1. Home
  2. GIAC
  3. Cyber Security
  4. GCFR
  5. GIAC Cloud Forensics Responder (GCFR) Questions and Answers

Pass the GIAC Cyber Security GCFR Questions and answers with CertsForce

 GIAC Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
Questions # 11:

Microsoft.Key Vault is an example of which component of Azure's structure?

Options:
A.

Resource manager

B.

Resource

C.

Resource provider

D.

Resource group

Questions # 12:

A company is creating an incident response team that will be part of their existing GCP Organization. Where in the organizational structure should their services be placed?

Options:
A.

With the Resources

B.

As part of d Project

C.

ln a dedicated Folder

D.

At the root Organization

Questions # 13:

Communication between the VPN client and Azure VNet1via VPN Tunnel #1 is using which of the following connections?

Question # 13

Options:
A.

Point-to-site VPN

B.

IPSec

Questions # 14:

What is the recommended storage type when creating an initial snapshot of a VM in Azure for forensic analysis?

Options:
A.

Standard SSD

B.

Ultra Disk

C.

Premium SSD

D.

Standard HDD

Questions # 15:

What is the maximum file size for Azure Page Blob storage?

Options:
A.

10.25 TB

B.

10.25 TB

C.

8TB

D.

7TB

Questions # 16:

Which statement describes a zld.metal EC2 instance?

Options:
A.

It Is an accelerated computing system with a GPU or I PGA

B.

The system can be configured to add resources at a trigger point

C.

It is a high-frequency system with very fast RAM access

D.

The system is optimized for a high CPU-to-memory ratio

Questions # 17:

An investigator his successfully installed the ExchangeOnlineManagement module on their investigation system and is attempting to search a client's Microsoft 365 Unified Audit Log using PowerShell. PowerShell returns a "command not found" error each time they try to execute the Search-UnifiedAuditLog cmdlet. How should the investigator troubleshoot this issue?

Options:
A.

Ensure their system has .NFT version 4.b or later Installed

B.

Ensure that MFA has been disabled for The account used

C.

Check that they are using PowerShell Core

D.

Check the permissions of the account used in Microsoft 365

Questions # 18:

Which is the effective access when aws user is assigned to an S3 bucket?

Options:
A.

A user must have an employee account

B.

A user must have an account under any AWS account

C.

A user must be under the same AWS account as the S3 bucket

D.

A user must have the AWS IAM role assigned

Questions # 19:

What type of AWS log is the following snippet an example of?

Question # 19

Options:
A.

Web Application firewall Log

B.

VPC Flow Log

C.

Load Balancer Log

D.

Route 53 Query Log

Questions # 20:

In which scenario would an investigator collect NetFlow logs rather than PCAP logs?

Options:
A.

To save on storage space

B.

For detailed network monitoring

C.

For deep packet inspection

D.

To collect application layer data

Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions