Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: clap70

GCED GIAC Certified Enterprise Defender Questions and Answers

Questions 4

Following a Digital Forensics investigation, which of the following should be included in the final forensics report?

Options:

A.

An executive summary that includes a list of all forensic procedures performed.

B.

A summary of the verified facts of the incident and the analyst’s unverified opinions.

C.

A summary of the incident and recommended disciplinary actions to apply internally.

D.

An executive summary that includes high level descriptions of the overall findings.

Buy Now
Questions 5

Which tasks would a First Responder perform during the Identification phase of Incident Response?

Options:

A.

Verify the root cause of the incident and apply any missing security patches.

B.

Install or reenable host-based firewalls and anti-virus software on suspected systems.

C.

Search for sources of data and information that may be valuable in confirming and containing an incident.

D.

Disconnect network communications and search for malicious executables or processes.

Buy Now
Questions 6

Requiring criminal and financial background checks for new employees is an example of what type of security control?

Options:

A.

Detective Support Control

B.

Detective Operational Control

C.

Detective Technical Control

D.

Detective Management Control

Buy Now
Questions 7

A company wants to allow only company-issued devices to attach to the wired and wireless networks. Additionally, devices that are not up-to-date with OS patches need to be isolated from the rest of the network until they are updated. Which technology standards or protocols would meet these requirements?

Options:

A.

802.1x and Network Access Control

B.

Kerberos and Network Access Control

C.

LDAP and Authentication, Authorization and Accounting (AAA)

D.

802.11i and Authentication, Authorization and Accounting (AAA)

Buy Now
Questions 8

Which of the following is an SNMPv3 security feature that was not provided by earlier versions of the protocol?

Options:

A.

Authentication based on RSA key pairs

B.

The ability to change default community strings

C.

AES encryption for SNMP network traffic

D.

The ability to send SNMP traffic over TCP ports

Buy Now
Questions 9

Of the following pieces of digital evidence, which would be collected FIRST from a live system involved in an incident?

Options:

A.

Event logs from a central repository

B.

Directory listing of system files

C.

Media in the CDrom drive

D.

Swap space and page files

Buy Now
Questions 10

Analyze the screenshot below. Which of the following attacks can be mitigated by these configuration settings?

Options:

A.

A Denial-of-Service attack using network broadcasts

B.

A Replay attack

C.

An IP masquerading attack

D.

A MAC Flood attack

Buy Now
Questions 11

An analyst wants to see a grouping of images that may be contained in a pcap file. Which tool natively meets this need?

Options:

A.

Scapy

B.

NetworkMiner

C.

TCPReplay

D.

Wireshark

Buy Now
Questions 12

Requiring background checks for employees who access protected data is an example of which type of data loss control?

Options:

A.

Mitigation

B.

Prevention

C.

Monitoring

D.

Identification

Buy Now
Questions 13

From a security perspective, how should the Root Bridge be determined in a Spanning Tree Protocol (STP) environment?

Options:

A.

Manually selected and defined by the network architect or engineer.

B.

Defined by selecting the highest Bridge ID to be the root bridge.

C.

Automatically selected by the Spanning Tree Protocol (STP).

D.

All switch interfaces become root bridges in an STP environment.

Buy Now
Exam Code: GCED
Exam Name: GIAC Certified Enterprise Defender
Last Update: Nov 23, 2024
Questions: 88
GCED pdf

GCED PDF

$25.5  $84.99
 Add to Cart
GCED Engine

GCED Testing Engine

$30  $99.99
 Add to Cart
GCED PDF + Engine

GCED PDF + Testing Engine

$40.5  $134.99
 Add to Cart