2
GFACT Certification Exam with accurate detailed solutions || || || || || ||
(B2, Pg122) What does it mean when a computer program is "multi-threaded"?
|| || || || || || || || || || ||
A) It calls multiple external libraries
|| || || || ||
B) It has multiple serial number for different users
|| || || || || || || ||
C) It can run multiple chunks of code concurrently
|| || || || || || || ||
D) It has multiple functions defined in the program - ✔✔It can run multiple chunks of code
|| || || || || || || || || || || || || || || || ||
concurrently
(B3, Pg162) Which of the following is a common result of a reflected cross-site scripting attack?
|| || || || || || || || || || || || || || ||
A)Tricking a user into making an authenticated transaction
|| || || || || || ||
B)Sending a website user's session cookie to an attacker
|| || || || || || || ||
C) Embedding the attacker's malware in web application source code
|| || || || || || || || ||
D) Stealing password hashes from a website's back end database
|| || || || || || || || ||
*HINT* It may be under the session guessing section, but if you read further into it, you will see
|| || || || || || || || || || || || || || || || || || ||
where it mentions XSS attack. - ✔✔Sending a website user's session cookie to an attacker
|| || || || || || || || || || || || || ||
(B3, Pg90) What tool can be used to fingerprint the operating system of a host?
|| || || || || || || || || || || || || ||
A)netstat
B)dig
C)nslookup
D)nmap - ✔✔Nmap || ||
,2
(B3, Pg151) What type of vulnerability is illustrated where there is code in the web page?
|| || || || || || || || || || || || || || ||
A)File Inclusion ||
B) Clickjacking
||
C)Cross-Site Scripting || ||
D) SQL injection
|| ||
*HINT* While it doesn't exactly say "code in the web page", it mentions how you can sometimes
|| || || || || || || || || || || || || || || || ||
view a page that looks like PHP code and how that code can gain you access to the access logs of
|| || || || || || || || || || || || || || || || || || || || ||
the server. - ✔✔File Inclusion
|| || || ||
(B3, Pg88-89) An alert indicates that a compromised host was used by an attacker to run the
|| || || || || || || || || || || || || || || || ||
command below. What was the attacker attempting to do? || || || || || || || ||
$ nmap -sS 192.168.10.0/24
|| || ||
A)Map a network drive to a remote host
|| || || || || || ||
B)Identify services running on network hosts || || || || ||
C)Execute a script on a remote host || || || || || ||
D)Send Spoofed packets to network hosts - ✔✔Identify services running on network hosts
|| || || || || || || || || || || ||
What type of artifact can a blue team member use to identify the name that is associated to the
|| || || || || || || || || || || || || || || || || || ||
file?
A)Metadata
B)Windows security logs || ||
C)Prefetch
D)File Ownership - ✔✔Metadata || || ||
,2
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
|| || || ||
CurrentVersion\Run considered to be? || || || ||
A)Domain Name ||
B)Log File Path || ||
C) Registry Key
|| ||
D) Yo Mama's Number - ✔✔A Registry Key
|| || || || || || ||
(B1, Pg236) If a user agent is used, where would it be found in the HTTP Protocol?
|| || || || || || || || || || || || || || || ||
A)In the response header
|| || ||
B)In the response body
|| || ||
C)Delimited by an h1 tag || || || ||
D) In a GET Request - ✔✔In a GET Request
|| || || || || || || || ||
What benefit does moving from local logging to using a log server provide organizations?
|| || || || || || || || || || || || ||
A) Enables the use of network intrusion detection systems (NIDS)
|| || || || || || || || ||
B) Harder for attackers to overwrite logs
|| || || || || ||
C) Attackers will have to pivot through an extra server to infiltrate the network
|| || || || || || || || || || || || ||
D)Less complex logging infrastructure - ✔✔Harder for attackers to overwrite logs
|| || || || || || || || || ||
(B3, Pg187) What is the only way to mitigate an integer overflow/underflow?
|| || || || || || || || || || ||
A) Takin the absolute value of negative results prior to running the equation
|| || || || || || || || || || || ||
B) Checking that the result of any change to a signed integer falls within an allowed range
|| || || || || || || || || || || || || || || ||
, 2
C) Randomizing salt values prior to hashing user content
|| || || || || || || ||
D) Sanitizing user input to block special characters from being entered - ✔✔Checking that the
|| || || || || || || || || || || || || || ||
result of any change to a signed integer falls within an allowed range
|| || || || || || || || || || || ||
(B2, Pg17) Which Variable name will cause Python to produce an error?
|| || || || || || || || || || ||
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
*HINT* You can start a variable name with a letter or an underscore, but NOT WITH A
|| || || || || || || || || || || || || || || || ||
NUMBER! - ✔✔2nd_phone_number || ||
What is the following command attempting to accomplish in Kali Linux?
|| || || || || || || || || ||
dnsmap myfakedomain.local -w /usr/share/wordlists/dnsmap.txt
|| || ||
A)Search for subdomains based upon the wordlist provided
|| || || || || || ||
B) Check for users based on the wordlist provided
|| || || || || || || ||
C)Run checks on the applications based on the wordlist provided
|| || || || || || || || ||
D)Call yo mama - ✔✔Search for subdomains based upon the wordlist provided
|| || || || || || || || || || ||
(B3, Pg121) How do you remove data from a Solid State Drive?
