Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCFA - GIACCertified Forensics Analyst

GIAC GCFA Premium Access     Download Demo    
Page: 9 / 10
Total 318 questions

Which utility enables you to access files from a Windows .CAB file?

A.

ACCESS.EXE

B.

WINZIP.EXE

C.

XCOPY.EXE

D.

EXTRACT.EXE

Which of the following command line tools are available in Helix Live acquisition tool on Windows?

Each correct answer represents a complete solution. Choose all that apply.

A.

.cab extractors

B.

ipconfig

C.

netstat

D.

whois

Which of the following provides high availability of data?

A.

RAID

B.

Anti-virus software

C.

EFS

D.

Backup

Adam works as a Computer Hacking Forensic Investigator. He has been assigned a project to

investigate child pornography. As the first step, Adam found that the accused is using a Peer-to-peer application to network different computers together over the internet and sharing pornographic materials of children with others. Which of the following are Peer-to-Peer applications?

Each correct answer represents a complete solution. Choose all that apply.

A.

Gnutella

B.

Kismet

C.

Hamachi

D.

Freenet

An attacker attempts to gain information about a network by specifically targeting the network resources and applications running on a computer. This method for gaining information is known as ______.

A.

Notification

B.

Scanning

C.

Enumeration

D.

Sensor

E.

Footprinting

F.

Passive response

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are-secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?

Each correct answer represents a complete solution. Choose all that apply.

A.

The mutation engine of the virus is generating a new encrypted code.

B.

The virus, used by John, is not in the database of the antivirus program installed on the server.

C.

John has created a new virus.

D.

John has changed the signature of the virus.

In 2001, the Council of Europe passed a convention on cybercrime. It was the first international treaty seeking to address computer crime and Internet crimes by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. On 1 March 2006, the Additional Protocol to the Convention on Cybercrime came into force. Which of the following statements clearly describes this protocol?

A.

The convention of cybercrime is only applied within Europe.

B.

It requires participating states to criminalize the dissemination of racist and xenophobic material through computer systems.

C.

The convention of cybercrime should immediately be put on hold until there is an inclusion of a new or amended article.

D.

English speaking states in Europe such as Ireland and the United Kingdom should sign the convention.

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate and examine drive image of a compromised system, which is suspected to be used in cyber crime. Adam uses Forensic Sorter to sort the contents of hard drive in different categories. Which of the following type of image formats is NOT supported by Forensic Sorter?

A.

PFR image file

B.

iso image file

C.

RAW image file

D.

EnCase image file

Which of the following is described in the following statement?

"It is a 512 bytes long boot sector that is the first sector of a default boot drive. It is also known as Volume Boot Sector, if the boot drive is un-partitioned. "

A.

BIOS

B.

SBR

C.

POST

D.

MBR

Mark works as a Network administrator for SecureEnet Inc. His system runs on Mac OS X. He wants to boot his system from the Network Interface Controller (NIC). Which of the following snag keys will Mark use to perform the required function?

A.

N

B.

D

C.

C

D.

Z