Curious about Actual GIAC Cyber Defense (GCED) Exam Questions?
Here are sample GIAC Certified Enterprise Defender (GCED) Exam questions from real exam. You can get more GIAC Cyber Defense (GCED) Exam premium practice questions at TestInsights.
Which command is the Best choice for creating a forensic backup of a Linux system?
Correct : D
Using dd from a bootable CD is the only forensically sound method of creating an image. Using tar does not capture slack space on the disk. Running any command from a compromised operating system will raise integrity issues.
Start a Discussions
Which of the following would be included in a router configuration standard?
Correct : B
Start a Discussions
Requiring criminal and financial background checks for new employees is an example of what type of security control?
Correct : D
Management Controls include: Policies, guidelines, checklists, and reporting.
Detective management controls include personnel security. As a detective control, we are referring to indepth background investigations, clearances, and rotation of duties.
Start a Discussions
You are responding to an incident involving a Windows server on your company's network. During the investigation you notice that the system downloaded and installed two files, iexplorer.exe and iexplorer.sys. Based on the behavior of the system you suspect that these files are part of a rootkit. If this is the case what is the likely purpose of the .sys file?
Correct : C
Start a Discussions
A compromised router is reconfigured by an attacker to redirect SMTP email traffic to the attacker's server before sending packets on to their intended destinations. Which IP header value would help expose anomalies in the path outbound SMTP/Port 25 traffic takes compared to outbound packets sent to other ports?
Correct : C
In a case study of a redirect tunnel set up on a router, some anomalies were noticed while watching network traffic with the TCPdump packet sniffer.
Packets going to port 25 (Simple Mail Transfer Protocol [SMTP] used by mail servers and other Mail Transfer Agents [MTAs] to send and receive e-mail) were apparently taking a different network path. The TLs were consistently three less than other destination ports, indicating another three network hops were taken.
Other IP header values listed, such as fragment offset. The acknowledgement number is a TCP, not IP, header field.
Start a Discussions
Total 88 questions