PDF (New 2023) Actual GIAC GCFA Exam Questions [Q13-Q32]

4/5 - (1 vote)

PDF (New 2023) Actual GIAC GCFA Exam Questions

Dumps Moneyack Guarantee – GCFA Dumps UpTo 90% Off

The benefit in Obtaining the GCFA Exam Certification

  • Community awareness: GCFA-certified professionals actively strengthen the forensic community by encouraging members to participate in the popular GCFA computer forensics blog, which has led to the publication of more than 356 articles in the last two years.
  • Unique: GCFA is the largest neutral digital forensic certification in the market with more than 2,150 certified analysts. The Global Information Assurance Certification Forensic Analyst (GCFA) is also the only ANSI / 17024 accredited digital forensic certification offer. Together, this makes the GCFA a unique and desired certification among community professionals.
  • Skills: GCFAs can conduct investigations that regular auditors cannot resolve. Using techniques such as memory and log analysis, GCFA experts can answer questions that, several years ago, were believed to have no answer.
  • Legal: GCFA is the only neutral supplier certification that verifies the basic technical concepts and key legal knowledge required in the United States and the European Union.

 

Q13. Sam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a compromised system, which runs on Linux operating system. Sam wants to investigate and review local software, system libraries, and other application installed on the system.
Which of the following directories in Linux will he review to accomplish the task?

 
 
 
 

Q14. You are responsible for all computer security at your company. This includes initial investigation into alleged unauthorized activity. Which of the following are possible results of improperly gathering forensic evidence in an alleged computer crime by an employee?
Each correct answer represents a complete solution. Choose three.

 
 
 
 

Q15. John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

 
 
 
 

Q16. Which of the following sections of United States Economic Espionage Act of 1996 criminalizes the misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate commerce, with the knowledge or intent that the misappropriation will injure the owner of the trade secret?

 
 
 
 

Q17. Which of the following file systems cannot be used to install an operating system on the hard disk drive?
Each correct answer represents a complete solution. Choose two.

 
 
 
 
 

Q18. Which of the following file systems supports the hot fixing feature?

 
 
 
 

Q19. Which of the following is a password-cracking program?

 
 
 
 

Q20. Which of the following is the initiative of United States Department of Justice, which provides state and local law enforcement agencies the tools to prevent Internet crimes against children, and catches the distributors of child pornography on the Internet?

 
 
 
 

Q21. This type of virus infects programs that can execute and load into memory to perform predefined steps for infecting systems. It infects files with the extensions .EXE, .COM, .BIN, and .SYS. As it can replicate or destroy these types of files, the operating system becomes corrupted and needs reinstallation. This type of virus is known as __________.

 
 
 
 
 

Q22. You work as a Network Administrator for NetTech Inc. The company’s network is connected to the Internet.
For security, you want to restrict unauthorized access to the network with minimum administrative effort.
You want to implement a hardware-based solution. What will you do to accomplish this?

 
 
 
 

Q23. Normally, RAM is used for temporary storage of data. But sometimes RAM data is stored in the hard disk, what is this method called?

 
 
 
 

Q24. Which of the following statements about the HKEY_LOCAL_MACHINE registry hive is true?

 
 
 
 

Q25. Nathan works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He uses Visual TimeAnalyzer software to track all computer usage by logging into individual users account or specific projects and compile detailed accounts of time spent within each program. Which of the following functions are NOT performed by Visual TimeAnalyzer?
Each correct answer represents a complete solution. Choose all that apply.

 
 
 
 

Q26. John works as a contract Ethical Hacker. He has recently got a project to do security checking for www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server in the information gathering step. Which of the following commands will he use to accomplish the task?
Each correct answer represents a complete solution. Choose two.

 
 
 
 

Q27. You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

 
 
 
 

Q28. Which of the following needs to be documented to preserve evidences for presentation in court?

 
 
 
 

Q29. John, a novice web user, makes a new E-mail account and keeps his password as “apple”, his favorite fruit. John’s password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

 
 
 
 

Q30. You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to fix partitions on a hard drive. Which of the following Unix commands can you use to accomplish the task?

 
 
 
 

Q31. Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized from a student of the high school. It is suspected that the explicit child pornography contents are stored in the iPod. Adam wants to investigate the iPod extensively. Which of the following operating systems will Adam use to carry out his investigations in more extensive and elaborate manner?

 
 
 
 

Q32. Which of the following file systems supports the hot fixing feature?

 
 
 
 

Updated Jan-2023 Pass GCFA Exam – Real Practice Test Questions: https://www.examslabs.com/GIAC/GIAC-Information-Security/best-GCFA-exam-dumps.html