[Full-Version] 2021 New Exam4Tests GCFA PDF Recently Updated Questions [Q68-Q87]

[Full-Version] 2021 New Exam4Tests GCFA PDF Recently Updated Questions

GCFA Exam with Guarantee Updated 318 Questions

GIAC GCFA Exam Syllabus Topics:

Topic	Details
Topic 1	Differentiate normal and abnormal system and user activity using memory and disk resident artifacts Volatile Data Artifact Analysis of Windows Events
Topic 2	Demonstrate an understanding of Windows system artifacts and how to collect and analyze data Demonstrate an understanding of how and when to collect volatile data from a system
Topic 3	Demonstrate an understanding of abnormal activity within the structure of Windows memory Demonstrate an understanding of core structures of the Windows filesystems

 

NEW QUESTION 68
Which of the following statements about the HKEY_LOCAL_MACHINE registry hive is true?

• A. It contains the user profile for the user who is currently logged on to the computer.
• B. It contains information about the local computer system, including hardware and operating system data, such as bus type, system memory, device drivers, and startup control parameters.
• C. It contains configuration data for the current hardware profile.
• D. It contains data that associates file types with programs and configuration data for COM objects, Visual Basic programs, or other automation.

Answer: B

 

NEW QUESTION 69
Mark has been hired by a company to work as a Network Assistant. He is assigned the task to
configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

• A. SPAP
• B. MSCHAP
• C. MSCHAP V2
• D. PAP

Answer: D

 

NEW QUESTION 70
Which of the following tools are used for footprinting?
Each correct answer represents a complete solution. Choose all that apply.

• A. Traceroute
• B. Brutus
• C. Sam spade
• D. Whois

Answer: A,C,D

 

NEW QUESTION 71
You want to retrieve information whether your system is in promiscuous mode or not. Which of the following commands will you use?
Each correct answer represents a complete solution. Choose all that apply.

• A. grep Promisc /var/log/messages
• B. ifconfig | grep PROMISC
• C. ip link
• D. show promisc

Answer: A,B,C

Explanation:
Section: Volume B
Explanation/Reference:

 

NEW QUESTION 72
You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to print the super block and block the group information for the filesystem present on a system.
Which of the following Unix commands can you use to accomplish the task?

• A. dumpe2fs
• B. e2fsck
• C. dump
• D. e2label

Answer: A

Explanation:
Section: Volume C

 

NEW QUESTION 73
Which of the following directories contains administrative commands on a UNIX computer?

• A. /bin
• B. /export
• C. /usr/local
• D. /sbin

Answer: D

Explanation:
Section: Volume C

 

NEW QUESTION 74
Which of the following is the first computer virus that was used to infect the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system?

• A. I love you
• B. Brain
• C. Melissa
• D. Tequila

Answer: B

Explanation:
Section: Volume A

 

NEW QUESTION 75
You want to change the attribute of a file named ACE.TXT to Hidden. Which command line will enable you to set the attribute?

• A. ATTRIB ACE.TXT /HR
• B. ATTRIB ACE.TXT +H
• C. ATTRIB ACE.TXT /H
• D. ATTRIB ACE.TXT -H

Answer: B

 

NEW QUESTION 76
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
You are working as a root user on the Linux operating system. While performing some security investigation, you want to see the hostname and IP address from where users logged in.
Which of the following commands will you use to accomplish the task?

• A. Last
• B. Dig
• C. Netstat
• D. Nslookup

Answer: A

 

NEW QUESTION 77
Peter, an expert computer user, attached a new sound card to his computer. He then restarts the computer, so that the BIOS can scan the hardware changes. What will be the memory range of ROM that the BIOS scan for additional code to be executed for proper working of soundcard?

• A. hDF80 to hFF80
• B. hC800 to hDF80
• C. hCA79 to hAC20
• D. hAA43 to hF345

Answer: B

 

NEW QUESTION 78
Sarah has created a site on which she publishes a copyrighted material. She is ignorant that she is infringing copyright. Is she guilty under copyright laws?

• A. Yes
• B. No

Answer: A

 

NEW QUESTION 79
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He traceroutes the We-are-secure server and gets the following result:

Considering the above traceroute result, which of the following statements can be true?
Each correct answer represents a complete solution. Choose all that apply.

• A. Some router along the path is down.
• B. The IP address of the We-are-secure server is not valid.
• C. While tracerouting, John's network connection has become slow.
• D. The We-are-secure server is using a packet filtering firewall.

Answer: A,C,D

Explanation:
Section: Volume B

 

NEW QUESTION 80
Which of the following can be monitored by using the host intrusion detection system (HIDS)?
Each correct answer represents a complete solution. Choose two.

• A. File system integrity
• B. Computer performance
• C. Storage space on computers
• D. System files

Answer: A,D

 

NEW QUESTION 81
Which of the following refers to the ability to ensure that the data is not modified or tampered with?

• A. Integrity
• B. Availability
• C. Non-repudiation
• D. Confidentiality

Answer: A

Explanation:
Section: Volume C
Explanation

 

NEW QUESTION 82
Which of the following tools is used to restore deleted files from Linux and Mac OS X file system?

• A. Easy-Undelete
• B. Active@ UNERASER
• C. R-Undelete
• D. Active@ UNDELETE

Answer: A

 

NEW QUESTION 83
Which of the following statements about the HKEY_LOCAL_MACHINE registry hive is true?

• A. It contains the user profile for the user who is currently logged on to the computer.
• B. It contains information about the local computer system, including hardware and operating system data, such as bus type, system memory, device drivers, and startup control parameters.
• C. It contains configuration data for the current hardware profile.
• D. It contains data that associates file types with programs and configuration data for COM objects, Visual Basic programs, or other automation.

Answer: B

Explanation:
Section: Volume B
Explanation/Reference:

 

NEW QUESTION 84
Which of the following types of firewall functions at the Session layer of OSI model?

• A. Switch-level firewall
• B. Packet filtering firewall
• C. Circuit-level firewall
• D. Application-level firewall

Answer: C

 

NEW QUESTION 85
Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?

• A. L0phtcrack
• B. Cain
• C. Obiwan
• D. John the Ripper

Answer: B

 

NEW QUESTION 86
Which of the following statements is NOT true about FAT16 file system?
Each correct answer represents a complete solution. Choose all that apply.

• A. FAT16 does not support file-level security.
• B. FAT16 file system works well with large disks because the cluster size increases as the disk partition size increases.
• C. FAT16 file system supports file-level compression.
• D. FAT16 file system supports Linux operating system.

Answer: B,C

 

NEW QUESTION 87
......

Latest GCFA Pass Guaranteed Exam Dumps Certification Sample Questions: https://www.exam4tests.com/GCFA-valid-braindumps.html

GCFA Updated Exam Dumps [2021] Practice Valid Exam Dumps Question: https://drive.google.com/open?id=1v47FVrH2vdbU0VlN3lLBEVDiP90lDE5J