GIAC Exam GCED Topic 7 Question 12 Discussion

Actual exam question for GIAC's GIAC Certified Enterprise Defender exam

Question #: 12
Topic #: 7

[All GIAC Certified Enterprise Defender Questions]

You are responding to an incident involving a Windows server on your company's network. During the investigation you notice that the system downloaded and installed two files, iexplorer.exe and iexplorer.sys. Based on the behavior of the system you suspect that these files are part of a rootkit. If this is the case what is the likely purpose of the .sys file?

AIt is a configuration file used to open a backdoor

BIt is a logfile used to collect usernames and passwords

CIt is a device driver used to load the rootkit

DIt is an executable used to configure a keylogger

Show Suggested Answer

Suggested Answer: C

by Simona at May 08, 2022, 01:57 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!