← Back to exam page

GCED GIAC Certified Enterprise Defender

Loading demo links...

Showing 7–9 of 10 questions

Question 7

How would an attacker use the following configuration settings?

Select an option, then click Submit answer.

  • A client based HIDS evasion attack

  • A firewall based DDoS attack

  • A router based MITM attack

  • A switch based VLAN hopping attack
Question 8

A compromised router is reconfigured by an attacker to redirect SMTP email traffic to the attacker’s server before sending packets on to their intended destinations. Which IP header value would help expose anomalies in the path outbound SMTP/ Port 25 traffic takes compared to outbound packets sent to other ports?

Select an option, then click Submit answer.

  • Checksum

  • Acknowledgement number

  • Time to live

  • Fragment offset
Question 9

Which of the following is an outcome of the initial triage during incident response?

Select an option, then click Submit answer.

  • Removal of unnecessary accounts from compromised systems

  • Segmentation of the network to protect critical assets

  • Resetting registry keys that vary from the baseline configuration

  • Determining whether encryption is in use on in scope systems