GCFR Exam Questions Dumps, Selling GIAC Products [Q22-Q47]

GCFR Exam Questions Dumps, Selling GIAC Products

GCFR Cert Guide PDF 100% Cover Real Exam Questions

NEW QUESTION # 22
Which of the following actions described below would populate the suggestions table on an Android phone?

• A. Google Maps recommends locations, which are cached in the table
• B. The table contains previously saved or bookmarked destinations
• C. Google Maps tracks previously entered destinations by the user

Answer: C

NEW QUESTION # 23
What approach can be used to enable Mac instances on AWS?

• A. Using physical Mac computers in the data center
• B. Emulating the M1 processor using ARM clusters
• C. Installing OS X exclusively on I (Burstable) instance
• D. Virtualizing OS X on Unix servers

Answer: A

NEW QUESTION # 24
Which cloud model should an organization negotiate access to logs as pert of contract negotiation prior to using the service?

• A. PaaS
• B. Saas
• C. IaaS

Answer: A

NEW QUESTION # 25
At what organizational level are EC2 services managed by customers?

• A. Data center
• B. Continental
• C. Global
• D. Regional

Answer: D

NEW QUESTION # 26
What unique identifier is used by AWS to identify a specific account and allow integration with external organizations?

• A. Public Key
• B. SID
• C. Token
• D. ARN

Answer: D

NEW QUESTION # 27
An analyst is reviewing a case involving an actor who leveraged PowerShell Cloud Shell to achieve their goals. Where can the analyst And logs depleting this activity?

• A. Network flow logs for the environment
• B. .bash_history file
• C. Audit logs for the environment
• D. .wget hsts file

Answer: C

NEW QUESTION # 28
Using the SOF-ELK instance at 10.0.1.7:5601, inspect the netflow logs related to the ip 5.62.19.62.
Which of the ports seen in the netflow logs associated with the ip 5.62.19.62 has the lowest count?
Hint: Use a wide time frame such as 20 years to ensure all the relevant data is in the scope.

• A. 0
• B. 1
• C. 2
• D. 3
• E. 4
• F. 5
• G. 6
• H. 7
• I. 8
• J. 9

Answer: G

NEW QUESTION # 29
What is the recommended storage type when creating an initial snapshot of a VM in Azure for forensic analysis?

• A. Ultra Disk
• B. Standard HDD
• C. Standard SSD
• D. Premium SSD

Answer: B

NEW QUESTION # 30
What is the maximum file size for Azure Page Blob storage?

• A. 10.25 TB
• B. 7TB
• C. 10.25 TB
• D. 8TB

Answer: D

NEW QUESTION # 31
Which cloud service provider produces sampled flow logs?

• A. AWS
• B. Azure
• C. GCP

Answer: C

NEW QUESTION # 32
Sensitive company data is found leaked on the internet, and the security team didn't get any alert and is unsure of how the breach occurred.
Which logs would be a preferable starting point for an investigation?

• A. Application
• B. Endpoint
• C. Resource Management
• D. Identity and Access Management

Answer: D

NEW QUESTION # 33
An analyst successfully authenticated to Microsoft 365 using the following command. What would cause the analyst to be unable to search UAL events for a specific time period?
Ps> connect fxrhangeOnline userPrincipalName sysanalystatexanpteco.com

• A. The tmdlets to search the UAl were not Imported into the session
• B. The UAL cannot be searched when using Microsoft 365 PowerShell
• C. The incorrect version of the FxhangeOnlineManagement module was installed
• D. The ExchangeOnlineManagement module was not installed

Answer: A

NEW QUESTION # 34
Which of the following Windows agents would need to be configured on an Azure VM for an investigator to query Its operating system logs sent to Azure Storage?

• A. Dependency
• B. Azure Monitor
• C. Log Analytics
• D. Diagnostic Extension

Answer: D

NEW QUESTION # 35
A client was responsible for their environment's OS, then they delegated this responsibility to their cloud provider. Which of the following migrations could describe this scenario?

