New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Dumpsbuddy Logo
  1. Home
  2. GIAC
  3. Security Certification: GASF
  4. GCED
  5. GIAC Certified Enterprise Defender Questions and Answers

GCED GIAC Certified Enterprise Defender Questions and Answers

Questions 4

On which layer of the OSI Reference Model does the FWSnort utility function?

Options:

A.

Physical Layer

B.

Data Link Layer

C.

Transport Layer

D.

Session Layer

E.

Application Layer

Buy Now
Questions 5

Which of the following is an SNMPv3 security feature that was not provided by earlier versions of the protocol?

Options:

A.

Authentication based on RSA key pairs

B.

The ability to change default community strings

C.

AES encryption for SNMP network traffic

D.

The ability to send SNMP traffic over TCP ports

Buy Now
Questions 6

Which of the following would be used in order to restrict software form performing unauthorized operations, such as invalid access to memory or invalid calls to system access?

Options:

A.

Perimeter Control

B.

User Control

C.

Application Control

D.

Protocol Control

E.

Network Control

Buy Now
Questions 7

Why would an incident handler acquire memory on a system being investigated?

Options:

A.

To determine whether a malicious DLL has been injected into an application

B.

To identify whether a program is set to auto-run through a registry hook

C.

To list which services are installed on they system

D.

To verify which user accounts have root or admin privileges on the system

Buy Now
Questions 8

Which of the following is a major problem that attackers often encounter when attempting to develop or use a kernel mode rootkit?

Options:

A.

Their effectiveness depends on the specific applications used on the target system.

B.

They tend to corrupt the kernel of the target system, causing it to crash.

C.

They are unstable and are easy to identify after installation

D.

They are highly dependent on the target OS.

Buy Now
Questions 9

If a Cisco router is configured with the “service config” configuration statement, which of the following tools could be used by an attacker to apply a new router configuration?

Options:

A.

TFTPD

B.

Hydra

C.

Ettercap

D.

Yersinia

Buy Now
Questions 10

What would be the output of the following Google search?

filetype:doc inurl:ws_ftp

Options:

A.

Websites running ws_ftp that allow anonymous logins

B.

Documents available on the ws_ftp.com domain

C.

Websites hosting the ws_ftp installation program

D.

Documents found on sites with ws_ftp in the web address

Buy Now
Questions 11

The matrix in the screen shot below would be created during which process?

Options:

A.

Risk Assessment

B.

System Hardening

C.

Data Classification

D.

Vulnerability Scanning

Buy Now
Questions 12

What are Browser Helper Objects (BHO)s used for?

Options:

A.

To provide multi-factor authentication support for Firefox

B.

To provide a more feature-rich interface for Internet Explorer

C.

To allow Internet Explorer to process multi-part URLs

D.

To allow Firefox to process JavaScript in a sandbox

Buy Now
Questions 13

A compromised router is reconfigured by an attacker to redirect SMTP email traffic to the attacker’s server before sending packets on to their intended destinations. Which IP header value would help expose anomalies in the path outbound SMTP/Port 25 traffic takes compared to outbound packets sent to other ports?

Options:

A.

Checksum

B.

Acknowledgement number

C.

Time to live

D.

Fragment offset

Buy Now
Exam Code: GCED
Exam Name: GIAC Certified Enterprise Defender
Last Update: Dec 22, 2024
Questions: 88

PDF + Testing Engine

$134.99
buy now GCED pdf + testing engine

Testing Engine

$99.99
buy now GCED testing engine

PDF (Q&A)

$84.99
buy now GCED pdf