GCFA GIACCertified Forensics Analyst Free Practice Exam Questions (2025 Updated)
Prepare effectively for your GIAC GCFA GIACCertified Forensics Analyst certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just packets addressed to it. Which of the following tools works by placing the host system network card into the promiscuous mode?
Jason, a game lover, owns an Apple's iPod nano. He wants to play games on his iPod. He also wants to improve the quality of the audio recording of his iPod. Which of the following steps can Jason take to accomplish the task?
Which of the following cryptographic methods are used in EnCase to ensure the integrity of the data, which is acquired for the investigation?
Each correct answer represents a complete solution. Choose two.
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a multimedia enabled mobile phone, which is suspected to be used in a cyber crime. Adam uses a tool, with the help of which he can recover deleted text messages, photos, and call logs of the mobile phone. Which of the following tools is Adam using?
John works as a contract Ethical Hacker. He has recently got a project to do security checking for www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server in the information gathering step. Which of the following commands will he use to accomplish the task?
Each correct answer represents a complete solution. Choose two.
Which of the following can be monitored by using the host intrusion detection system (HIDS)?
Each correct answer represents a complete solution. Choose two.
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate an iphone, which is being seized from a criminal. The local police suspect that this iphone contains some sensitive information. Adam knows that the storage partition of the iphone is divided into two partitions. The first partition is used for the operating system. Other data of iphone is stored in the second partition. Which of the following is the name with which the second partition is mounted on the iphone?
Which of the following types of attacks cannot be prevented by technical measures only?
Which of the following registry hives stores information about the file extensions that are mapped to their corresponding applications?
Which of the following precautionary steps are taken by the supervisors or employers to avoid sexual harassment in workplace?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following laws enacted in United States makes it illegal for an Internet Service Provider (ISP) to allow child pornography to exist on Web sites?
Which of the following diagnostic codes sent by POST to the internal port h80 refers to the system board error?
Your network has a Windows 2000 Server computer with FAT file system, shared by several users.
This system stores sensitive data. You decide to encrypt this data to protect it from unauthorized access. You want to accomplish the following goals:
Data should be secure and encrypted.
Administrative efforts should be minimum.
You should have the ability to recover encrypted files in case the file owner leaves the company.
Other permissions on encrypted files should be unaffected.
File-level security is required on the disk where data is stored.
Encrypting or decrypting of files should not be the responsibility of the file owner.
You take the following steps to accomplish these goals :
Convert the FAT file system to Windows 2000 NTFS file system.
Use Encrypting File System (EFS) to encrypt data.
Which of the following goals will you be able to accomplish?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following tools is used to block email, Instant Message, Web site, or other media if inappropriate words such as pornography, violence etc. is used?
Which of the following hardware devices prevents broadcasts from crossing over subnets?
Which of the following is described in the following statement?
"It is a 512 bytes long boot sector that is the first sector of a default boot drive. It is also known as Volume Boot Sector, if the boot drive is un-partitioned. "
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. You are configuring a wireless LAN on the network. You experience interference on your network. Through investigation, you come to know that three foreign WAPs are within the range of your LAN. Although they have different SSIDs than yours, they are working on the same channel as yours.
Which of the following steps will you take to reduce the interference?
Which of the following are the benefits of information classification for an organization?
Each correct answer represents a complete solution. Choose two.
Which of the following is the Windows feature on which the file management can be performed by a PC user?
