Free Preparation Discussions
MENU
GIAC Certified Enterprise Defender Exam
- Topic 1: Demonstrate knowledge of penetration testing and vulnerability assessment processes/ Digital Forensics Concepts and Application
- Topic 2: Vulnerability Assessment and Penetration Testing Concepts/ Defensive Infrastructure and Tactics
- Topic 3: Demonstrate knowledge of devices that are used to monitor networks/ Demonstrate an understanding of methods and practices of digital forensics
- Topic 4: Demonstrate an understanding of using logs and flows in network forensics/ demonstrate an understanding of commonly-used network protocols
- Topic 5: Demonstrate an understanding of interactive malware behavior analysis/ Demonstrate knowledge of audit techniques and the Center for Internet Security's benchmarks
- Topic 6: Demonstrate an understanding of the various types of malware, identify symptoms of infection/ Demonstrate proficiency in identification of forensic artifacts
- Topic 7: Demonstrate an understanding of intrusion prevention systems, their placement in the enterprise/ Demonstrate an understanding of continuous incident response processes
- Topic 8: Demonstrate an understanding of and proficiency using penetration testing and vulnerability assessment tools/ Malware Analysis Concepts and Basic Analysis Techniques
- Topic 9: Demonstrate basic knowledge of network and cloud-based infrastructure defensive measures/ Demonstrate an understanding of manual code reversal of malware, disassembly and decompiling malware
Free GIAC GIAC Certified Enterprise Defender Exam Actual Questions
The questions for GIAC Certified Enterprise Defender were last updated On Apr. 15, 2024
Which statement below is the MOST accurate about insider threat controls?
A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.
Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.
Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.
Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.
Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.
The creation of a filesystem timeline is associated with which objective?
Which of the following applies to newer versions of IOS that decrease their attack surface?
Recent versions of IOS have less services enabled by default, older versions vary but generally have more services (even those not needed) enabled by default; this increases the attack surface on the device.
Which statement below is the MOST accurate about insider threat controls?
A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.
Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.
Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.
Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.
Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!