GCFA by GIAC Actual Free Exam Questions And Answers

Question 1

Which of the following are advantages of NTFS file system over FAT32 and FAT?
Each correct answer represents a part of the solution. Choose two.

A. Support for file and folder level permissions.

B. Support for Encrypting File System (EFS).

C. Support for audio files.

D. Support for dual-booting.

Discussion 0

Correct Answer: A,B Vote an answer

Question 2

Which of the following NIST RA process steps has the goal to identify the potential threat-sources and compile a threat statement listing the potential threat-sources that are applicable to the IT system being evaluated?

A. Impact Analysis

B. Control Analysis

C. Threat Identification

D. Vulnerability Identification

Discussion 0

Correct Answer: C Vote an answer

Question 3

Nathan works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He uses Visual TimeAnalyzer software to track all computer usage by logging into individual users account or specific projects and compile detailed accounts of time spent within each program. Which of the following functions are NOT performed by Visual TimeAnalyzer?
Each correct answer represents a complete solution. Choose all that apply.

A. It records specific keystrokes and run screen captures as a background process.

B. It tracks work time, pauses, projects, costs, software, and internet usage.

C. It monitors all user data such as passwords and personal documents.

D. It gives parents control over their children's use of the personal computer.

Discussion 0

Correct Answer: A,C Vote an answer

Question 4

Maria works as a professional Ethical Hacker. She recently got a project to test the security of www.we-are-secure.com. Arrange the three pre-test phases of the attack to test the security of weare-secure.

Discussion 0

Correct Answer:

Question 5

Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?

A. Cain

B. L0phtcrack

C. John the Ripper

D. Obiwan

Discussion 0

Correct Answer: A Vote an answer

Question 6

What are the purposes of audit records on an information system?
Each correct answer represents a complete solution. Choose two.

A. Investigation

B. Upgradation

C. Backup

D. Troubleshooting

Discussion 0

Correct Answer: A,D Vote an answer

Question 7

In 2001, the Council of Europe passed a convention on cybercrime. It was the first international treaty seeking to address computer crime and Internet crimes by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. On 1 March 2006, the Additional Protocol to the Convention on Cybercrime came into force. Which of the following statements clearly describes this protocol?

A. English speaking states in Europe such as Ireland and the United Kingdom should sign the convention.

B. The convention of cybercrime is only applied within Europe.

C. It requires participating states to criminalize the dissemination of racist and xenophobic material through computer systems.

D. The convention of cybercrime should immediately be put on hold until there is an inclusion of a new or amended article.

Discussion 0

Correct Answer: C Vote an answer

Question 8

Peter works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He has been assigned with a project of investigating a disloyal employee who is accused of stealing secret data from the company and selling it to the competitor company. Peter is required to collect proper evidences and information to present before the court for prosecution. Which of the following parameters is necessary for successful prosecution of this corporate espionage?

A. To prove that the information has a value.

B. To prove that the data belongs to the company.

C. To present the evidences before the court.

D. To submit investigative report to senior officials.

Discussion 0

Correct Answer: A Vote an answer

Question 9

Convention on Cybercrime, created by the Council of Europe, is the treaty seeking to address
Computer crime and Internet crimes by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. Which of the following chapters of Convention of Cybercrime contains the provisions for mutual assistances and extradition rules related to cybercrimes?

A. Chapter I

B. Chapter IV

C. Chapter II

D. Chapter III

Discussion 0

Correct Answer: D Vote an answer

Question 10

Which of the following statements are NOT true about volume boot record or Master Boot Record?
Each correct answer represents a complete solution. Choose all that apply.

A. Four 16 bytes master partition records are present in MBR.

B. The actual program can be 512 bytes long.

C. Volume boot sector is present at cylinder 0, head 0, and sector 1 of the default boot drive.

D. The end of MBR marker is h55CC.

Discussion 0

Correct Answer: B,D Vote an answer

Question 11

Which of the following registry hives stores configuration information specific to a particular user who is currently logged on to the computer?

A. HKEY_LOCAL_MACHINE

B. HKEY_USERS

C. HKEY_CURRENT_USER

D. HKEY_CLASSES_ROOT

Discussion 0

Correct Answer: C Vote an answer

Question 12

You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

A. Web server logs

B. System logs

C. Event logs

D. Program logs

Discussion 0

Correct Answer: B,C,D Vote an answer

Question 13

Which of the following are the benefits of information classification for an organization?
Each correct answer represents a complete solution. Choose two.

A. It ensures that modifications are not made to data by unauthorized personnel or processes.

B. It helps identify which protections apply to which information.

C. It helps identify which information is the most sensitive or vital to an organization.

D. It helps reduce the Total Cost of Ownership (TCO).

Discussion 0

Correct Answer: B,C Vote an answer

GIAC Certified Forensics Analyst - GCFA Exam Practice Test

Contact Us

Useful Links

Latest Updated