• Home
  • Articles
  • Unique Top-selling GCFA Exams - New 2021 GIAC Pratice Exam [Q73-Q92]

Unique Top-selling GCFA Exams - New 2021 GIAC Pratice Exam [Q73-Q92]

Share

Unique Top-selling GCFA Exams - New 2021 GIAC  Pratice Exam

GIAC Information Security Dumps GCFA Exam for Full Questions - Exam Study Guide

NEW QUESTION 73
Which of the following file systems provides integrated security?

  • A. HPFS
  • B. CDFS
  • C. EFS
  • D. FAT32

Answer: C

 

NEW QUESTION 74
Which of the following types of attacks cannot be prevented by technical measures only?

  • A. Brute force
  • B. Smurf DoS
  • C. Ping flood attack
  • D. Social engineering

Answer: D

 

NEW QUESTION 75
Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen. Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?

  • A. Identification
  • B. Eradication
  • C. Containment
  • D. Recovery

Answer: C

 

NEW QUESTION 76
Brutus is a password cracking tool that can be used to crack the following authentications:
HTTP (Basic Authentication)

HTTP (HTML Form/CGI)

POP3 (Post Office Protocol v3)

FTP (File Transfer Protocol)

SMB (Server Message Block)

Telnet

Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Dictionary attack
  • B. Hybrid attack
  • C. Replay attack
  • D. Man-in-the-middle attack
  • E. Brute force attack

Answer: A,B,E

 

NEW QUESTION 77
Which of the following provides high availability of data?

  • A. Anti-virus software
  • B. RAID
  • C. EFS
  • D. Backup

Answer: B

Explanation:
Section: Volume B

 

NEW QUESTION 78
Nathan works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He uses Visual TimeAnalyzer software to track all computer usage by logging into individual users account or specific projects and compile detailed accounts of time spent within each program. Which of the following functions are NOT performed by Visual TimeAnalyzer?
Each correct answer represents a complete solution. Choose all that apply.

  • A. It monitors all user data such as passwords and personal documents.
  • B. It gives parents control over their children's use of the personal computer.
  • C. It tracks work time, pauses, projects, costs, software, and internet usage.
  • D. It records specific keystrokes and run screen captures as a background process.

Answer: A,D

 

NEW QUESTION 79
Which of the following is included in a memory dump file?

  • A. Stop message and its parameters
  • B. The kernel-mode call stack for the thread that stopped the process from execution
  • C. Security ID
  • D. List of loaded drivers

Answer: A,B,D

Explanation:
Section: Volume C

 

NEW QUESTION 80
Which of the following wireless network standards operates on the 5 GHz band and transfers data at a rate of
54 Mbps?

  • A. 802.11g
  • B. 802.11b
  • C. 802.11a
  • D. 802.11u

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 81
The MBR of a hard disk is a collection of boot records that contain disk information such as disk architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating system files that are required to run a hard disk. In the context of the operating system, MBR is also known as the boot loader.
Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.

  • A. Multipartite
  • B. File
  • C. Boot sector
  • D. Stealth

Answer: A,C

Explanation:
Section: Volume A
Explanation/Reference:

 

NEW QUESTION 82
Which of the following command line tools are available in Helix Live acquisition tool on Windows?
Each correct answer represents a complete solution. Choose all that apply.

  • A. whois
  • B. netstat
  • C. ipconfig
  • D. .cab extractors

Answer: B,C,D

Explanation:
Section: Volume B

 

NEW QUESTION 83
On which of the following locations does the Windows NT/2000 operating system contain the SAM, SAM.LOG, SECURITY.LOG, APPLICATION.LOG, and EVENT.LOG files?

  • A. \%Systemroot%system32config
  • B. \%Systemroot%system32
  • C. \%Systemroot%profiles
  • D. \%Systemroot%help

Answer: A

Explanation:
Section: Volume A

 

NEW QUESTION 84
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate and examine drive image of a compromised system, which is suspected to be used in cyber crime. Adam uses Forensic Sorter to sort the contents of hard drive in different categories. Which of the following type of image formats is NOT supported by Forensic Sorter?

  • A. RAW image file
  • B. PFR image file
  • C. EnCase image file
  • D. iso image file

Answer: D

 

NEW QUESTION 85
Which of the following tools is used to modify registry permissions in Windows?

  • A. SECEDIT
  • B. POLEDIT
  • C. REGEDT32
  • D. REGEDIT

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 86
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it to chess.exe. The size of chess.exe was 526,895 bytes originally, and after joining this chess file to the Trojan, the file size increased to 651,823 bytes. When he gives you this new game, you install the infected chess.exe file on your computer. He now performs various malicious tasks on your computer remotely. But you suspect that someone has installed a Trojan on your computer and begin to investigate it. When you enter the netstat command in the command prompt, you get the following results:
C:\WINDOWS>netstat -an | find "UDP"
UDP IP_Address:31337 *:*
Now you check the following registry address:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices In the above address, you notice a 'default' key in the 'Name' field having " .exe" value in the corresponding 'Data' field. Which of the following Trojans do you think your friend may have installed on your computer on the basis of the above evidence?

  • A. Tini
  • B. Back Orifice
  • C. Qaz
  • D. Donald Dick

Answer: B

 

NEW QUESTION 87
Which of the following are advantages of NTFS file system over FAT32 and FAT?
Each correct answer represents a part of the solution. Choose two.

  • A. Support for dual-booting.
  • B. Support for audio files.
  • C. Support for file and folder level permissions.
  • D. Support for Encrypting File System (EFS).

Answer: C,D

 

NEW QUESTION 88
Which of the following statements is NOT true about FAT16 file system?
Each correct answer represents a complete solution. Choose all that apply.

  • A. FAT16 does not support file-level security.
  • B. FAT16 file system works well with large disks because the cluster size increases as the disk partition size increases.
  • C. FAT16 file system supports file-level compression.
  • D. FAT16 file system supports Linux operating system.

Answer: B,C

 

NEW QUESTION 89
Which of the following switches is used with Pslist command on the command line to show the statistics for all active threads on the system, grouping these threads with their owning process?

  • A. Pslist -t
  • B. Pslist -d
  • C. Pslist -m
  • D. Pslist -x

Answer: B

 

NEW QUESTION 90
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He receives the following e-mail:

The e-mail that John has received is an example of __________.

  • A. Chain letters
  • B. Virus hoaxes
  • C. Spambots
  • D. Social engineering attacks

Answer: A

 

NEW QUESTION 91
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?

  • A. Fpipe
  • B. PsExec
  • C. Cain
  • D. PsList

Answer: A

 

NEW QUESTION 92
......


Introduction to GCFA Exam

The Global Information Assurance Certification Forensic Analyst (GCFA) certifies that applicants have the knowledge, skills, and abilities to conduct formal incident investigations and manage advanced incident management scenarios, including internal and external data breach intrusions, advanced persistent threats, forensic techniques used by attackers. and complex digital court cases. The GCFA certification focuses on the basic skills needed to collect and analyze data from Windows and Linux computer systems.

 

Best way to practice test for GIAC GCFA: https://prepaway.testkingpass.com/GCFA-testking-dumps.html

Related Articles

more
GIAC GCFA Certification Practice Exam