GIACCertified Forensics Analyst
Question No: 201 – (Topic 3)
You use the FAT16 file system on your Windows 98 computer. You want to upgrade to the FAT32 file system. What is the advantage of the FAT32 file system over FAT16 file system?
Each correct answer represents a complete solution. Choose two.
It allocates disk space more efficiently.
On startup failure, you can start the computer by using an MS-DOS or Windows 95 bootable floppy disk.
It uses larger cluster sizes.
It supports drives up to 2 terabytes (TB) in size.
Question No: 202 – (Topic 3)
You work as a Network Administrator for Blue Well Inc. Your company#39;s network has a Windows 2000 server with the FAT file system. This server stores sensitive data. You want to encrypt this data to protect it from unauthorized access. You also have to accomplish the following goals:
Data should be encrypted and secure. Administrative effort should be minimum.
You should have the ability to recover encrypted files in case the file owner leaves the company.
Other permissions on encrypted files should be unaffected. File-level security is required on the disk where data is stored.
Encryption or decryption of files should not be the responsibility of the file owner. You take the following steps to accomplish these goals:
Convert the FAT file system to NTFS file system. Use third-party data encryption software.
What will happen after taking these steps?
Each correct answer represents a complete solution. Choose all that apply.
File-level security will be available on the disk where data is stored.
Data will be encrypted and secure.
Encryption or decryption of files will no longer be the responsibility of the file owner.
Other permissions on encrypted files will remain unaffected.
Administrative effort will be minimum.
Question No: 203 – (Topic 3)
John works as a Network Administrator for DigiNet Inc. He wants to investigate failed logon attempts to a network. He uses Log Parser to detail out the failed logons over a specific time frame. He uses the following commands and query to list all failed logons on a specific date:
logparser.exe file:FailedLogons.sql -i:EVT -o:datagrid SELECT
timegenerated AS LogonTime, extract_token(strings, 0, #39;|#39;) AS UserName FROM Security
WHERE EventID IN (529; 530;
AND to_string(timegenerated,#39;yyyy-MM-dd HH:mm:ss#39;) like #39;2004-09%#39;
After investigation, John concludes that two logon attempts were made by using an expired account.
Which of the following EventID refers to this failed logon?
Question No: 204 – (Topic 3)
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following
techniques is he using to accomplish his task?
TCP FTP proxy scanning
Question No: 205 – (Topic 3)
Which of the following file attributes are not available on a FAT32 partition? Each correct answer represents a complete solution. Choose two.
Question No: 206 – (Topic 3)
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?
Question No: 207 – (Topic 3)
Which of the following types of virus makes changes to a file system of a disk?
Master boot record virus
Question No: 208 – (Topic 3)
Which of the following Acts enacted in United States amends Civil Rights Act of 1964, providing technical changes affecting the length of time allowed to challenge unlawful seniority provisions, to sue the federal government for discrimination and to bring age discrimination claims?
Sexual Predators Act
Civil Rights Act of 1991
The USA Patriot Act of 2001
Question No: 209 – (Topic 3)
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux- based network. You are working as a root user on the Linux operating system. While performing some security investigation, you want to see the hostname and IP address from where users logged in.
Which of the following commands will you use to accomplish the task?
Question No: 210 – (Topic 3)
Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.
Encrypting File System (EFS)
Encrypted Data Transmissions