GFACT Certification Exam
GFACT CERTIFICATION EXAM NEWEST 2025/2026 WITH
COMPLETE QUESTIONS AND CORRECT ANSWERS |ALREADY
GRADED A+||BRAND NEW VERSION!
A user adds a new directory to a Linux system's $PATH environment variable,
#export $PATH=$PATH:new_dir. What action will cause the updated $PATH
variable change back to the original value?
A)Closing and re-opening the terminal
B)Running the command "rm $PATH"
C) Echoing the $PATH to /dev/null - ANSWER-Closing and reopening the terminal
When a program runs on a computer, it temporaily loads code into memory that
contains information about the program. The code is deleted when the program is
closed. What is the instance of this code called?
A) Process
B) Kernel
C) BIOS
D) Application
*HINT* Every time you run a program on your computer, a "BLANK" is created in
memory. When you close the program, the "BLANK" is killed. - ANSWER-Process
(B3, Pg169) What is a requirement for cross-site request forgery to work?
1|Page
, GFACT Certification Exam
A) The victim must be authenticated with the target site
B) The Attacker must have root privileges on the victim's system
C) The victim must be a member of the IIS_USER group
D) The attacker must steal the victim's cookie
*HINT* CSRF involves an authenticated user clicking on a link that an attacker
plants. This link will cause the victim's browser to perform an action using their
authenticated credentials. - ANSWER-The victim must be authenticated with the
target site
(B1, Pg144) Which of the following commands will set or modify an environment
variable?
A) export
B)grep
C)nano
*HINT* The "Blank" command is used to set or modify an environmental variable.
- ANSWER-export
(B1, Pg135) In which directory are Linux logs generally found?
A)var
2|Page
, GFACT Certification Exam
B)bin
C)boot
D)mnt
*HINT* The "blank" folder contains system files that tend to increase in size over
time (hence it's a "blank" size folder). Things like log files, the mail directory, and
so on, go here. - ANSWER-var
(B2, Pg122) What does it mean when a computer program is "multi-threaded"?
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program - ANSWER-It can run multiple
chunks of code concurrently
(B3, Pg162) Which of the following is a common result of a reflected cross-site
scripting attack?
A)Tricking a user into making an authenticated transaction
B)Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application source code
D) Stealing password hashes from a website's back end database
3|Page
, GFACT Certification Exam
*HINT* It may be under the session guessing section, but if you read further into
it, you will see where it mentions XSS attack. - ANSWER-Sending a website user's
session cookie to an attacker
(B3, Pg90) What tool can be used to fingerprint the operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap - ANSWER-Nmap
(B3, Pg151) What type of vulnerability is illustrated where there is code in the web
page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
*HINT* While it doesn't exactly say "code in the web page", it mentions how you
can sometimes view a page that looks like PHP code and how that code can gain
you access to the access logs of the server. - ANSWER-File Inclusion
(B3, Pg88-89) An alert indicates that a compromised host was used by an attacker
to run the command below. What was the attacker attempting to do?
4|Page
GFACT CERTIFICATION EXAM NEWEST 2025/2026 WITH
COMPLETE QUESTIONS AND CORRECT ANSWERS |ALREADY
GRADED A+||BRAND NEW VERSION!
A user adds a new directory to a Linux system's $PATH environment variable,
#export $PATH=$PATH:new_dir. What action will cause the updated $PATH
variable change back to the original value?
A)Closing and re-opening the terminal
B)Running the command "rm $PATH"
C) Echoing the $PATH to /dev/null - ANSWER-Closing and reopening the terminal
When a program runs on a computer, it temporaily loads code into memory that
contains information about the program. The code is deleted when the program is
closed. What is the instance of this code called?
A) Process
B) Kernel
C) BIOS
D) Application
*HINT* Every time you run a program on your computer, a "BLANK" is created in
memory. When you close the program, the "BLANK" is killed. - ANSWER-Process
(B3, Pg169) What is a requirement for cross-site request forgery to work?
1|Page
, GFACT Certification Exam
A) The victim must be authenticated with the target site
B) The Attacker must have root privileges on the victim's system
C) The victim must be a member of the IIS_USER group
D) The attacker must steal the victim's cookie
*HINT* CSRF involves an authenticated user clicking on a link that an attacker
plants. This link will cause the victim's browser to perform an action using their
authenticated credentials. - ANSWER-The victim must be authenticated with the
target site
(B1, Pg144) Which of the following commands will set or modify an environment
variable?
A) export
B)grep
C)nano
*HINT* The "Blank" command is used to set or modify an environmental variable.
- ANSWER-export
(B1, Pg135) In which directory are Linux logs generally found?
A)var
2|Page
, GFACT Certification Exam
B)bin
C)boot
D)mnt
*HINT* The "blank" folder contains system files that tend to increase in size over
time (hence it's a "blank" size folder). Things like log files, the mail directory, and
so on, go here. - ANSWER-var
(B2, Pg122) What does it mean when a computer program is "multi-threaded"?
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program - ANSWER-It can run multiple
chunks of code concurrently
(B3, Pg162) Which of the following is a common result of a reflected cross-site
scripting attack?
A)Tricking a user into making an authenticated transaction
B)Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application source code
D) Stealing password hashes from a website's back end database
3|Page
, GFACT Certification Exam
*HINT* It may be under the session guessing section, but if you read further into
it, you will see where it mentions XSS attack. - ANSWER-Sending a website user's
session cookie to an attacker
(B3, Pg90) What tool can be used to fingerprint the operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap - ANSWER-Nmap
(B3, Pg151) What type of vulnerability is illustrated where there is code in the web
page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
*HINT* While it doesn't exactly say "code in the web page", it mentions how you
can sometimes view a page that looks like PHP code and how that code can gain
you access to the access logs of the server. - ANSWER-File Inclusion
(B3, Pg88-89) An alert indicates that a compromised host was used by an attacker
to run the command below. What was the attacker attempting to do?
4|Page
