[Free] 2017(Sep) EnsurePass Testinsides GIAC GCFA Dumps with VCE and PDF 61-70

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCFA
100% Free Download! 100% Pass Guaranteed!

GIACCertified Forensics Analyst

Question No: 61 – (Topic 1)

Mark is the Administrator of a Linux computer. He wants to check the status of failed

Telnet-based login attempts on the Linux computer. Which of the following shell commands will he use to accomplish the task?

  1. GREP

  2. CP

  3. FSCK

  4. CAT

Answer: A

Question No: 62 – (Topic 1)

Which of the following modules of OS X kernel (XNU) provides the primary system program interface?

  1. BSD


  3. I/O Toolkit

  4. Mach

Answer: A

Question No: 63 – (Topic 1)

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

  1. History folder

  2. Temporary Internet Folder

  3. Download folder

  4. Cookies folder

Answer: A,B,D

Question No: 64 – (Topic 1)

Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of

Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer. After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting. for (( i = 0;ilt;11;i )); do

dd if=/dev/random of=/dev/hda amp;amp; dd if=/dev/zero of=/dev/hda done

Which of the following actions does Adam want to perform by the above command?

  1. Making a bit stream copy of the entire hard disk for later download.

  2. Deleting all log files present on the system.

  3. Wiping the contents of the hard disk with zeros.

  4. Infecting the hard disk with polymorphic virus strings.

Answer: C

Question No: 65 – (Topic 1)

Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?

  1. Wipe MASSter

  2. ImageMASSter 4002i

  3. ImageMASSter Solo-3

  4. FireWire DriveDock

Answer: C

Question No: 66 – (Topic 1)

Which of the following attacks saturates network resources and disrupts services to a specific computer?

  1. Teardrop attack

  2. Polymorphic shell code attack

  3. Denial-of-Service (DoS) attack

  4. Replay attack

Answer: C

Question No: 67 – (Topic 1)

Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

  1. Spoofing

  2. File integrity auditing

  3. Reconnaissance

  4. Shoulder surfing

Answer: B

Question No: 68 – (Topic 1)

Which of the following is the initiative of United States Department of Justice, which provides state and local law enforcement agencies the tools to prevent Internet crimes against children, and catches the distributors of child pornography on the Internet?

  1. Innocent Images National Initiative (IINI)

  2. Internet Crimes Against Children (ICAC)

  3. Project Safe Childhood (PSC)

  4. Anti-Child Porn.org (ACPO)

Answer: B

Question No: 69 – (Topic 1)

TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?

  1. Solaris

  2. Red Hat

  3. Knoppix

  4. Windows

Answer: D

Question No: 70 – (Topic 1)

Which of the following is a file management tool?

  1. Defrag


  3. Device Manager

  4. Windows Explorer

Answer: D

100% Ensurepass Free Download!
Download Free Demo:GCFA Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCFA Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.