GFACT CERTIFICATION EXAM 2025 | ALL QUESTIONS AND CORREC
GFACT Certification Exam
ANSWERS | VERIFIED ANSWERS | LATEST VERSION | GRADED A+ |
Study online at https://quizlet.com/_d13f9c
JUST RELEASED
1. (B2, Pg122) What does it mean when a computer pro- It can run multiple chunks
gram is "multi-threaded"? of code concurrently
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
2. (B3, Pg162) Which of the following is a common result Sending a website user's
of a reflected cross-site scripting attack? session cookie to an at-
tacker
A)Tricking a user into making an authenticated trans-
action
B)Sending a website user's session cookie to an at-
tacker
C) Embedding the attacker's malware in web applica-
tion source code
D) Stealing password hashes from a website's back
end database
*HINT* It may be under the session guessing section,
but if you read further into it, you will see where it
mentions XSS attack.
3. (B3, Pg90) What tool can be used to fingerprint the Nmap
operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap
4. File Inclusion
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
(B3, Pg151) What type of vulnerability is illustrated
where there is code in the web page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
*HINT* While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a
page that looks like PHP code and how that code can
gain you access to the access logs of the server.
5. (B3, Pg88-89) An alert indicates that a compromised Identify services running
host was used by an attacker to run the command on network hosts
below. What was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
A)Map a network drive to a remote host
B)Identify services running on network hosts
C)Execute a script on a remote host
D)Send Spoofed packets to network hosts
6. What type of artifact can a blue team member use to Metadata
identify the name that is associated to the file?
A)Metadata
B)Windows security logs
C)Prefetch
D)File Ownership
7. A Registry Key
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Soft-
ware\Microsoft\Windows\CurrentVersion\Run con-
sidered to be?
A)Domain Name
B)Log File Path
C) Registry Key
D) Yo Mama's Number
8. (B1, Pg236) If a user agent is used, where would it be In a GET Request
found in the HTTP Protocol?
A)In the response header
B)In the response body
C)Delimited by an h1 tag
D) In a GET Request
9. What benefit does moving from local logging to using Harder for attackers to
a log server provide organizations? overwrite logs
A) Enables the use of network intrusion detection sys-
tems (NIDS)
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server
to infiltrate the network
D)Less complex logging infrastructure
10. (B3, Pg187) What is the only way to mitigate an integer Checking that the result of
overflow/underflow? any change to a signed
integer falls within an al-
A) Takin the absolute value of negative results prior to lowed range
running the equation
B) Checking that the result of any change to a signed
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
integer falls within an allowed range
C) Randomizing salt values prior to hashing user con-
tent
D) Sanitizing user input to block special characters
from being entered
11. (B2, Pg17) Which Variable name will cause Python to 2nd_phone_number
produce an error?
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
*HINT* You can start a variable name with a letter or
an underscore, but NOT WITH A NUMBER!
12. What is the following command attempting to accom- Search for subdomains
plish in Kali Linux? based upon the wordlist
provided
dnsmap myfakedomain.local -w
/usr/share/wordlists/dnsmap.txt
A)Search for subdomains based upon the wordlist
provided
B) Check for users based on the wordlist provided
C)Run checks on the applications based on the
wordlist provided
D)Call yo mama
13. (B3, Pg121) How do you remove data from a Solid Destroy it
State Drive?
GFACT Certification Exam
ANSWERS | VERIFIED ANSWERS | LATEST VERSION | GRADED A+ |
Study online at https://quizlet.com/_d13f9c
JUST RELEASED
1. (B2, Pg122) What does it mean when a computer pro- It can run multiple chunks
gram is "multi-threaded"? of code concurrently
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
2. (B3, Pg162) Which of the following is a common result Sending a website user's
of a reflected cross-site scripting attack? session cookie to an at-
tacker
A)Tricking a user into making an authenticated trans-
action
B)Sending a website user's session cookie to an at-
tacker
C) Embedding the attacker's malware in web applica-
tion source code
D) Stealing password hashes from a website's back
end database
*HINT* It may be under the session guessing section,
but if you read further into it, you will see where it
mentions XSS attack.
3. (B3, Pg90) What tool can be used to fingerprint the Nmap
operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap
4. File Inclusion
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
(B3, Pg151) What type of vulnerability is illustrated
where there is code in the web page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
*HINT* While it doesn't exactly say "code in the web
page", it mentions how you can sometimes view a
page that looks like PHP code and how that code can
gain you access to the access logs of the server.
5. (B3, Pg88-89) An alert indicates that a compromised Identify services running
host was used by an attacker to run the command on network hosts
below. What was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
A)Map a network drive to a remote host
B)Identify services running on network hosts
C)Execute a script on a remote host
D)Send Spoofed packets to network hosts
6. What type of artifact can a blue team member use to Metadata
identify the name that is associated to the file?
A)Metadata
B)Windows security logs
C)Prefetch
D)File Ownership
7. A Registry Key
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
(B3, Pg307-308) What is HKEY_LOCAL_MACHINE\Soft-
ware\Microsoft\Windows\CurrentVersion\Run con-
sidered to be?
A)Domain Name
B)Log File Path
C) Registry Key
D) Yo Mama's Number
8. (B1, Pg236) If a user agent is used, where would it be In a GET Request
found in the HTTP Protocol?
A)In the response header
B)In the response body
C)Delimited by an h1 tag
D) In a GET Request
9. What benefit does moving from local logging to using Harder for attackers to
a log server provide organizations? overwrite logs
A) Enables the use of network intrusion detection sys-
tems (NIDS)
B) Harder for attackers to overwrite logs
C) Attackers will have to pivot through an extra server
to infiltrate the network
D)Less complex logging infrastructure
10. (B3, Pg187) What is the only way to mitigate an integer Checking that the result of
overflow/underflow? any change to a signed
integer falls within an al-
A) Takin the absolute value of negative results prior to lowed range
running the equation
B) Checking that the result of any change to a signed
, GFACT Certification Exam
Study online at https://quizlet.com/_d13f9c
integer falls within an allowed range
C) Randomizing salt values prior to hashing user con-
tent
D) Sanitizing user input to block special characters
from being entered
11. (B2, Pg17) Which Variable name will cause Python to 2nd_phone_number
produce an error?
A)2nd_phone_number
B)LASTNAM_
C)streetAddress
D)_firstname
*HINT* You can start a variable name with a letter or
an underscore, but NOT WITH A NUMBER!
12. What is the following command attempting to accom- Search for subdomains
plish in Kali Linux? based upon the wordlist
provided
dnsmap myfakedomain.local -w
/usr/share/wordlists/dnsmap.txt
A)Search for subdomains based upon the wordlist
provided
B) Check for users based on the wordlist provided
C)Run checks on the applications based on the
wordlist provided
D)Call yo mama
13. (B3, Pg121) How do you remove data from a Solid Destroy it
State Drive?