New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCFA Exam - Topic 7 Question 59 Discussion

Actual exam question for GIAC's GCFA exam
Question #: 59
Topic #: 7
[All GCFA Questions]

Sam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a compromised system, which runs on Linux operating system. Sam wants to investigate and review local software, system libraries, and other application installed on the system.

Which of the following directories in Linux will he review to accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Johnson at Oct 18, 2024, 09:29 AM

Limited Time Offer

25%

Off

Get Premium GCFA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Brunilda
3 months ago
Agreed, /lib and /sbin are key directories to investigate!
upvoted 0 times
...
Erick
3 months ago
Wait, are we sure /mnt has anything useful for this?
upvoted 0 times
...
Eve
3 months ago
I thought /tmp was for temporary files, not for this.
upvoted 0 times
...
Cassie
4 months ago
/sbin is also important for system binaries!
upvoted 0 times
...
Polly
4 months ago
Definitely check /lib for system libraries.
upvoted 0 times
...
Blondell
4 months ago
I believe /mnt is used for mounting filesystems, so it probably won't help Sam with local software. I would lean towards /lib or /sbin.
upvoted 0 times
...
Rolande
4 months ago
I practiced a question similar to this, and I think /tmp is more for temporary files, so it might not be the best choice for reviewing installed software.
upvoted 0 times
...
Kizzy
4 months ago
I'm not entirely sure, but I feel like /sbin contains essential system binaries. Could that be relevant for checking installed applications?
upvoted 0 times
...
Tammi
5 months ago
I remember studying the Linux file system structure, and I think /lib is where system libraries are stored. That might be important for Sam's investigation.
upvoted 0 times
...
Donette
5 months ago
I've got a good feeling about this one. The /lib directory seems like the most likely place to find the system libraries and applications that Sam would need to review.
upvoted 0 times
...
Annelle
5 months ago
I'm a bit unsure about this one. There are a few directories that could be relevant, but I'll need to think carefully about which one is the best fit for the task described.
upvoted 0 times
...
Benedict
5 months ago
Okay, let me think this through. The question is asking about directories that Sam would review to investigate the compromised Linux system, so I'll need to consider which directories might contain relevant information.
upvoted 0 times
...
Ivory
5 months ago
Hmm, this seems like a straightforward question. I'll need to review the directories that contain system libraries and applications to find the right answer.
upvoted 0 times
...
German
9 months ago
You know, if I were Sam, I'd take a look in the fridge too. You never know what kind of suspicious snacks might be lurking in there. Gotta cover all the bases!
upvoted 0 times
Phillip
8 months ago
D) /sbin
upvoted 0 times
...
Margo
8 months ago
C) /lib
upvoted 0 times
...
Sheridan
8 months ago
B) /mnt
upvoted 0 times
...
Verda
9 months ago
A) /tmp
upvoted 0 times
...
...
Stephaine
10 months ago
Ah, /mnt? Nah, that's just for mounting file systems. Sam's got to go for /lib, no doubt about it.
upvoted 0 times
Nida
8 months ago
I agree, /lib is the right directory for Sam to review in order to accomplish the task.
upvoted 0 times
...
Alexis
8 months ago
Yeah, /lib is definitely the directory he needs to check for installed applications.
upvoted 0 times
...
Anjelica
8 months ago
User 3: Yeah, /lib is where he'll find the system libraries and applications.
upvoted 0 times
...
Elinore
8 months ago
I think Sam should review /lib, that's where the system libraries are stored.
upvoted 0 times
...
Mira
9 months ago
User 2: Sam should definitely review /lib for the investigation.
upvoted 0 times
...
Marylou
9 months ago
User 1: /mnt is just for mounting file systems.
upvoted 0 times
...
...
Leslie
10 months ago
Hmm, /tmp seems like the obvious choice. I mean, who knows what kind of sketchiness might be hiding in there, right? Sam's got to dig deep!
upvoted 0 times
Jeannetta
9 months ago
User 4: Don't forget about /mnt! That directory might have some interesting data to look into as well.
upvoted 0 times
...
Laura
9 months ago
User 3: /sbin is another directory that Sam should definitely check out. It could have some crucial system files.
upvoted 0 times
...
Socorro
9 months ago
User 2: I think /lib might also have some important information to review. Can't overlook that directory.
upvoted 0 times
...
Tashia
10 months ago
User 1: /tmp is definitely a good place to start. Who knows what could be lurking there.
upvoted 0 times
...
...
Hillary
10 months ago
I'm going with /sbin. That's where all the essential system binaries are, and if the system's been compromised, he'll need to check that out.
upvoted 0 times
...
Corazon
10 months ago
I believe Sam should also look into directory D) /sbin for reviewing system binaries.
upvoted 0 times
...
Elliott
10 months ago
I agree with Talia. Directory C) /lib is essential for investigating the compromised system.
upvoted 0 times
...
Talia
10 months ago
I think Sam should review directory C) /lib because it contains system libraries.
upvoted 0 times
...
Anissa
11 months ago
The /lib directory, of course! That's where all the system libraries are stored, and Sam's got to dive in there to find any suspicious stuff.
upvoted 0 times
Lenna
9 months ago
User 2: Yeah, that's where all the system libraries are stored.
upvoted 0 times
...
Rory
9 months ago
User 1: Sam should definitely review the /lib directory.
upvoted 0 times
...
Leah
10 months ago
D) /sbin
upvoted 0 times
...
Gretchen
10 months ago
C) /tmp
upvoted 0 times
...
Aleisha
10 months ago
B) /mnt
upvoted 0 times
...
Kara
10 months ago
A) /lib
upvoted 0 times
...
...

Save Cancel