GCTI by GIAC Valid Free Exam Practice Test

Question 1

What basic working knowledge should a cyber threat intelligence analyst possess regarding forensic tools?
Response:

A. How to write encryption algorithms B. How to create forensic images and analyze digital evidence C. How to design network infrastructure D. How to develop new software applications

Correct Answer: B

Question 2

Which of the following best describes the concept of "data normalization" in the context of storing threat intelligence data?
Response:

A. Reducing the amount of data to save storage space B. Compressing data to speed up transmission C. Transforming data into a common format to facilitate analysis and comparison D. Encrypting data to protect it from unauthorized access

Correct Answer: C

Question 3

Why is it important to validate data from threat feeds before storing it?
Response:

A. To avoid duplicating internal logs B. To reduce data storage space C. To ensure the threat feed data is actionable and relevant D. To increase the bandwidth of threat intelligence platforms

Correct Answer: C

Question 4

Which two factors should be considered when sharing tactical threat intelligence with executives?
Response:

A. Sharing raw data without analysis B. Including recommendations for mitigating the identified threats C. Presenting the intelligence in a simplified, non-technical format D. Ignoring external threat intelligence sources

Correct Answer: B,C

Question 5

What is a common use of YARA rules in malware analysis?
Response:

A. Analyzing network traffic B. Detecting and classifying malware based on patterns C. Encrypting sensitive data D. Improving user interface design

Correct Answer: B

Question 6

Which of the following are considered pivot points in intelligence analysis?
(Select 3)
Response:

A. Domain names B. IP addresses C. Email addresses D. File extensions E. Screen resolutions

Correct Answer: A,B,E

Question 7

Which two factors can hinder accurate attribution of a cyber attack?
Response:

A. Use of encryption by attackers B. Lack of technical skill by analysts C. Similarities between different threat actor tactics D. Insufficient system bandwidth

Correct Answer: A,C

Question 8

Which analytical technique involves the breakdown of a complex issue into smaller, more manageable parts?
Response:

A. Decomposition B. Regression analysis C. Trend analysis D. Root cause analysis

Correct Answer: A

Question 9

How can well-known cyber attacks, such as WannaCry and NotPetya, help improve current cybersecurity practices?
Response:

A. By providing case studies for training cybersecurity staff B. By improving network speeds C. By enhancing data encryption algorithms D. By increasing the number of firewall rules

Correct Answer: A

Question 10

Which method helps in recognizing and avoiding biases in intelligence analysis?
Response:

A. Firewalls B. Scenario analysis C. Encryption key rotation D. Data encryption

Correct Answer: B

Question 11

Which of the following is a key factor when considering cyber attack attribution?
Response:

A. Number of employees affected B. Type of data compromised C. The color scheme of the phishing email D. Attack signatures and malware used

Correct Answer: D

GIAC Cyber Threat Intelligence - GCTI Exam Practice Test