GIAC GCFA Exam - Topic 7 Question 9 Discussion

Actual exam question for GIAC's GCFA exam

Question #: 9
Topic #: 7

[All GCFA Questions]

You work as a Network Administrator for Blue Well Inc. Your company's network has a Windows 2000 server with the FAT file system. This server stores sensitive data. You want to encrypt this data to protect it from unauthorized access. You also have to accomplish the following goals:

Data should be encrypted and secure.

Administrative effort should be minimum.

You should have the ability to recover encrypted files in case the file owner leaves the company.

Other permissions on encrypted files should be unaffected.

File-level security is required on the disk where data is stored.

Encryption or decryption of files should not be the responsibility of the file owner.

You take the following steps to accomplish these goals:

Convert the FAT file system to NTFS file system.

Use third-party data encryption software.

What will happen after taking these steps?

Each correct answer represents a complete solution. Choose all that apply.

AFile-level security will be available on the disk where data is stored.

BData will be encrypted and secure.

CEncryption or decryption of files will no longer be the responsibility of the file owner.

DOther permissions on encrypted files will remain unaffected.

EAdministrative effort will be minimum.

Show Suggested Answer

Suggested Answer: A, B, D

by Josephine at May 09, 2022, 12:37 PM

Limited Time Offer

25%

Off

Get Premium GCFA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Eden

4 months ago

E seems too optimistic, third-party software can complicate things.

upvoted 0 times

...

Fabiola

4 months ago

D sounds right, permissions shouldn't change with encryption.

upvoted 0 times

...

Louvenia

4 months ago

C might not be accurate, file owners still need to manage access.

upvoted 0 times

...

Fletcher

4 months ago

B is a given, encryption is key for sensitive data!

upvoted 0 times

...

Mattie

5 months ago

A is definitely true, NTFS supports file-level security.

upvoted 0 times

...

Merlyn

5 months ago

I practiced a similar question where we discussed third-party encryption software. I think option B should be right since it should secure the data.

upvoted 0 times

...

Allene

5 months ago

I’m a bit unsure about option C. I thought file owners would still have some responsibility for encryption unless we use a specific method.

upvoted 0 times

...

Nickie

5 months ago

I remember that converting FAT to NTFS is essential for file-level security, so I think option A is definitely correct.

upvoted 0 times

...

Clare

5 months ago

I vaguely recall that administrative effort might not be minimal if we have to manage third-party software, so I’m not sure about option E.

upvoted 0 times

...

Kimbery

5 months ago

Okay, I've got it! The syllabus guidelines call for more comprehensive testing for safety-critical applications, so we need to increase the black-box testing and test automation coverage. Option D looks like the best fit based on those requirements.

upvoted 0 times

...

Bev

5 months ago

Hmm, I'm a bit confused on the difference between a Service Appointment and a Work Order Line Item. I'll need to review those concepts to figure out the best way to configure the Time Sheet.

upvoted 0 times

...

Alida

5 months ago

I'm a bit confused by the wording of this question. Is it asking about the overall management of the facility, or just the specific term for the assigned work? I'll have to read it over again.

upvoted 0 times

...

Dottie

5 months ago

Okay, I think I've got this. The command nz_responders displays information from nzsql responders in a more user-friendly format, so the correct answer is B.

upvoted 0 times

...