nerdexam
GIAC

GCFA · Question #200

GCFA Question #200: Real Exam Question with Answer & Explanation

The correct answer is D. Access Pass View. Access PassView is the Helix Windows Live tool specifically designed to recover passwords from password-protected Microsoft Access MDB database files.

Question

Which of the following tools in Helix Windows Live is used to reveal the database password of password protected MDB files created using Microsoft Access or with Jet Database Engine?

Options

  • AAsterisk logger
  • BFAU
  • CGalleta
  • DAccess Pass View

Explanation

Access PassView is the Helix Windows Live tool specifically designed to recover passwords from password-protected Microsoft Access MDB database files.

Common mistakes.

  • A. Asterisk Logger is used to reveal passwords that are masked by asterisk characters in GUI dialog boxes and input fields, not for decrypting database file passwords.
  • B. FAU (File Access Utility) is a forensic tool used for analyzing file access timestamps and metadata, not for password recovery from database files.
  • C. Galleta is a forensic tool for parsing and extracting data from Internet Explorer cookie files, unrelated to Access database password recovery.

Concept tested. Helix Windows Live forensic tool for Access MDB passwords

Reference. https://www.nirsoft.net/utils/accesspv.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCFA Practice