GIAC Foundational Cybersecurity Technologies (GFACT)
What does it mean when a computer program is "multi-
threaded"?
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program -
CORRECT ANSWER >>>>It can run multiple chunks of
code concurrently
Which of the following is a common result of a reflected
cross-site scripting attack?
,2|Page
A)Tricking a user into making an authenticated
transaction
B)Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application
source code
D) Stealing password hashes from a website's back end
database
*HINT* It may be under the session guessing section, but
if you read further into it, you will see where it mentions
XSS attack. - CORRECT ANSWER >>>>Sending a website
user's session cookie to an attacker
What tool can be used to fingerprint the operating
system of a host?
What type of vulnerability is illustrated where there is
code in the web page?
A)File Inclusion
B) Clickjacking
,3|Page
C)Cross-Site Scripting
D) SQL injection
*HINT* While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a page
that looks like PHP code and how that code can gain you
access to the access logs of the server. - CORRECT
ANSWER >>>>File Inclusion
An alert indicates that a compromised host was used by
an attacker to run the command below. What was the
attacker attempting to do?
$ nmap -sS 192.168.10.0/24
A)Map a network drive to a remote host
B)Identify services running on network hosts
C)Execute a script on a remote host
D)Send Spoofed packets to network hosts - CORRECT
ANSWER >>>>Identify services running on network hosts
What type of artifact can a blue team member use to
identify the name that is associated to the file?
What is
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\C
urrentVersion\Run considered to be?
A)Domain Name
B)Log File Path
C) Registry Key
D) Yo Mama's Number - CORRECT ANSWER >>>>A
Registry Key
If a user agent is used, where would it be found in the
HTTP Protocol?
A)In the response header
B)In the response body
C)Delimited by an h1 tag
D) In a GET Request - CORRECT ANSWER >>>>In a GET
Request
What benefit does moving from local logging to using a
log server provide organizations?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller keithdaniel. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $23.99. You're not tied to anything after your purchase.
