GIAC Systems and Network Auditor GSNA Question # 16 Topic 2 Discussion
GSNA Exam Topic 2 Question 16 Discussion:
Question #: 16
Topic #: 2
You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. You use DumpSec as an auditing and reporting program for security issues. Which of the following statements is true about DumpSec? (Choose three)
A.
It obtains the DACLs for the registry.
B.
It dumps user and group information.
C.
It collates the DACLs for the file system.
D.
It kills the running services in the Windows environment.
DumpSec, a program launched by Somarsoft, is a security auditing and reporting program for Microsoft Windows. It collates and obtains the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers, and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group, and replication information, policies, as well as services (Win32) and kernel drivers loaded on the system. It can also report the current status of services (running or stopped) in the Windows environment. Answer: D is incorrect. It cannot kill running services. It can only report the current status of services (running or stopped) in the Windows environment.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit