GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
PREPARATION FOR 2025/2026 WITH COMPLETE QUESTIONS
AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS)
|BRAND NEW VERSION!!
What benefit does moving from local logging to using a log server provide
organizations?
A) Enables the use of network intrusion detection systems (NIDS)
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server to infiltrate the network
D)Less complex logging infrastructure
Harder for attackers to overwrite logs
(B3, Pg187) What is the only way to mitigate an integer overflow/underflow?
A) Takin the absolute value of negative results prior to running the equation
B) Checking that the result of any change to a signed integer falls within an
allowed range
C) Randomizing salt values prior to hashing user content
D) Sanitizing user input to block special characters from being entered
Checking that the result of any change to a signed integer falls within an allowed
range
(B2, Pg17) Which Variable name will cause Python to produce an error?
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
1|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
HINT You can start a variable name with a letter or an underscore, but NOT WITH
A NUMBER!
2nd_phone_number
What is the following command attempting to accomplish in Kali Linux?
dnsmap myfakedomain.local -w /usr/share/wordlists/dnsmap.txt
A)Search for subdomains based upon the wordlist provided
B) Check for users based on the wordlist provided
C)Run checks on the applications based on the wordlist provided
D)Call yo mama
Search for subdomains based upon the wordlist provided
(B3, Pg121) How do you remove data from a Solid State Drive?
A) Destroy it
B) Place Magnets upon it
C) Snap it
D) Yo mama sit on it
Destroy it
(B3, Pg56) Where are the wordlists located in Kali?
A)/var/opt/wordlists
B)/etc/default/wordlists
C)/etc/security/wordlists
D)/var/adm/wordlists
E)/usr/share/wordlists
/usr/share/wordlists
2|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
(B1, Pg174) What is the outcome of the command below?
ps aux | grep -i sshd | grep root
A) Enabling logging for all root logins for the ssh service
B)Terminating the secure shell service
C)List of secure shell processes running under the root user
D)Starting up the ssh service as the root user
List of secure shell processes running under the root user
When would a security analyst create a "TCP Socket" in a Python Program?
A) When scanning the host computer for malicious software
B) When creating a script to run against a network service
C) When collecting information about the host computer's hardware
D) When the host is running network services in the background during Python
program execution
When creating a script to run against a network service
(B2, Pg180) What is used to access the address of a variable in the C Programming
Language?
A) &stuff
B) *stuff
C) {stuff}
D) [stuff]
&stuff
(B1, Pg134) What does the home folder contain?
A) User Directories for every user on the system excluding the root user
B)Yo Mama
3|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
C)All of the directories on a system
D) Only the Guest directories on a system
User Directories for every user on the system excluding the root user
(B2, Pg285) What does the Local Users Management Console do?
A)Create users within Windows
B) Create groups within Windows
C) Yo Mama (insert giggle)
D) Change your password
Create users within Windows, create groups within Windows, Change your
password
(B1, Pg83) What kind of storage system are in USB's?
A)exFAT
B)FAT32
C)NTFS
D)HFS Plus
exFAT
(B2, Pg294) When a new File is created what permissions are inherited?
A) Parent Folder
B) You set them when you open the folder
C) Root Permissions
D) Default File Permissions
Parent Folder
(B1, Pg211-212) What command will generate a makefile that is tuned to the
system that it is installed to?
4|Page
GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
PREPARATION FOR 2025/2026 WITH COMPLETE QUESTIONS
AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS)
|BRAND NEW VERSION!!
What benefit does moving from local logging to using a log server provide
organizations?
A) Enables the use of network intrusion detection systems (NIDS)
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server to infiltrate the network
D)Less complex logging infrastructure
Harder for attackers to overwrite logs
(B3, Pg187) What is the only way to mitigate an integer overflow/underflow?
A) Takin the absolute value of negative results prior to running the equation
B) Checking that the result of any change to a signed integer falls within an
allowed range
C) Randomizing salt values prior to hashing user content
D) Sanitizing user input to block special characters from being entered
Checking that the result of any change to a signed integer falls within an allowed
range
(B2, Pg17) Which Variable name will cause Python to produce an error?
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
1|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
HINT You can start a variable name with a letter or an underscore, but NOT WITH
A NUMBER!
2nd_phone_number
What is the following command attempting to accomplish in Kali Linux?
dnsmap myfakedomain.local -w /usr/share/wordlists/dnsmap.txt
A)Search for subdomains based upon the wordlist provided
B) Check for users based on the wordlist provided
C)Run checks on the applications based on the wordlist provided
D)Call yo mama
Search for subdomains based upon the wordlist provided
(B3, Pg121) How do you remove data from a Solid State Drive?
A) Destroy it
B) Place Magnets upon it
C) Snap it
D) Yo mama sit on it
Destroy it
(B3, Pg56) Where are the wordlists located in Kali?
A)/var/opt/wordlists
B)/etc/default/wordlists
C)/etc/security/wordlists
D)/var/adm/wordlists
E)/usr/share/wordlists
/usr/share/wordlists
2|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
(B1, Pg174) What is the outcome of the command below?
ps aux | grep -i sshd | grep root
A) Enabling logging for all root logins for the ssh service
B)Terminating the secure shell service
C)List of secure shell processes running under the root user
D)Starting up the ssh service as the root user
List of secure shell processes running under the root user
When would a security analyst create a "TCP Socket" in a Python Program?
A) When scanning the host computer for malicious software
B) When creating a script to run against a network service
C) When collecting information about the host computer's hardware
D) When the host is running network services in the background during Python
program execution
When creating a script to run against a network service
(B2, Pg180) What is used to access the address of a variable in the C Programming
Language?
A) &stuff
B) *stuff
C) {stuff}
D) [stuff]
&stuff
(B1, Pg134) What does the home folder contain?
A) User Directories for every user on the system excluding the root user
B)Yo Mama
3|Page
, GFACT CERTIFICATION EXAM SANS TECHNOLOGY INSTITUTE
C)All of the directories on a system
D) Only the Guest directories on a system
User Directories for every user on the system excluding the root user
(B2, Pg285) What does the Local Users Management Console do?
A)Create users within Windows
B) Create groups within Windows
C) Yo Mama (insert giggle)
D) Change your password
Create users within Windows, create groups within Windows, Change your
password
(B1, Pg83) What kind of storage system are in USB's?
A)exFAT
B)FAT32
C)NTFS
D)HFS Plus
exFAT
(B2, Pg294) When a new File is created what permissions are inherited?
A) Parent Folder
B) You set them when you open the folder
C) Root Permissions
D) Default File Permissions
Parent Folder
(B1, Pg211-212) What command will generate a makefile that is tuned to the
system that it is installed to?
4|Page
