GIAC.GCFA.V2018-03-11.Q309
Total Page:16
File Type:pdf, Size:1020Kb
GIAC.GCFA.v2018-03-11.q309 Exam Code: GCFA Exam Name: GIAC Certified Forensics Analyst Certification Provider: GIAC Free Question Number: 309 Version: v2018-03-11 # of views: 403 # of Questions views: 24822 https://www.freecram.com/torrent/GIAC.GCFA.v2018-03-11.q309.html NEW QUESTION: 1 Which of the following statements is NOT true about the file slack spaces in Windows operating system? A. File slack is the space, which exists between the end of the file and the end of the last cluster. B. File slack may contain data from the memory of the system. C. It is possible to find user names, passwords, and other important information in slack. D. Large cluster size will decrease the volume of the file slack. Answer: D (LEAVE A REPLY) NEW QUESTION: 2 In which of the following files does the Linux operating system store passwords? A. Passwd B. SAM C. Shadow D. Password Answer: (SHOW ANSWER) NEW QUESTION: 3 Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords? A. Rainbow attack B. Dictionary attack C. Hybrid attack D. Brute Force attack Answer: A (LEAVE A REPLY) NEW QUESTION: 4 You work as a Network Administrator for NetTech Inc. The company has a network that consists of 200 client computers and ten database servers. One morning, you find that an unauthorized user is accessing data on a database server on the network. Which of the following actions will you take to preserve the evidences? Each correct answer represents a complete solution. Choose three. A. Preserve the log files for a forensics expert. B. Prevent a forensics experts team from entering the server room. C. Detach the network cable from the database server. D. Prevent the company employees from entering the server room. Answer: A,C,D (LEAVE A REPLY) NEW QUESTION: 5 You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to set the hard disk geometry parameters, cylinders, heads, and sectors. Which of the following Unix commands can you use to accomplish the task? A. mkswap B. mke2fs C. mkfs D. hdparm Answer: D (LEAVE A REPLY) NEW QUESTION: 6 Which of the following statements about SD cards are true? Each correct answer represents a complete solution. Choose two. A. It is used with mobile phones and digital cameras. B. It is a type of non-volatile memory card. C. It is a 184-pin memory module. D. It is used as RAM on client computers and servers. Answer: (SHOW ANSWER) NEW QUESTION: 7 Which of the following Linux file systems is a journaled file system? A. ext2 B. ext3 C. ext4 D. ext Answer: B (LEAVE A REPLY) NEW QUESTION: 8 Which of the following type of files is NOT deleted by Disk Cleanup program of Windows XP? A. Temporary Internet Files B. Temporary Setup Files C. Old data files D. Offline Files Answer: C (LEAVE A REPLY) NEW QUESTION: 9 What is the name of the group of blocks which contains information used by the operating system in Linux system? A. logblock B. Superblock C. Systemblock D. Bootblock Answer: (SHOW ANSWER) NEW QUESTION: 10 Which utility enables you to access files from a Windows .CAB file? A. WINZIP.EXE B. EXTRACT.EXE C. ACCESS.EXE D. XCOPY.EXE Answer: B (LEAVE A REPLY) NEW QUESTION: 11 Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud? A. Wiretapping B. Eavesdropping C. Data diddling D. Spoofing Answer: C (LEAVE A REPLY) NEW QUESTION: 12 Which of the following log files are used to collect evidences before taking the bit-stream image of the BlackBerry? Each correct answer represents a complete solution. Choose all that apply. A. Roam and Radio B. Radio status C. user history D. Transmit/Receive Answer: (SHOW ANSWER) NEW QUESTION: 13 An attacker attempts to gain information about a network by specifically targeting the network resources and applications running on a computer. This method for gaining information is known as ______. A. Notification B. Enumeration C. Passive response D. Sensor E. Footprinting F. Scanning Answer: B (LEAVE A REPLY) NEW QUESTION: 14 Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate computer of an unfaithful employee of SecureEnet Inc. Suspect's computer runs on Windows operating system. Which of the following sources will Adam investigate on a Windows host to collect the electronic evidences? Each correct answer represents a complete solution. Choose all that apply. A. Swap files B. Unused and hidden partition C. Allocated cluster D. Slack spaces Answer: (SHOW ANSWER) NEW