GIAC Cloud Forensics Responder (GCFR) Exam Questions verified to pass 2023/2024

GIAC Cloud Forensics Responder (GCFR) Exam Questions Which is the effective access when aws user is assigned to an S3 bucket? A. A user must have an employee account B. A user must have an account under any AWS account C. A user must be under the same AWS account as the S3 bucket D. A user must have the AWS IAM role assigned - correct answer Answer: C What logical AWS structure type is used to chain together accounts in a trust relationship which allows for single sign-on and cross-account management? A. Subscription B. Organisation C. OU D. Tenant - correct answer Answer: B In Azure, which of the following describes a "Contributor"? A. A collection of permissions such as read, write, and delete B. A designation on a PKI certificate C. A specification of who can access a resource group D. An object representing an entity - correct answer Answer: A What Pub/Sub component is used to forward GCP logs to their final location? A. Topic B. Log Sink C. Publication D. Subscription - correct answer Answer: B Which of the following is the smallest unit of computing hardware in Kubernetes? A. Cluster B. Node C. Container D. Pod - correct answer Answer: D What is a best practice recommendation when using API keys for AWS access? A. Delete the account's default access keys B. Define specific role permissions C. Enable MFA protection D. Configure STS one-time tokens - correct answer Answer: A What would prevent GCP 1AM from linking to Google Workspace to manage users and groups? A. A gcp-organization-admins group was not created B. The connector was not configured to link the services C. Inadequate Identity and Access Management license D. Google Workspace cannot be linked to GCP 1AM - correct answer Answer: D An investigator confirms that phishing emails sent to users in an organization ate not being sent to their Gmall Spam folder. What is a possible cause for this? A. The default setting for enhanced pre-delivery message scanning was changed B. The security sandbox default configuration setting was changed C. A third party application needs to be installed to detect phishing emails D. Compliance based rules need to be configured to detect phishing emails - correct answer Answer: A How is storage account, csc87633, created in an Azure resource group? A. PowerShell Cloud Shell audit logging was enabled B. A Bash Cloud Shell was used