New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 6 Question 58 Discussion

Actual exam question for GIAC's GCED exam
Question #: 58
Topic #: 6
[All GCED Questions]

Which could be described as a Threat Vector?

Show Suggested Answer Hide Answer
Suggested Answer: A

A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.

Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.

Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.

Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.

Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.


by Rosina at Jan 28, 2025, 04:15 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Sonia
3 months ago
Wait, can a coding error really lead to remote code execution? Sounds risky!
upvoted 0 times
...
Felix
3 months ago
D? Really? I thought that was just bad practice, not a threat vector.
upvoted 0 times
...
Willie
3 months ago
C seems pretty serious, a botnet is no joke.
upvoted 0 times
...
Cherrie
4 months ago
B is also a threat vector, can't overlook that.
upvoted 0 times
...
Carri
4 months ago
Definitely A, that's a classic example!
upvoted 0 times
...
Marion
4 months ago
I practiced a similar question, and I think option C is definitely a threat vector since a botnet can be used to launch attacks once it gets in.
upvoted 0 times
...
Effie
4 months ago
I’m a bit confused here. I thought a coding error like in option B could also be a threat vector, but I’m not sure if it fits the definition exactly.
upvoted 0 times
...
Arthur
4 months ago
I remember studying about threat vectors, and I feel like option D fits because an open wireless network can be easily attacked.
upvoted 0 times
...
Gracia
5 months ago
I think a threat vector is something that can be exploited, so maybe options A or C? But I'm not entirely sure.
upvoted 0 times
...
Leota
5 months ago
I've got this! A threat vector is a path or means by which a threat can enter, exploit, or otherwise affect a system. Based on that, I'd say option A or B are the best answers here.
upvoted 0 times
...
Valentin
5 months ago
All of these sound like potential security vulnerabilities, but I'm not sure which one best fits the definition of a "threat vector". I'll have to review my notes.
upvoted 0 times
...
Alesia
5 months ago
Okay, let me see... A threat vector is a way that a threat can enter a system, so I'll need to analyze each option for that.
upvoted 0 times
...
Stefanie
5 months ago
Hmm, I'm not entirely sure what a "threat vector" is. I'll need to think this through carefully.
upvoted 0 times
...
Peggie
5 months ago
This question seems straightforward, I'm confident I can identify a threat vector from the options provided.
upvoted 0 times
...
Gracia
9 months ago
I'm going to go with D. A wireless network left open for anonymous use? That's just begging to be used for nefarious purposes. Might as well hand over the keys to the kingdom.
upvoted 0 times
...
Stefany
9 months ago
Hah, I bet the answer is A. That's like leaving the front door wide open and then wondering why the burglar got in. Classic rookie mistake.
upvoted 0 times
...
Cordie
9 months ago
Well, I think all of these options are valid threat vectors, but I'd say A is the most straightforward. Leaving a web server unpatched and vulnerable to XSS is just asking for trouble.
upvoted 0 times
Katina
8 months ago
A wireless network left open for anonymous use can be easily exploited by attackers.
upvoted 0 times
...
Kristal
8 months ago
A botnet that has infiltrated perimeter defenses can cause a lot of damage too.
upvoted 0 times
...
Therese
8 months ago
I think a coding error allowing remote code execution is also a major threat vector.
upvoted 0 times
...
Ciara
8 months ago
I agree, having an unpatched web server is a huge security risk.
upvoted 0 times
...
...
Cherry
9 months ago
I'm going with B. A coding error that allows remote code execution is a major vulnerability that hackers can easily take advantage of.
upvoted 0 times
...
Luke
9 months ago
Definitely option C. A botnet that has infiltrated the perimeter defenses is a classic threat vector that cybercriminals love to exploit.
upvoted 0 times
Glory
8 months ago
I would say option A is a significant threat vector as well, leaving a web server unpatched can lead to XSS attacks.
upvoted 0 times
...
Helene
9 months ago
I think option B is also a major threat vector, allowing remote code execution can be very dangerous.
upvoted 0 times
...
Kenda
9 months ago
I agree, a botnet that has infiltrated perimeter defenses is a serious threat.
upvoted 0 times
...
...
Francisca
10 months ago
I think C) A botnet that has infiltrated perimeter defenses is also a major Threat Vector.
upvoted 0 times
...
Diane
11 months ago
I agree with Reita. A web server with XSS vulnerability is definitely a threat.
upvoted 0 times
...
Reita
11 months ago
I think A) A web server left unpatched and vulnerable to XSS could be a Threat Vector.
upvoted 0 times
...

Save Cancel