[Free] 2017(Sep) EnsurePass Testinsides GIAC GCFA Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCFA
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCFA.html

GIACCertified Forensics Analyst

Question No: 21 – (Topic 1)

You work as a Network Administrator for Perfect Solutions Inc. You install Windows 98 on a computer. By default, which of the following folders does Windows 98 setup use to keep the registry tools?

  1. $SYSTEMROOT$REGISTRY

  2. $SYSTEMROOT$WINDOWS

  3. $SYSTEMROOT$WINDOWSREGISTRY

  4. $SYSTEMROOT$WINDOWSSYSTEM32

Answer: B

Question No: 22 – (Topic 1)

Adam works as a Security Administrator for Umbrella Inc. He is responsible for securing all 15 servers of the company. To successfully accomplish the task, he enables the hardware

and software firewalls and disables all unnecessary services on all the servers. Sales manager of the company asks Adam to run emulation software on one of the servers that requires the telnet service to function properly. Adam is concerned about the security of the server, as telnet can be a very large security risk in an organization. Adam decides to perform some footprinting, scanning, and penetration testing on the server to checkon the server to check the security. Adam telnets into the server and writes the following command:

HEAD / HTTP/1.0

After pressing enter twice, Adam gets the following results:

Ensurepass 2017 PDF and VCE

Which of the following tasks has Adam just accomplished?

  1. Poisoned the local DNS cache of the server.

  2. Submitted a remote command to crash the server.

  3. Grabbed the banner.

  4. Downloaded a file to his local computer.

Answer: C

Question No: 23 – (Topic 1)

Adam works as a professional Computer Hacking Forensic Investigator. He has been assigned with the project of investigating an iPod, which is suspected to contain some explicit material. Adam wants to connect the compromised iPod to his system, which is running on Windows XP (SP2) operating system. He doubts that connecting the iPod with his computer may change some evidences and settings in the iPod. He wants to set the iPod to read-only mode. This can be done by changing the registry key within the Windows XP (SP2) operating system. Which of the following registry keys will Adam change to accomplish the task?

  1. HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\StorageDevicePolicies

  2. HKEY_LOCAL_MACHINE\CurrentControlset\Control\StorageDevicePolicies

  3. HKEY_LOCAL_MACHINE\System\CurrentControlset\StorageDevicePolicies

  4. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion

Answer: A

Question No: 24 – (Topic 1)

Which of the following is a name, symbol, or slogan with which a product is identified?

  1. Trade secret

  2. Patent

  3. Copyright

  4. Trademark

Answer: D

Question No: 25 – (Topic 1)

Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen. Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the

network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.

Which of the following steps of the incident handling process is being performed by Adam?

  1. Recovery

  2. Eradication

  3. Identification

  4. Containment

Answer: D

Question No: 26 – (Topic 1)

You company suspects an employee of sending unauthorized emails to competitors. These emails are alleged to contain confidential company data. Which of the following is the most important step for you to take in preserving the chain of custody?

  1. Preserve the email server including all logs.

  2. Make copies of that employee#39;s email.

  3. Seize the employee#39;s PC.

  4. Place spyware on the employee#39;s PC to confirm these activities.

Answer: A

Question No: 27 – (Topic 1)

An executive in your company reports odd behavior on her PDA. After investigation you discover that a trusted device is actually copying data off the PDA. The executive tells you that the behavior started shortly after accepting an e-business card from an unknown person. What type of attack is this?

  1. Session Hijacking

  2. Bluesnarfing

  3. PDA Hijacking

  4. Privilege Escalation

Answer: B

Question No: 28 – (Topic 1)

You work as a Network Administrator for uCertify Inc. You want to edit the MSDOS.SYS file, in your computer, from the DOS prompt. You are unable to find the file. What is the most likely cause?

  1. It is a read-only file.

  2. It is a built-in command in the COMMAND.COM file.

  3. Someone has deleted the file.

  4. It is a hidden file.

Answer: D

Question No: 29 – (Topic 1)

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him by the chief security officer of a cloth manufacturing company who suspects that one of the employees is selling the design of the clothes outside the company. The security officer asked Adam to investigate the iPhone of the employee, as he suspects that there might be some sensitive information stored in his iPhone. On investigation Adam found out that the employee tries to destroy the evidence on his iPhone. He presses and holds the Home and Power buttons until the device is forced into recovery mode. Which of the following actions occurred when iPhone is set into recovery mode?

  1. iPhone will be prevented from booting temporarily.

  2. The file system will be destroyed.

  3. Nothing will happen.

  4. Data will be destroyed.

Answer: A

Question No: 30 – (Topic 1)

Sandra, a novice computer user, works on Windows environment. She experiences some problem regarding bad sectors formed in a hard disk of her computer. She wants to run CHKDSK command to check the hard disk for bad sectors and to fix the errors, if any, occurred. Which of the following switches will she use with CHKDSK command to accomplish the task?

  1. CHKDSK /I

  2. CHKDSK /C /L

  3. CHKDSK /V /X

  4. CHKDSK /R /F

Answer: D

100% Ensurepass Free Download!
Download Free Demo:GCFA Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCFA Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.