • Forensic Analysis of a Sun Ultra System
  • v1.5b
  • 96
  • Nov 30, 2012
• • 124
    - GOLD
  • Michael Worman
  • Forensic Validity of Netcat
  • v1.4
  • 96
  • Nov 30, 2012
• • 123
    - GOLD
  • David Cragg
  • Forensic Analysis on a Windows 2000 Pro Workstation
  • v1.5
  • 92
  • Nov 30, 2012
• • 122
    - GOLD
  • Richard Bunnell
  • Forensic Analysis on acquired EBay Hard Drives
  • v1.4
  • 92
  • Expired
• • 121
    - GOLD
  • Alfredo Rinaldi
  • Forensic Analysis on a Linux IPNET challenge syste
  • v1.4
  • 96
  • Expired
• • 119
    - GOLD
  • Yi-Chung Liu
  • Forensic Analysis of a Windows 2000 Web Server
  • v1.5
  • 99
  • Expired
• • 118
    - GOLD
  • Akiteru Kamoshida
  • Evaluation of The Forensic Toolkit
  • v1.4
  • 85
  • Expired
• • 117
    - GOLD
  • Daniel Wesemann
  • Forensic Analysis of an EBay acquired Drive
  • v1.5
  • 97
  • Aug 31, 2012
• • 116
    - GOLD
  • Stephen Hall
  • Analysis of a Compromised Honeypot-VMware/Linux7.3
  • v1.4
  • 95
  • Aug 31, 2012
• • 115
    - GOLD
  • Mark Maher
  • Becoming a Forensic Investigator/Use of Forensic Toolkit
  • v1.4
  • 89
  • Expired
• • 114
    - GOLD
  • Golden Richard
  • Forensic analysis of a Windows 2000 computer literacy training and software development device
  • v1.4
  • 95
  • Jul 31, 2012
• • 113
    - GOLD
  • Lars Fresen
  • Sys Admins and Hackers/Analysis of a hacked system
  • v1.4
  • 91
  • Jul 31, 2012
• • 112
    - GOLD
  • Beth Binde
  • Forensic Analysis of a Windows 2000 server with IIS and Oracle
  • v1.4
  • 93
  • Jun 30, 2012
• • 111
    - GOLD
  • Garnot Ladstaetter
  • Romanian Winter-Forensic Analysis of a Linux system
  • v1.4
  • 93
  • Expired
• • 110
    - GOLD
  • Carl Madzelan
  • Forensic Analysis of a compromised Sun Ultra 5 workstation
  • v1.4
  • 92
  • Expired
• • 109
    - GOLD
  • Kevin Miller
  • Forensic analysis of a compromised Linux RedHat 7.3 system
  • v1.4
  • 93
  • Jun 30, 2012
• • 108
    - GOLD
  • Tyler Hudak
  • Analysis of a Linux Honeypot
  • v1.4
  • 99
  • Jun 30, 2012
• • 107
    - GOLD
  • Jeffrey McGurk
  • Forensic Analysis Procedures of a Compromised system using Encase
  • v1.4
  • 93
  • Jun 30, 2012
• • 106
    - GOLD
  • Frank Adelstein
  • Analysis of tar2d2 as a Forensic Tool
  • v1.4
  • 95
  • May 31, 2012
• • 105
    - GOLD
  • Martin Walker
  • Forensic analysis of a Compromised Red Hat 7.2 Web Server
  • v1.4
  • 93
  • May 31, 2012
• • 104
    - GOLD
  • Daniel Burnham
  • NOTE:Damaged PDF-Cannot be read
  • v1.4
  • 85
  • Expired
• • 103
    - GOLD
  • Charles Fraser
  • Forensic analysis of a Compromised Windows 2000 workstation
  • v1.4
  • 83
  • Apr 30, 2012
• • 102
    - GOLD
  • Brian Carlson
  • Forensic Examination of a home firewall and network services system
  • v1.4
  • 92
  • Expired
• • 101
    - GOLD
  • Hugh Tower-Pierce
  • Evaluation of Crocwareis Mount Image Pro as a Forensic Tool
  • v1.4
  • 95
  • Mar 31, 2012
• • 100
    - GOLD
  • Rick Larabee
  • Forensic Tool Evaluation-Pasco
  • v1.4
  • 89
  • Expired
• • 99
    - GOLD
  • Kevin Fiscus
  • Forensic Tool Evaluation-MiTeC Registry File Viewer
  • v1.4
  • 96
  • Mar 31, 2012
• • 98
    - GOLD
  • Bob Pelcher
  • Hidden Data Is Evidence Too/Metadata Assistant tool Evaluation
  • v1.4
  • 89
  • Expired
• • 97
    - GOLD
  • Jason Anderson
  • Compromised Redhat Linux 7.2 Honeypot Analysis
  • v1.4
  • 93
  • Expired
• • 96
    - GOLD
  • Jennie Callahan
  • Forensic analysis/process for a Windows 2000 SP2 Pro with IIS installed
  • v1.4
  • 87
  • Expired
• • 95
    - GOLD
  • Michael Scott
  • Trash and Treasure-Computer Forensics and Public Domain Data (Bmap Tool Analysis)
  • v1.4
  • 96
  • Expired
• • 94
    - GOLD
  • Drew Fahey
  • Pass
  • --
  • 92
  • Expired
• • 93
    - GOLD
  • Robert Fahey
  • Pass
  • v1.3
  • 91
  • Jan 31, 2012
• • 92
    - GOLD
  • Steven Hickey
  • Evaluation of Forensics SF-5000u as forensic Hardware
  • v1.4
  • 95
  • Expired
• • 91
    - GOLD
  • Doug Barbin
  • v1.3
  • 89
  • Expired

Some practicals are purposely not linked so as not to prematurely disclose answers to those still completing the assignment.
bold text denotes Honors received on the practical

© 2000-2009 The SANS Institute

SANS Web Privacy Policy: www.giac.org/privacy.php - Web Contact: webmaster@giac.org

Phone: 301-654-7267 | Mon-Fri 9am-8pm EST/EDT

(ISC)² and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.