Cyber Security Certification: GASF

Cyber Security Certification: GASF


The popularity of mobile devices in our work and personal lives has become increasingly broad and complex. The volume and type of data that these devices carry such as contact lists, email, work documents, SMS messages, images, internet browsing history and application specific data make them important for the individual who carries the device and allows for a rich source of data for forensic examinations.

Areas Covered

Who is GASF for?

Requirements

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.


Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Android Backup and Cloud Storage Forensics
The candidate will be familiar with the various methodologies and platform specific resources used by Android devices when creating device and system backups
Android Device Forensics and Analysis of File System, Evidence Locations and User Activity
The candidate will demonstrate an understanding of the techniques and tools used during the collection, preservation and analysis of Android mobile device data including the file system structure, user activity and common artifact locations.
iOS Backup and Cloud Storage Forensics
The candidate will be familiar with the various methodologies and platform specific resources used by iOS devices when creating device and system backups
iOS Device Forensics and Analysis of File System, Evidence Locations and User Activity
The candidate will demonstrate an understanding of the techniques and tools used during the collection, preservation and analysis of iOS mobile device data including the file system structure, user activity and common artifact locations.
Mobile Forensics Introduction
The candidate will demonstrate an understanding of the techniques and tools used to collect and analyze data from Android and iOS mobile devices.
Mobile Malware and Spyware Detection and Analysis
The candidate will demonstrate an understanding of how mobile malware interacts with Android and iOS devices and the tools used to detect and analyze malicious activity.
Third-party Application Artifact Analysis
The candidate will demonstrate an understanding of the tools and techniques used to review, analyze and investigate third party application activity.
Third-party Application Forensics Introduction
The candidate will be familiar with artifacts created by third party applications on Android and iOS devices.

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Other Resources