Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

This Evergreen Alliance training program for GIAC Advanced Smartphone Forensics (GASF) will teach you how to locate critical evidence on smartphones and mobile devices, including how data was added to the device—whether through AI, user input, or synchronization. You’ll learn to recover deleted or overlooked data that forensic tools may miss, decode evidence from third-party applications, and detect, decompile, and analyze mobile malware and spyware.

When a smartphone lands on your desk, you may be tasked with proving a user’s presence at a specific location on a particular date and time. While forensic tools might show location data, do you know how to fully authenticate and interpret that data to ensure accuracy? It’s essential to go beyond what the tools suggest and confirm whether the location data is valid and reliable.

Mobile devices are often central to investigations involving criminal cases, intrusions, IP theft, security threats, and accident reconstructions. Mastering the correct techniques for leveraging mobile device data is crucial for your success as an expert.

In this course, you’ll learn:

Advanced acquisition techniques to access smartphone data
How to handle locked or encrypted devices, applications, and containers
Methods for examining databases, protobufs, leveldbs, and other file formats that store application and mobile artifacts
How to craft SQLite queries and modify Python scripts for mobile forensics
How to create, validate, and verify tools and scripts against real-world datasets
Manual parsing techniques for application data when commercial tools are not applicable
This course will equip you with the skills to confidently and thoroughly analyze mobile devices in forensic investigations.

ndroid Backup and Cloud Storage Forensics
The candidate will understand the methodologies and platform-specific resources used by Android devices to create device and system backups.

Android Device Forensics: File System, Evidence Locations, and User Activity
The candidate will demonstrate proficiency in the techniques and tools for collecting, preserving, and analyzing data from Android mobile devices, including the file system structure, user activity, and common artifact locations.

iOS Backup and Cloud Storage Forensics
The candidate will be familiar with the methodologies and platform-specific resources used by iOS devices for creating device and system backups.

iOS Device Forensics: File System, Evidence Locations, and User Activity
The candidate will understand the techniques and tools used for the collection, preservation, and analysis of iOS mobile device data, focusing on the file system structure, user activity, and common artifact locations.

Introduction to Mobile Forensics
The candidate will demonstrate an understanding of the tools and techniques used to collect and analyze data from both Android and iOS mobile devices.

Mobile Malware and Spyware Detection and Analysis
The candidate will demonstrate knowledge of how mobile malware interacts with Android and iOS devices, as well as the tools used to detect and analyze malicious activity.

Third-Party Application Artifact Analysis
The candidate will be skilled in the tools and techniques used to review, analyze, and investigate the activity of third-party applications on mobile devices.

Introduction to Third-Party Application Forensics
The candidate will understand the artifacts created by third-party applications on both Android and iOS devices.

There are currently no prerequisites for this course. However a basic understanding of digital forensic file structures and terminology will help.

proctored exam 75 questions 2 hours Minimum passing score of 69%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    CompTIA: SecurityX
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CAS-005
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Advanced
    • Exam: ECRC
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 5 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details