GIAC CLOUD THREAT DETECTION (GCTD) PRACTICE EXAM LATEST QUESTIONS AND CORRECT ANSWERS GRADE A

GIAC CLOUD THREAT DETECTION (GCTD) PRACTICE EXAM LATEST QUESTIONS AND
CORRECT ANSWERS GRADE A

=================================================

Total Questions: 100

Question Types: Multiple Choice (A-D)

Format: Question + Answer Key + Explanation



--------------------------------------------------

QUESTION 1

What is the primary purpose of AWS CloudTrail?

A) Monitor network traffic

B) Log API activity across AWS services

C) Detect malware in EC2 instances

D) Manage IAM policies



ANSWER: B) Log API activity across AWS services

EXPLANATION: AWS CloudTrail is a service that enables governance, compliance,
operational auditing, and risk auditing of your AWS account through logging API calls and
account activity.



--------------------------------------------------

QUESTION 2

Which Azure service provides centralized security policy management and threat detection
across hybrid cloud workloads?

A) Azure Security Center

B) Azure Sentinel

C) Azure Monitor

,D) Azure Policy



ANSWER: A) Azure Security Center

EXPLANATION: Azure Security Center provides unified security management and advanced
threat protection across hybrid cloud workloads, including security policy management
and threat detection capabilities.



--------------------------------------------------

QUESTION 3

What type of attack involves an adversary attempting to enumerate valid IAM users in a
cloud environment?

A) Credential stuffing

B) IAM user enumeration

C) Role assumption attack

D) Token hijacking



ANSWER: B) IAM user enumeration

EXPLANATION: IAM user enumeration is a reconnaissance technique where attackers
attempt to discover valid IAM user names through error messages or API responses.



--------------------------------------------------

QUESTION 4

In GCP, which service provides security and compliance health checks and threat
detection?

A) Cloud Security Command Center

B) Cloud Monitoring

C) Cloud Logging

,D) Cloud Armor



ANSWER: A) Cloud Security Command Center

EXPLANATION: Google Cloud Security Command Center provides security and risk
management platform that helps with security health analytics, vulnerability scanning, and
threat detection.



--------------------------------------------------

QUESTION 5

What is the primary risk associated with public S3 buckets?

A) Increased storage costs

B) Data exfiltration

C) DDoS attacks

D) Malware injection



ANSWER: B) Data exfiltration

EXPLANATION: Public S3 buckets can lead to data exfiltration if sensitive data is stored
without proper access controls, potentially exposing confidential information.



--------------------------------------------------

QUESTION 6

Which AWS service can detect unusual API activity that might indicate a compromised
account?

A) AWS GuardDuty

B) AWS Config

C) AWS Inspector

D) AWS Shield

, ANSWER: A) AWS GuardDuty

EXPLANATION: AWS GuardDuty is a threat detection service that continuously monitors for
malicious activity and unauthorized behavior using machine learning and threat
intelligence.



--------------------------------------------------

QUESTION 7

What is "shadow IT" in cloud security context?

A) Unauthorized cloud services usage

B) Dark web monitoring

C) Backup infrastructure

D) Penetration testing



ANSWER: A) Unauthorized cloud services usage

EXPLANATION: Shadow IT refers to IT systems and solutions built and used inside
organizations without explicit organizational approval, often using cloud services without
security oversight.



--------------------------------------------------

QUESTION 8

Which Azure service is a SIEM solution for cloud environments?

A) Azure Sentinel

B) Azure Defender

C) Azure Log Analytics

D) Azure Event Hubs