QUESTION: 15 Which of the following prevents malicious programs from attacking a system? A. Anti-virus program B. Biometric devices C. Firewall D. Smart cards Answer: A (LEAVE A REPLY) NEW QUESTION: 16 Which of the following laws enacted in United States makes it illegal for an Internet Service Provider (ISP) to allow child pornography to exist on Web sites? A. Prosecutorial Remedies and Tools Against the Exploitation of Children Today Act (PROTECT Act) B. Sexual Predators Act C. Child Pornography Prevention Act (CPPA) D. USA PATRIOT Act Answer: (SHOW ANSWER) Valid GCFA Dumps shared by PrepAwayExam.com for Helping Passing GCFA Exam! PrepAwayExam.com now offer the newest GCFA exam dumps, the PrepAwayExam.com GCFA exam questions have been updated and answers have been corrected get the newest PrepAwayExam.com GCFA dumps with Test Engine here: https://www.prepawayexam.com/GIAC/braindumps.GCFA.ete.file.html (318 Q&As Dumps, 40%OFF Special Discount: freecram) NEW QUESTION: 17 Which of the following is the initiative of United States Department of Justice, which provides state and local law enforcement agencies the tools to prevent Internet crimes against children, and catches the distributors of child pornography on the Internet? A. Anti-Child Porn.org (ACPO) B. Internet Crimes Against Children (ICAC) C. Project Safe Childhood (PSC) D. Innocent Images National Initiative (IINI) Answer: B (LEAVE A REPLY) NEW QUESTION: 18 Which of the following is used to authenticate asymmetric keys? A. Digital signature B. Demilitarized zone (DMZ) C. Password D. MAC Address Answer: (SHOW ANSWER) NEW QUESTION: 19 Sandra, an expert computer user, hears five beeps while booting her computer that has AMI BIOS; and after that her computer stops responding. Sandra knows that during booting process POST produces different beep codes for different types of errors. Which of the following errors refers to this POST beep code? A. Cache memory test failed B. Display memory error C. Mother board timer not operational D. Processor failure Answer: D (LEAVE A REPLY) NEW QUESTION: 20 John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare- secure.com. He enters a single quote in the input field of the login page of the We- are-secure Web site and receives the following error message: Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14' This error message shows that the We-are-secure Website is vulnerable to __________. A. An XSS attack B. A buffer overflow C. A Denial-of-Service attack D. A SQL injection attack Answer: (SHOW ANSWER) NEW QUESTION: 21 Which of the following steps should be performed in order to optimize a system performance? Each correct answer represents a complete solution. Choose three. A. Delete the temporary files B. Edit registry regularly C. Run anti-spyware program regularly D. Defragment the hard disk drive Answer: A,C,D (LEAVE A REPLY) NEW QUESTION: 22 Which of the following graphical tools is used to navigate through directory structures? A. Windows Explorer B. Disk Cleanup C. Disk Management D. System Information Answer: (SHOW ANSWER) NEW QUESTION: 23 You work as a professional Computer Hacking Forensic Investigator. A project has been assigned to you to investigate the DoS attack on a computer network of SecureEnet Inc. Which of the following methods will you perform to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. A. Sniff network traffic to the failing machine. B. Seize all computers and transfer them to the Forensic lab. C. Look for unusual traffic on Internet connections and network segments. D. Look for core files or crash dumps on the affected systems. Answer: A,C,D (LEAVE A REPLY) NEW QUESTION: 24 Which two technologies should research groups use for secure VPN access while traveling? (Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two. A. PPTP B. SSL C. Smart cards D. Kerberos authentication E. Encrypting File System (EFS) Answer: A,C (LEAVE A REPLY) NEW QUESTION: 25 A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated? A. Security law B. Trademark law C. Copyright law D. Privacy law Answer: (SHOW ANSWER) NEW QUESTION: 26 In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network? A. Stolen equipment B. Local network C. Remote dial-up network D. Remote network Answer: B (LEAVE A REPLY) NEW QUESTION: 27 Which of the following data is NOT listed as a volatile data in RFC 3227 list for Windows based system? A. Data on a hard disk B.