1. Home
  2. GIAC
  3. GCED

GIAC Certified Enterprise Defender Practice Test

Exam Details

  • Exam Code
    :GCED
  • Exam Name
    :GIAC Certified Enterprise Defender Practice Test
  • Certification
    :GIAC Information Security
  • Vendor
    :GIAC
  • Total Questions
    :88 Q&As
  • Last Updated
    :Apr 23, 2024

GIAC GIAC Information Security GCED Questions & Answers

  • Question 1:

    What would be the output of the following Google search? filetype:doc inurl:ws_ftp

    A. Websites running ws_ftp that allow anonymous logins

    B. Documents available on the ws_ftp.com domain

    C. Websites hosting the ws_ftp installation program

    D. Documents found on sites with ws_ftp in the web address

  • Question 2:

    What is the BEST sequence of steps to remove a bot from a system?

    A. Terminate the process, remove autoloading traces, delete any malicious files

    B. Delete any malicious files, remove autoloading traces, terminate the process

    C. Remove autoloading traces, delete any malicious files, terminate the process

    D. Delete any malicious files, terminate the process, remove autoloading traces

  • Question 3:

    Which of the following is an SNMPv3 security feature that was not provided by earlier versions of the protocol?

    A. Authentication based on RSA key pairs

    B. The ability to change default community strings

    C. AES encryption for SNMP network traffic

    D. The ability to send SNMP traffic over TCP ports

  • Question 4:

    Which of the following is a major problem that attackers often encounter when attempting to develop or use a kernel mode rootkit?

    A. Their effectiveness depends on the specific applications used on the target system.

    B. They tend to corrupt the kernel of the target system, causing it to crash.

    C. They are unstable and are easy to identify after installation

    D. They are highly dependent on the target OS.

  • Question 5:

    What would the output of the following command help an incident handler determine? cscript manage-bde . wsf –status

    A. Whether scripts can be run from the command line

    B. Which processes are running on the system

    C. When the most recent system reboot occurred

    D. Whether the drive has encryption enabled

  • Question 6:

    What information would the Wireshark filter in the screenshot list within the display window?

    A. Only HTTP traffic to or from IP address 192.168.1.12 that is also destined for port 80

    B. Only traffic to or from IP address 192.168.1.12 and destined for port 80 C. Only traffic with a source address of 192.168.1.12 to or from port 80

    D. Only traffic with a destination address of 192.168.1.12 to or from port 80

  • Question 7:

    What are Browser Helper Objects (BHO)s used for?

    A. To provide multi-factor authentication support for Firefox

    B. To provide a more feature-rich interface for Internet Explorer

    C. To allow Internet Explorer to process multi-part URLs

    D. To allow Firefox to process JavaScript in a sandbox

  • Question 8:

    What is needed to be able to use taskkill to end a process on remote system?

    A. Svchost.exe running on the remote system

    B. Domain login credentials

    C. Port 445 open

    D. Windows 7 or higher on both systems

  • Question 9:

    A compromised router is reconfigured by an attacker to redirect SMTP email traffic to the attacker's server before sending packets on to their intended destinations. Which IP header value would help expose anomalies in the path outbound SMTP/Port 25 traffic takes compared to outbound packets sent to other ports?

    A. Checksum

    B. Acknowledgement number

    C. Time to live

    D. Fragment offset

  • Question 10:

    Which tool keeps a backup of all deleted items, so that they can be restored later if need be?

    A. ListDLLs

    B. Yersinia

    C. Ettercap

    D. ProcessExplorer

    E. Hijack This

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GCED exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.