GEIR by GIAC Valid Free Exam Practice Test

Question 1

Which Linux command allows you to modify file permissions?
Response:

A. chperm B. permset C. chmod D. chown

Correct Answer: C

Question 2

What is an essential element when developing a playbook for managing ransomware attacks in an enterprise?
Response:

A. Legal advice on negotiating ransom payments B. Instructions for paying the ransom quickly to minimize downtime C. Procedures for immediate full system backups during an attack D. Guidelines for isolation, identification of the attack vector, and system restoration

Correct Answer: D

Question 3

What is the term used for extracting specific data points from cloud logs to identify security incidents?
Response:

A. Data extraction B. Data mining C. Data analytics D. Data normalization

Correct Answer: A

Question 4

Select the macOS features that assist in recovery and backup.
(Multiple Correct Answers)
Response:

A. Disk Utility B. Boot Camp C. Time Machine D. Spotlight E. Finder

Correct Answer: A,C

Question 5

Which file system is commonly used in Linux and known for its robustness?
Response:

A. FAT32 B. NTFS C. ext4 D. HFS+

Correct Answer: C

Question 6

Select the types of logs that would be most helpful in scoping a data exfiltration incident.
Response:

A. Web application firewall logs B. Network flow data C. System event logs D. Change management logs E. Server load balancer logs

Correct Answer: A,B,C

Question 7

Which of the following is a characteristic of cloud computing scalability?
Response:

A. Ability to increase or decrease resources according to business needs B. Decreased storage options as data grows C. Fixed computing resources D. Limited access to resources based on geographic location

Correct Answer: A

Question 8

Which of the following are common data sources in an enterprise environment that can aid in incident scoping?
Response:

A. Email transaction logs B. Antivirus logs C. Network flow data D. HR management systems E. Application logs

Correct Answer: A,B,C,E

GIAC Enterprise Incident Response - GEIR Exam Practice Test