100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
GFACT Certification Exam Practice Questions and Answers 100% Pass $13.49   Add to cart

Exam (elaborations)

GFACT Certification Exam Practice Questions and Answers 100% Pass

 0 view  0 purchase
  • Course
  • Prep Tests
  • Institution
  • Prep Tests

GFACT Certification Exam Practice Questions and Answers 100% Pass (B2, Pg122) What does it mean when a computer program is "multi-threaded"? A) It calls multiple external libraries B) It has multiple serial number for different users C) It can run multiple chunks of code concurrently D) It ha...

[Show more]

Preview 4 out of 54  pages

  • November 11, 2024
  • 54
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • Prep Tests
  • Prep Tests
avatar-seller
OliviaWest
Copyright © OLIVIAWEST2024/2025 ACADEMIC YEAR. ALL RIGHTS RESERVED




GFACT Certification Exam Practice

Questions and Answers 100% Pass


(B2, Pg122) What does it mean when a computer program is "multi-threaded"?




A) It calls multiple external libraries


B) It has multiple serial number for different users


C) It can run multiple chunks of code concurrently


D) It has multiple functions defined in the program - ANSWER✔✔-It can run multiple chunks of code

concurrently


(B3, Pg162) Which of the following is a common result of a reflected cross-site scripting attack?




A)Tricking a user into making an authenticated transaction


B)Sending a website user's session cookie to an attacker


C) Embedding the attacker's malware in web application source code


D) Stealing password hashes from a website's back end database




Copyright ©Stuvia International BV 2010-2024 Page 1/54

, Copyright © OLIVIAWEST2024/2025 ACADEMIC YEAR. ALL RIGHTS RESERVED


*HINT* It may be under the session guessing section, but if you read further into it, you will see where it

mentions XSS attack. - ANSWER✔✔-Sending a website user's session cookie to an attacker


(B3, Pg90) What tool can be used to fingerprint the operating system of a host?




A)netstat


B)dig


C)nslookup


D)nmap - ANSWER✔✔-Nmap


(B3, Pg151) What type of vulnerability is illustrated where there is code in the web page?




A)File Inclusion


B) Clickjacking


C)Cross-Site Scripting


D) SQL injection




*HINT* While it doesn't exactly say "code in the web page", it mentions how you can sometimes view a

page that looks like PHP code and how that code can gain you access to the access logs of the server. -

ANSWER✔✔-File Inclusion




Copyright ©Stuvia International BV 2010-2024 Page 2/54

, Copyright © OLIVIAWEST2024/2025 ACADEMIC YEAR. ALL RIGHTS RESERVED


(B3, Pg88-89) An alert indicates that a compromised host was used by an attacker to run the command

below. What was the attacker attempting to do?




$ nmap -sS 192.168.10.0/24




A)Map a network drive to a remote host


B)Identify services running on network hosts


C)Execute a script on a remote host


D)Send Spoofed packets to network hosts - ANSWER✔✔-Identify services running on network hosts


What type of artifact can a blue team member use to identify the name that is associated to the file?




A)Metadata


B)Windows security logs


C)Prefetch


D)File Ownership - ANSWER✔✔-Metadata


(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

considered to be?




A)Domain Name


Copyright ©Stuvia International BV 2010-2024 Page 3/54

, Copyright © OLIVIAWEST2024/2025 ACADEMIC YEAR. ALL RIGHTS RESERVED


B)Log File Path


C) Registry Key


D) Yo Mama's Number - ANSWER✔✔-A Registry Key


(B1, Pg236) If a user agent is used, where would it be found in the HTTP Protocol?




A)In the response header


B)In the response body


C)Delimited by an h1 tag


D) In a GET Request - ANSWER✔✔-In a GET Request


What benefit does moving from local logging to using a log server provide organizations?




A) Enables the use of network intrusion detection systems (NIDS)


B) Harder for attackers to overwrite logs


C) Attackers will have to pivot through an extra server to infiltrate the network


D)Less complex logging infrastructure - ANSWER✔✔-Harder for attackers to overwrite logs


(B3, Pg187) What is the only way to mitigate an integer overflow/underflow?




A) Takin the absolute value of negative results prior to running the equation




Copyright ©Stuvia International BV 2010-2024 Page 4/54

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

76799 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart