Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCED Topic 6 Question 58 Discussion

Actual exam question for GIAC's GCED exam
Question #: 58
Topic #: 6
[All GCED Questions]

Which could be described as a Threat Vector?

Show Suggested Answer Hide Answer
Suggested Answer: A

A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.

Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.

Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.

Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.

Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.


by Rosina at Jan 28, 2025, 04:15 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gracia
1 months ago
I'm going to go with D. A wireless network left open for anonymous use? That's just begging to be used for nefarious purposes. Might as well hand over the keys to the kingdom.
upvoted 0 times
...
Stefany
1 months ago
Hah, I bet the answer is A. That's like leaving the front door wide open and then wondering why the burglar got in. Classic rookie mistake.
upvoted 0 times
...
Cordie
1 months ago
Well, I think all of these options are valid threat vectors, but I'd say A is the most straightforward. Leaving a web server unpatched and vulnerable to XSS is just asking for trouble.
upvoted 0 times
Kristal
4 days ago
A botnet that has infiltrated perimeter defenses can cause a lot of damage too.
upvoted 0 times
...
Therese
6 days ago
I think a coding error allowing remote code execution is also a major threat vector.
upvoted 0 times
...
Ciara
8 days ago
I agree, having an unpatched web server is a huge security risk.
upvoted 0 times
...
...
Cherry
1 months ago
I'm going with B. A coding error that allows remote code execution is a major vulnerability that hackers can easily take advantage of.
upvoted 0 times
...
Luke
1 months ago
Definitely option C. A botnet that has infiltrated the perimeter defenses is a classic threat vector that cybercriminals love to exploit.
upvoted 0 times
Glory
3 days ago
I would say option A is a significant threat vector as well, leaving a web server unpatched can lead to XSS attacks.
upvoted 0 times
...
Helene
15 days ago
I think option B is also a major threat vector, allowing remote code execution can be very dangerous.
upvoted 0 times
...
Kenda
16 days ago
I agree, a botnet that has infiltrated perimeter defenses is a serious threat.
upvoted 0 times
...
...
Francisca
2 months ago
I think C) A botnet that has infiltrated perimeter defenses is also a major Threat Vector.
upvoted 0 times
...
Diane
2 months ago
I agree with Reita. A web server with XSS vulnerability is definitely a threat.
upvoted 0 times
...
Reita
3 months ago
I think A) A web server left unpatched and vulnerable to XSS could be a Threat Vector.
upvoted 0 times
...

Save Cancel