• A. IaaS to PaaS
• B. PaaS to SaaS
• C. On-prern to UdS
• D. SaaStoOn-prem

Answer: A

NEW QUESTION # 36
What can be determine about the AVVS Access Key below?
AKIAVNKBKCM4I3VNZIS3

• A. It is only in use for a single session
• B. The key belongs to a user account
• C. It is a service STS token
• D. The key will only work internally

Answer: B

NEW QUESTION # 37
Which statement describes how an organization could use IPv6 in a Google Cloud deployment?

• A. IPv6 has to be configured for each compute node Individually
• B. IPv6 is enabled by default for traffic within VPCs
• C. IPv6 needs to be terminated at an edge load balancer
• D. IPv6 b enabled by default for global traffic between VPCs

Answer: C

NEW QUESTION # 38
What type of AWS log is the following snippet an example of?

• A. Route 53 Query Log
• B. VPC Flow Log
• C. Web Application firewall Log
• D. Load Balancer Log

Answer: B

NEW QUESTION # 39
Access Kibana via http://10.0.1.7:5601 and use the *ws-* index pattern. Use the time range 2021-03-01 00:00 UTC to 2021 04 U 00:00 UTC. How many ec2 DescribMnstantp*; events were performed by the root user?

• A. 0
• B. 1
• C. 6,695
• D. 2
• E. 3
• F. 4
• G. 5
• H. 2, 399
• I. 6
• J. 7

Answer: D

NEW QUESTION # 40
What AWS service will allow an organization to set custom compliance metrics and force compliance on an organizational, sub-organizational, or individual account level?

• A. Cognllo
• B. Config
• C. Inspector
• D. Security Hub

Answer: B

NEW QUESTION # 41
The Azure PowerShell output below is an example of which of the following?

• A. Service principal
• B. Role definition
• C. Managed identity
• D. Role assignment

Answer: C

NEW QUESTION # 42
A data exfiltration investigation of a GCP storage bucket is limited to the information logged by default in the Cost Table of Google's Cloud Billing. What information will investigators be able to gather?

• A. IP addresses associated with file downloads
• B. Timeframes of file downloads
• C. Filenames of downloaded files
• D. Usernames associated with file downloads

Answer: B

NEW QUESTION # 43
AWS VPC Flow logs are enabled. What do these logs capture?

• A. Payload Bytes
• B. TCP Checksums
• C. Packet Metadata
• D. TLS Handshakes

Answer: C

NEW QUESTION # 44
Which of the following is available with the free tier of service for CloudTrail?

• A. Single trail of management events delivered to Amazon
• B. Access to CloudTrail Insights to detect anomalies
• C. Access to data-related API Cloud Trail events
• D. Default trail maintained by AWS for more than 90 days

Answer: A

NEW QUESTION # 45
A company is creating an incident response team that will be part of their existing GCP Organization. Where in the organizational structure should their services be placed?

• A. As part of d Project
• B. ln a dedicated Folder
• C. At the root Organization
• D. With the Resources

Answer: B

NEW QUESTION # 46
An investigator is evaluating a client's Microsoft 365 deployment using the web portals and has identified that the Purview compliance portal states that the Unified Audit Logs are not enabled. Based on the additional Information gathered below, what is most likely the cause of this configuration message?
Subscription creation date: December 4, 2021 Number of administrators: 2 Number of non-administrative user accounts: 74 Last tenant administration change: December 4,2021

• A. Default configuration, service was never enabled
• B. Explicitly been disabled by an administrator
• C. License was downgraded lower than an E5 license
• D. Tenant is configured to forward logs externally

Answer: A

NEW QUESTION # 47
......

Pass GCFR Exam - Real Questions and Answers: https://www.exam-killer.com/GCFR-valid-questions.html

Pass GCFR Review Guide, Reliable GCFR Test Engine: https://drive.google.com/open?id=1yT4JbC3L76l7t4AlqwhKimWf1goS4Bzl