Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

This Evergreen Alliance training program for GIAC Advanced Smartphone Forensics (GASF) will teach you how to locate critical evidence on smartphones and mobile devices, including how data was added to the device—whether through AI, user input, or synchronization. You’ll learn to recover deleted or overlooked data that forensic tools may miss, decode evidence from third-party applications, and detect, decompile, and analyze mobile malware and spyware.

When a smartphone lands on your desk, you may be tasked with proving a user’s presence at a specific location on a particular date and time. While forensic tools might show location data, do you know how to fully authenticate and interpret that data to ensure accuracy? It’s essential to go beyond what the tools suggest and confirm whether the location data is valid and reliable.

Mobile devices are often central to investigations involving criminal cases, intrusions, IP theft, security threats, and accident reconstructions. Mastering the correct techniques for leveraging mobile device data is crucial for your success as an expert.

In this course, you’ll learn:

Advanced acquisition techniques to access smartphone data
How to handle locked or encrypted devices, applications, and containers
Methods for examining databases, protobufs, leveldbs, and other file formats that store application and mobile artifacts
How to craft SQLite queries and modify Python scripts for mobile forensics
How to create, validate, and verify tools and scripts against real-world datasets
Manual parsing techniques for application data when commercial tools are not applicable
This course will equip you with the skills to confidently and thoroughly analyze mobile devices in forensic investigations.

Android Backup and Cloud Storage Forensics
The candidate will be familiar with the various methodologies and platform specific resources used by Android devices when creating device and system backups
Android Device Forensics and Analysis of File System, Evidence Locations and User Activity
The candidate will demonstrate an understanding of the techniques and tools used during the collection, preservation and analysis of Android mobile device data including the file system structure, user activity and common artifact locations.
iOS Backup and Cloud Storage Forensics
The candidate will be familiar with the various methodologies and platform specific resources used by iOS devices when creating device and system backups
iOS Device Forensics and Analysis of File System, Evidence Locations and User Activity
The candidate will demonstrate an understanding of the techniques and tools used during the collection, preservation and analysis of iOS mobile device data including the file system structure, user activity and common artifact locations.
Mobile Forensics Introduction
The candidate will demonstrate an understanding of the techniques and tools used to collect and analyze data from Android and iOS mobile devices.
Mobile Malware and Spyware Detection and Analysis
The candidate will demonstrate an understanding of how mobile malware interacts with Android and iOS devices and the tools used to detect and analyze malicious activity.
Third-party Application Artifact Analysis
The candidate will demonstrate an understanding of the tools and techniques used to review, analyze and investigate third party application activity.
Third-party Application Forensics Introduction
The candidate will be familiar with artifacts created by third party applications on Android and iOS devices.

There are currently no prerequisites for this course. However a basic understanding of digital forensic file structures and terminology will help.

proctored exam 75 questions 2 hours Minimum passing score of 69%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Intermediate
    • Exam: ECRC
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 4 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Next Generation Mindfulness
    • Duration: 1 Days
    • Language: English
    • Level: Foundation
    • Exam: NGM
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details