nerdexam
ExamsGCIHQuestions#561
GIAC

GCIH · Question #561

GCIH Question #561: Real Exam Question with Answer & Explanation

The correct answer is A: Review DNS logs and caches from all machines against listing of malware domains. The DNS logs are one way of getting sites that were accessed even while traveling if laptops were compromised while not on the corporate network.

Question

A company is reviewing its systems. The review includes travelling laptops with insecure connections, and is focused on finding connections to known malicious locations. What would be an efficient way of accomplishing this task?

Options

  • AReview DNS logs and caches from all machines against listing of malware domains
  • BSort logs from the web proxy for requests made against listings of malware domains
  • CGo through logs from the company firewall for connections to known bad sites
  • DCheck VPN logs for the connections made by travelling laptops

Explanation

The DNS logs are one way of getting sites that were accessed even while traveling if laptops were compromised while not on the corporate network.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice
A company is reviewing its systems. The review includes travelling... | GCIH Q#561 Answer | NerdExam