Page |1
SANS SEC 275 Questions and Correct
Answers/ Latest Update / Already Graded
/ qn
Ans: Don't launch with a graphical user interface.
/i
Ans: Don't try to run as administrator, run as a normal user
instead (this won't matter because of AlwaysInstallElevated).
/quiet
Ans: Don't show the user any messages.
1024?!
Ans: 1 kilobyte = 1024 bytes. IEC introduced KiB instead: 1 byte
is 8 bits. 1 kibibyte (KiB) is 1024 bytes. 1 mebibyte (MiB) is 1024
kibibytes. 1 gibibyte (GiB) is 1024 mebibytes. 1 tebibyte (TiB) is
1024 gibibytes.
Active Directory
Ans: A system that allows the server to communicate with
Windows desktops, allowing the administrator to easily
All rights reserved © 2025/ 2026 |
, Page |2
configure all the connected desktops from one location,
amongst other uses which we will cover in future modules.
Active Directory allows administrators to configure settings on
Windows desktops that are connected to a Windows server.
Adding a new user
Ans: Adding a new user is as simple as running: net user /add
<username> <password> This command will create a new user
and set the password to what you specified. You can do so
much more when creating users this way, such as configuring
account expiry and setting times where the account can log on.
Add-ins
Ans: Microsoft Word allows for third parties to write 'add-ins',
which extend the functionality of Microsoft Word.
Advanced Memory Forensics with Volatility
Ans: Volatility is one of the most widely used memory forensics
tools. Useful Volatility commands: imageinfo - vol.py or
volatility -f memdump.mem imageinfo
Aliases
All rights reserved © 2025/ 2026 |
, Page |3
Ans: PowerShell comes with several aliases set up for common
cmdlets. cat, cd, dir, ls, rm
Alternate Number Bases
Ans: We are very used to counting in base 10, but other number
bases like base 16 (hex) or base 2 (binary) are incredibly useful
in computing.
Alternative Search Engines
Ans: No two search engines are the same. Alternative Search
Engines - Google, Bing, Yahoo, DuckDuckGo, archive.org
AlwaysInstall Elevated
Ans: Some administrators will configure this so that users can
install software on their computers without administrator
approval.
Analytics
Ans: Collecting stats and analysing interactions on a web
server.
All rights reserved © 2025/ 2026 |
, Page |4
Anti Forensics
Ans: Cyber criminals improve and modify their operational
security (OpSec) in order to avoid being caught. NotPetya is
part of the Petya family of encrypting ransomware that targets
Microsoft Windows based systems.
APFS
Ans: The Apple File System supports permissions and
encryption, and duplicate files can be stored without using
additional space, with changes to one copy of a file being saved
as a delta (the difference between the old file and the new file)
to lower space requirements.
Application Layer
Ans: An example of an application layer protocol is something
like HTTP or FTP. HTTP GET request is an application layer
protocol because the web browser will form the request
necessary for displaying a page or submitting a form.
apropos
Ans: The 'apropos' tool is used to search man pages for
keywords, usually to find the 'appropriate' tool to use in a
All rights reserved © 2025/ 2026 |
SANS SEC 275 Questions and Correct
Answers/ Latest Update / Already Graded
/ qn
Ans: Don't launch with a graphical user interface.
/i
Ans: Don't try to run as administrator, run as a normal user
instead (this won't matter because of AlwaysInstallElevated).
/quiet
Ans: Don't show the user any messages.
1024?!
Ans: 1 kilobyte = 1024 bytes. IEC introduced KiB instead: 1 byte
is 8 bits. 1 kibibyte (KiB) is 1024 bytes. 1 mebibyte (MiB) is 1024
kibibytes. 1 gibibyte (GiB) is 1024 mebibytes. 1 tebibyte (TiB) is
1024 gibibytes.
Active Directory
Ans: A system that allows the server to communicate with
Windows desktops, allowing the administrator to easily
All rights reserved © 2025/ 2026 |
, Page |2
configure all the connected desktops from one location,
amongst other uses which we will cover in future modules.
Active Directory allows administrators to configure settings on
Windows desktops that are connected to a Windows server.
Adding a new user
Ans: Adding a new user is as simple as running: net user /add
<username> <password> This command will create a new user
and set the password to what you specified. You can do so
much more when creating users this way, such as configuring
account expiry and setting times where the account can log on.
Add-ins
Ans: Microsoft Word allows for third parties to write 'add-ins',
which extend the functionality of Microsoft Word.
Advanced Memory Forensics with Volatility
Ans: Volatility is one of the most widely used memory forensics
tools. Useful Volatility commands: imageinfo - vol.py or
volatility -f memdump.mem imageinfo
Aliases
All rights reserved © 2025/ 2026 |
, Page |3
Ans: PowerShell comes with several aliases set up for common
cmdlets. cat, cd, dir, ls, rm
Alternate Number Bases
Ans: We are very used to counting in base 10, but other number
bases like base 16 (hex) or base 2 (binary) are incredibly useful
in computing.
Alternative Search Engines
Ans: No two search engines are the same. Alternative Search
Engines - Google, Bing, Yahoo, DuckDuckGo, archive.org
AlwaysInstall Elevated
Ans: Some administrators will configure this so that users can
install software on their computers without administrator
approval.
Analytics
Ans: Collecting stats and analysing interactions on a web
server.
All rights reserved © 2025/ 2026 |
, Page |4
Anti Forensics
Ans: Cyber criminals improve and modify their operational
security (OpSec) in order to avoid being caught. NotPetya is
part of the Petya family of encrypting ransomware that targets
Microsoft Windows based systems.
APFS
Ans: The Apple File System supports permissions and
encryption, and duplicate files can be stored without using
additional space, with changes to one copy of a file being saved
as a delta (the difference between the old file and the new file)
to lower space requirements.
Application Layer
Ans: An example of an application layer protocol is something
like HTTP or FTP. HTTP GET request is an application layer
protocol because the web browser will form the request
necessary for displaying a page or submitting a form.
apropos
Ans: The 'apropos' tool is used to search man pages for
keywords, usually to find the 'appropriate' tool to use in a
All rights reserved © 2025/ 2026 |
