Curious about Actual GIAC Digital Forensics & Incident Response (GCFA) Exam Questions?

In a Windows 98 computer, which of the following utilities is used to convert a FAT16 partition to FAT32?

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate an iphone, which is being seized from a criminal. The local police suspect that this iphone contains some sensitive information. Adam knows that the storage partition of the iphone is divided into two partitions. The first partition is used for the operating system. Other data of iphone is stored in the second partition. Which of the following is the name with which the second partition is mounted on the iphone?

John works as a Network Administrator for DigiNet Inc. He wants to investigate failed logon attempts to a network. He uses Log Parser to detail out the failed logons over a specific time frame. He uses the following commands and query to list all failed logons on a specific date:

logparser.exe file:FailedLogons.sql -i:EVT -o:datagrid

SELECT

timegenerated AS LogonTime,

extract_token(strings, 0, '|') AS UserName

FROM Security

WHERE EventID IN (529;

530;

531;

532;

533;

534;

535;

537;

539)

AND to_string(timegenerated,'yyyy-MM-dd HH:mm:ss') like '2004-09%'

After investigation, John concludes that two logon attempts were made by using an expired account.

Which of the following EventID refers to this failed logon?

Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?