Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCFA - GIACCertified Forensics Analyst

GIAC GCFA Premium Access     Download Demo    
Page: 3 / 10
Total 318 questions

Adam works as a professional Penetration tester. A project has been assigned to him to employ penetration testing on the network of Umbrella Inc. He is running the test from home and had downloaded every security scanner from the Internet. Despite knowing the IP range of all of the systems, and the exact network configuration, Adam is unable to get any useful results.

Which of the following is the most like cause of this problem?

Each correct answer represents a complete solution. Choose all that apply.

A.

Security scanners are only as smart as their database and cannot find unpublished vulnerabilities.

B.

Security scanners cannot perform vulnerability linkage.

C.

Security scanners are smart as their database and can find unpublished vulnerabilities.

D.

Security scanners are not designed to do testing through a firewall.

Nathan works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He uses Visual TimeAnalyzer software to track all computer usage by logging into individual users account or specific projects and compile detailed accounts of time spent within each program. Which of the following functions are NOT performed by Visual TimeAnalyzer?

Each correct answer represents a complete solution. Choose all that apply.

A.

It monitors all user data such as passwords and personal documents.

B.

It gives parents control over their children's use of the personal computer.

C.

It tracks work time, pauses, projects, costs, software, and internet usage.

D.

It records specific keystrokes and run screen captures as a background process.

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

A.

Digital certificates

B.

Public key

C.

RSA

D.

Twofish

Mark works as a security manager for SofTech Inc. He is using a technique for monitoring what the employees are doing with corporate resources. Which of the following techniques is being used by Mark to gather evidence of an ongoing computer crime if a member of the staff is e-mailing company's secrets to an opponent?

A.

Electronic surveillance

B.

Civil investigation

C.

Physical surveillance

D.

Criminal investigation

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to allow direct access to the filesystems data structure. Which of the following Unix commands can you use to accomplish the task?

A.

du

B.

debugfs

C.

df

D.

dosfsck

Adam works as a professional Computer Hacking Forensic Investigator with the local police of his area. A project has been assigned to him to investigate a PDA seized from a local drug dealer. It is expected that many valuable and important information are stored in this PDA. Adam follows investigative methods, which are required to perform in a pre-defined sequential manner for the successful forensic investigation of the PDA. Which of the following is the correct order to perform forensic investigation of PDA?

A.

Identification, Collection, Examination, Documentation

B.

Examination, Collection, Identification, Documentation

C.

Documentation, Examination, Identification, Collection

D.

Examination, Identification, Collection, Documentation

Which of the following is a name, symbol, or slogan with which a product is identified?

A.

Trade secret

B.

Patent

C.

Copyright

D.

Trademark

Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?

A.

Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces

B.

Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps

C.

Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system

D.

Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces

Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized from a student of the high school. It is suspected that the explicit child pornography contents are stored in the iPod. Adam wants to investigate the iPod extensively. Which of the following operating systems will Adam use to carry out his investigations in more extensive and elaborate manner?

A.

Linux

B.

MINIX 3

C.

Windows XP

D.

Mac OS

Which of the following prevents malicious programs from attacking a system?

A.

Anti-virus program

B.

Smart cards

C.

Biometric devices

D.

Firewall