|| || || || || || || || || || ||
A) Destroy it
|| ||
B) Place Magnets upon it
|| || || ||
C) Snap it
|| ||
GFACT Certification Exam with accurate detailed solutions || || || || || ||
(B2, Pg122) What does it mean when a computer program is "multi-threaded"?
|| || || || || || || || || || ||
A) It calls multiple external libraries
|| || || || ||
B) It has multiple serial number for different users
|| || || || || || || ||
C) It can run multiple chunks of code concurrently
|| || || || || || || ||
D) It has multiple functions defined in the program - ✔✔It can run multiple chunks of code
|| || || || || || || || || || || || || || || || ||
concurrently
(B3, Pg162) Which of the following is a common result of a reflected cross-site scripting attack?
|| || || || || || || || || || || || || || ||
A)Tricking a user into making an authenticated transaction
|| || || || || || ||
B)Sending a website user's session cookie to an attacker
|| || || || || || || ||
C) Embedding the attacker's malware in web application source code
|| || || || || || || || ||
D) Stealing password hashes from a website's back end database
|| || || || || || || || ||
*HINT* It may be under the session guessing section, but if you read further into it, you will see
|| || || || || || || || || || || || || || || || || || ||
where it mentions XSS attack. - ✔✔Sending a website user's session cookie to an attacker
|| || || || || || || || || || || || || ||
(B3, Pg90) What tool can be used to fingerprint the operating system of a host?
|| || || || || || || || || || || || || ||
A)netstat
B)dig
C)nslookup
D)nmap - ✔✔Nmap || ||
,2
(B3, Pg151) What type of vulnerability is illustrated where there is code in the web page?
|| || || || || || || || || || || || || || ||
A)File Inclusion ||
B) Clickjacking
||
C)Cross-Site Scripting || ||
D) SQL injection
|| ||
*HINT* While it doesn't exactly say "code in the web page", it mentions how you can sometimes
|| || || || || || || || || || || || || || || || ||
view a page that looks like PHP code and how that code can gain you access to the access logs of
|| || || || || || || || || || || || || || || || || || || || ||
the server. - ✔✔File Inclusion
|| || || ||
(B3, Pg88-89) An alert indicates that a compromised host was used by an attacker to run the
|| || || || || || || || || || || || || || || || ||
command below. What was the attacker attempting to do? || || || || || || || ||
$ nmap -sS 192.168.10.0/24
|| || ||
A)Map a network drive to a remote host
|| || || || || || ||
B)Identify services running on network hosts || || || || ||
C)Execute a script on a remote host || || || || || ||
D)Send Spoofed packets to network hosts - ✔✔Identify services running on network hosts
|| || || || || || || || || || || ||
What type of artifact can a blue team member use to identify the name that is associated to the
|| || || || || || || || || || || || || || || || || || ||
file?
A)Metadata
B)Windows security logs || ||
C)Prefetch
D)File Ownership - ✔✔Metadata || || ||
,2
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
|| || || ||
CurrentVersion\Run considered to be? || || || ||
A)Domain Name ||
B)Log File Path || ||
C) Registry Key
|| ||
D) Yo Mama's Number - ✔✔A Registry Key
|| || || || || || ||
(B1, Pg236) If a user agent is used, where would it be found in the HTTP Protocol?
|| || || || || || || || || || || || || || || ||
A)In the response header
|| || ||
B)In the response body
|| || ||
C)Delimited by an h1 tag || || || ||
D) In a GET Request - ✔✔In a GET Request
|| || || || || || || || ||
What benefit does moving from local logging to using a log server provide organizations?
|| || || || || || || || || || || || ||
A) Enables the use of network intrusion detection systems (NIDS)
|| || || || || || || || ||
B) Harder for attackers to overwrite logs
|| || || || || ||
C) Attackers will have to pivot through an extra server to infiltrate the network
|| || || || || || || || || || || || ||
D)Less complex logging infrastructure - ✔✔Harder for attackers to overwrite logs
|| || || || || || || || || ||
(B3, Pg187) What is the only way to mitigate an integer overflow/underflow?
|| || || || || || || || || || ||
A) Takin the absolute value of negative results prior to running the equation
|| || || || || || || || || || || ||
B) Checking that the result of any change to a signed integer falls within an allowed range
|| || || || || || || || || || || || || || || ||
, 2
C) Randomizing salt values prior to hashing user content
|| || || || || || || ||
D) Sanitizing user input to block special characters from being entered - ✔✔Checking that the
|| || || || || || || || || || || || || || ||
result of any change to a signed integer falls within an allowed range
|| || || || || || || || || || || ||
(B2, Pg17) Which Variable name will cause Python to produce an error?
|| || || || || || || || || || ||
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
*HINT* You can start a variable name with a letter or an underscore, but NOT WITH A
|| || || || || || || || || || || || || || || || ||
NUMBER! - ✔✔2nd_phone_number || ||
What is the following command attempting to accomplish in Kali Linux?
|| || || || || || || || || ||
dnsmap myfakedomain.local -w /usr/share/wordlists/dnsmap.txt
|| || ||
A)Search for subdomains based upon the wordlist provided
|| || || || || || ||
B) Check for users based on the wordlist provided
|| || || || || || || ||
C)Run checks on the applications based on the wordlist provided
|| || || || || || || || ||
D)Call yo mama - ✔✔Search for subdomains based upon the wordlist provided
|| || || || || || || || || || ||
(B3, Pg121) How do you remove data from a Solid State Drive?
|| || || || || || || || || || ||
A) Destroy it
|| ||
B) Place Magnets upon it
|| || || ||
C) Snap it
|| ||
