GFACT Certification Exam UPDATED ACTUAL Questions and CORRECT Answers
(B2, Pg122) What does it mean when a computer pro-
gram is "multi-threaded"?
A) It calls multiple external libraries It can run multiple chunks of code concurrently
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
(B3, Pg162) Which of the following is a common result of
a reflected cross-site scripting attack?
A) Tricking a user into making an authenticated transac-
tion
B) Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application
Sending a website user's session cookie to an attacker
source code
D) Stealing password hashes from a website's back end
database
*HINT* It may be under the session guessing section, but
if you read further into it, you will see where it mentions
XSS attack.
(B3, Pg90) What tool can be used to fingerprint the op-
erating system of a host?
A)netstat Nmap
B)dig
C)nslookup
D)nmap
(B3, Pg151) What type of vulnerability is illustrated where
there is code in the web page?
,A) File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
File Inclusion
*HINT* While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a page
that looks like PHP code and how that code can gain you
access to the access logs of the server.
(B3, Pg88-89) An alert indicates that a compromised host
was used by an attacker to run the command below. What
was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
Identify services running on network hosts
A) Map a network drive to a remote host
B) Identify services running on network hosts
C) Execute a script on a remote host
D) Send Spoofed packets to network hosts
What type of artifact can a blue team member use to
identify the name that is associated to the file?
A)Metadata Metadata
B)Windows security logs
C)Prefetch
D)File Ownership
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Soft-
ware\Microsoft\Windows\CurrentVersion\Run consid-
ered to be?
A Registry Key
A) Domain Name
B) Log File Path
, C) Registry Key
D) Yo Mama's Number
(B1, Pg236) If a user agent is used, where would it be
found in the HTTP Protocol?
A) In the response header In a GET Request
B) In the response body
C)Delimited by an h1 tag
D) In a GET Request
What benefit does moving from local logging to using a
log server provide organizations?
A) Enables the use of network intrusion detection systems
(NIDS) Harder for attackers to overwrite logs
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server to
infiltrate the network
D) Less complex logging infrastructure
(B3, Pg187) What is the only way to mitigate an integer
overflow/underflow?
A) Takin the absolute value of negative results prior to
running the equation Checking that the result of any change to a signed integer
B) Checking that the result of any change to a signed falls within an allowed range
integer falls within an allowed range
C) Randomizing salt values prior to hashing user content
D) Sanitizing user input to block special characters from
being entered
(B2, Pg17) Which Variable name will cause Python to
produce an error?
, A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname 2nd_phone_number
*HINT* You can start a variable name with a letter or an
underscore, but NOT WITH A NUMBER!
What is the following command attempting to accomplish
in Kali Linux?
dnsmap myfakedomain.local -w
/usr/share/wordlists/dnsmap.txt
A) Search for subdomains based upon the wordlist provid- Search for subdomains based upon the wordlist provided
ed
B) Check for users based on the wordlist provided
C) Run checks on the applications based on the wordlist
provided
D) Call yo mama
(B3, Pg121) How do you remove data from a Solid State
Drive?
A) Destroy it Destroy it
B) Place Magnets upon it
C) Snap it
D) Yo mama sit on it
(B3, Pg56) Where are the wordlists located in Kali?
A)/var/opt/wordlists /usr/share/wordlists
B)/etc/default/wordlists
C)/etc/security/wordlists
(B2, Pg122) What does it mean when a computer pro-
gram is "multi-threaded"?
A) It calls multiple external libraries It can run multiple chunks of code concurrently
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
(B3, Pg162) Which of the following is a common result of
a reflected cross-site scripting attack?
A) Tricking a user into making an authenticated transac-
tion
B) Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application
Sending a website user's session cookie to an attacker
source code
D) Stealing password hashes from a website's back end
database
*HINT* It may be under the session guessing section, but
if you read further into it, you will see where it mentions
XSS attack.
(B3, Pg90) What tool can be used to fingerprint the op-
erating system of a host?
A)netstat Nmap
B)dig
C)nslookup
D)nmap
(B3, Pg151) What type of vulnerability is illustrated where
there is code in the web page?
,A) File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
File Inclusion
*HINT* While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a page
that looks like PHP code and how that code can gain you
access to the access logs of the server.
(B3, Pg88-89) An alert indicates that a compromised host
was used by an attacker to run the command below. What
was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
Identify services running on network hosts
A) Map a network drive to a remote host
B) Identify services running on network hosts
C) Execute a script on a remote host
D) Send Spoofed packets to network hosts
What type of artifact can a blue team member use to
identify the name that is associated to the file?
A)Metadata Metadata
B)Windows security logs
C)Prefetch
D)File Ownership
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Soft-
ware\Microsoft\Windows\CurrentVersion\Run consid-
ered to be?
A Registry Key
A) Domain Name
B) Log File Path
, C) Registry Key
D) Yo Mama's Number
(B1, Pg236) If a user agent is used, where would it be
found in the HTTP Protocol?
A) In the response header In a GET Request
B) In the response body
C)Delimited by an h1 tag
D) In a GET Request
What benefit does moving from local logging to using a
log server provide organizations?
A) Enables the use of network intrusion detection systems
(NIDS) Harder for attackers to overwrite logs
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server to
infiltrate the network
D) Less complex logging infrastructure
(B3, Pg187) What is the only way to mitigate an integer
overflow/underflow?
A) Takin the absolute value of negative results prior to
running the equation Checking that the result of any change to a signed integer
B) Checking that the result of any change to a signed falls within an allowed range
integer falls within an allowed range
C) Randomizing salt values prior to hashing user content
D) Sanitizing user input to block special characters from
being entered
(B2, Pg17) Which Variable name will cause Python to
produce an error?
, A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname 2nd_phone_number
*HINT* You can start a variable name with a letter or an
underscore, but NOT WITH A NUMBER!
What is the following command attempting to accomplish
in Kali Linux?
dnsmap myfakedomain.local -w
/usr/share/wordlists/dnsmap.txt
A) Search for subdomains based upon the wordlist provid- Search for subdomains based upon the wordlist provided
ed
B) Check for users based on the wordlist provided
C) Run checks on the applications based on the wordlist
provided
D) Call yo mama
(B3, Pg121) How do you remove data from a Solid State
Drive?
A) Destroy it Destroy it
B) Place Magnets upon it
C) Snap it
D) Yo mama sit on it
(B3, Pg56) Where are the wordlists located in Kali?
A)/var/opt/wordlists /usr/share/wordlists
B)/etc/default/wordlists
C)/etc/security/wordlists
