[2026] GIAC Defending Advanced Threats - GDAT 무료 시험 문제

문제1

Which Windows feature is frequently exploited by attackers to achieve persistence on a system?
Response:

A. Task Scheduler

B. Windows Firewall

C. BitLocker

D. Windows Defender

정답: C

문제2

Your security team has identified unusual outbound traffic from your organization's network to external IP addresses. Upon further analysis, the traffic consists of a high volume of encrypted HTTP POST requests, with some payloads resembling legitimate DNS queries.
What is the most likely method of data exfiltration being used, and how should you proceed?
Response:

A. Ransomware attack; isolate the affected systems and begin recovery operations

B. DNS tunneling; block external DNS requests and investigate the internal DNS servers

C. Phishing attack; notify users to change their passwords and monitor account activity

D. SQL injection; patch the vulnerable web applications and monitor the database for anomalies

정답: B

문제3

Which exploit mitigation techniques are used to prevent application exploitation?
(Choose two)
Response:

A. Role-based access control

B. Web Application Firewalls (WAF)

C. File hashing for integrity verification

D. Fuzz testing

정답: B,D

문제4

What is a common method by which malware ensures its persistence on a host system after reboot?
Response:

A. Modifying user profiles

B. Adding entries to the Windows Registry

C. Registering a new user account

D. Deleting system logs

정답: B

문제5

The use of _________ tools, which include both software and methodologies, can help an organization identify vulnerabilities that could be exploited by an adversary.
Response:

A. accounting

B. documentation

C. encryption

D. red teaming

정답: D

문제6

Which technique is typically employed in the detection of C2 channels?
Response:

A. Port scanning all outbound traffic

B. Continuous ping sweeps

C. Behavioral anomaly detection

D. Deploying honeypots within the network perimeter

정답: C

문제7

Which of the following are indicators of a potential persistence attack?
(Choose Two)
Response:

A. Unexplained new user accounts on the system

B. Unexpected system shutdowns and restarts

C. Increased volume of outbound emails

D. Changes in system configuration files

정답: A,D

문제8

Which of the following are characteristics of a Pass-the-Ticket (PtT) attack against Active Directory domains?
Response:

A. It requires physical access to the Domain Controller

B. It exploits the single sign-on nature of Kerberos authentication

C. It involves stealing a Kerberos ticket from one machine and using it on another

D. The attacker needs to decrypt the ticket using a secret key

정답: B,C

문제9

Which of the following is a key objective of threat hunting in cybersecurity?
Response:

A. To block all inbound network traffic during an attack

B. To proactively search for threats that may bypass traditional detection systems

C. To monitor system performance and optimize resource allocation

D. To passively observe network traffic without taking action

정답: B

문제10

Which of the following are effective preventive measures against payload delivery via malicious email attachments?
(Choose Two)
Response:

A. Regularly updating firewall rules

B. Enforcing strict password policies

C. Implementing strong spam filters

D. Scanning attachments with antivirus software

정답: C,D

문제11

Which step is critical in the initial phase of an incident response process?
Response:

A. Identification of the breach

B. Cost analysis of the incident

C. Communication with the media

D. Purchasing new security tools

정답: A

GIAC Defending Advanced Threats - GDAT무료 덤프문제 풀어보기

우리와 연락하기

유용한 링크

최신 업데이트