COMPLETE GIAC FOUNDATIONAL
CYBERSECURITY TECHNOLOGIES STUDY
GUIDE & PRACTICE QUESTIONS
| GRADED A+ | GUARANTEED SUCCESS
Updated 2026 Questions and Answers
100% Verified Exam Prep and Comprehensive
Rationales Included
,(B2, Pg122) What does it mean when a computer It can run multiple chunks of code concurrently
program is "multi-threaded"?
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
(B3, Pg162) Which of the following is a common result Sending a website user's session cookie to an attacker
of a reflected cross-site scripting attack?
A)Tricking a user into making an authenticated
transaction
B)Sending a website user's session cookie to an
attacker
C) Embedding the attacker's malware in web
application source code
D) Stealing password hashes from a website's back end
database
HINT It may be under the session guessing section, but
if you read further into it, you will see where it mentions
XSS attack.
,(B3, Pg90) What tool can be used to fingerprint the Nmap
operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap
, (B3, Pg151) What type of vulnerability is illustrated File Inclusion
where there is code in the web page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
HINT While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a page
that looks like PHP code and how that code can gain
you access to the access logs of the server.
(B3, Pg88-89) An alert indicates that a compromised Identify services running on network hosts
host was used by an attacker to run the command
below. What was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
A)Map a network drive to a remote host
B)Identify services running on network hosts
C)Execute a script on a remote host
D)Send Spoofed packets to network hosts