New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

GCED GIAC Certified Enterprise Defender Questions and Answers

Questions 4

A company estimates a loss of $2,374 per hour in sales if their website goes down. Their webserver hosting site’s documented downtime was 7 hours each quarter over the last two years. Using the information, what can the analyst determine?

Options:

A.

Annualized loss expectancy

B.

CVSS risk score

C.

Total cost of ownership

D.

Qualitative risk posture

Buy Now
Questions 5

To detect worms and viruses buried deep within a network packet payload, Gigabytes worth of traffic content entering and exiting a network must be checked with which of the following technologies?

Options:

A.

Proxy matching

B.

Signature matching

C.

Packet matching

D.

Irregular expression matching

E.

Object matching

Buy Now
Questions 6

Which of the following is an operational security control that is used as a prevention mechanism?

Options:

A.

Labeling of assets

B.

Heat detectors

C.

Vibration alarms

D.

Voltage regulators

Buy Now
Questions 7

Which of the following would be included in a router configuration standard?

Options:

A.

Names of employees with access rights

B.

Access list naming conventions

C.

Most recent audit results

D.

Passwords for management access

Buy Now
Questions 8

Why would an incident handler acquire memory on a system being investigated?

Options:

A.

To determine whether a malicious DLL has been injected into an application

B.

To identify whether a program is set to auto-run through a registry hook

C.

To list which services are installed on they system

D.

To verify which user accounts have root or admin privileges on the system

Buy Now
Questions 9

Who is ultimately responsible for approving methods and controls that will reduce any potential risk to an organization?

Options:

A.

Senior Management

B.

Data Owner

C.

Data Custodian

D.

Security Auditor

Buy Now
Questions 10

Requiring background checks for employees who access protected data is an example of which type of data loss control?

Options:

A.

Mitigation

B.

Prevention

C.

Monitoring

D.

Identification

Buy Now
Questions 11

At the start of an investigation on a Windows system, the lead handler executes the following commands after inserting a USB drive. What is the purpose of this command? C:\ >dir / s / a dhsra d: \ > a: \ IRCD.txt

Options:

A.

To create a file on the USB drive that contains a listing of the C: drive

B.

To show hidden and archived files on the C: drive and copy them to the USB drive

C.

To copy a forensic image of the local C: drive onto the USB drive

D.

To compare a list of known good hashes on the USB drive to files on the local C: drive

Buy Now
Questions 12

A company classifies data using document footers, labeling each file with security labels “Public”, “Pattern”, or “Company Proprietary”. A new policy forbids sending “Company Proprietary” files via email. Which control could help security analysis identify breaches of this policy?

Options:

A.

Monitoring failed authentications on a central logging device

B.

Enforcing TLS encryption for outbound email with attachments

C.

Blocking email attachments that match the hashes of the company’s classification templates

D.

Running custom keyword scans on outbound SMTP traffic from the mail server

Buy Now
Questions 13

Network administrators are often hesitant to patch the operating systems on CISCO router and switch operating systems, due to the possibility of causing network instability, mainly because of which of the following?

Options:

A.

Having to rebuild all ACLs

B.

Having to replace the kernel

C.

Having to re-IP the device

D.

Having to rebuild ARP tables

E.

Having to rebuild the routing tables

Buy Now
Exam Code: GCED
Exam Name: GIAC Certified Enterprise Defender
Last Update: Dec 27, 2024
Questions: 88
GCED pdf

GCED PDF

$25.5  $84.99
GCED Engine

GCED Testing Engine

$30  $99.99
GCED PDF + Engine

GCED PDF + Testing Engine

$40.5  $134.99