nerdexam
ExamsGCIHQuestions#360
GIAC

GCIH · Question #360

GCIH Question #360: Real Exam Question with Answer & Explanation

The correct answer is A: It can act as a NIDS when traffic is routed through it. CyberCPR is an incident response case management platform that can function as a network intrusion detection system when network traffic is routed through it.

Incident Response & Cyber Kill Chain

Question

What is one of the functions CyberCPR performs?

Options

  • AIt can act as a NIDS when traffic is routed through it
  • BAll uploaded files are hashed
  • CCyperCPR can act as an secure email server
  • DIt can act as a HIDS on the system it is installed on

Explanation

CyberCPR is an incident response case management platform that can function as a network intrusion detection system when network traffic is routed through it.

Common mistakes.

  • B. Automatically hashing all uploaded files is a feature associated with digital forensics and evidence management tools, not a core function of the CyberCPR incident response platform.
  • C. CyberCPR is not designed to operate as a secure email server - it is an incident response and case coordination platform focused on tracking, managing, and documenting response activities.
  • D. A HIDS monitors host-level activity such as file integrity, process execution, and local log events; CyberCPR's detection capability operates at the network layer via routed traffic, not at the host system level.

Concept tested. CyberCPR NIDS functionality via inline traffic routing

Topics

#CyberCPR#incident management tools#NIDS#incident response

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice