nerdexam
ExamsGCIHQuestions#634
GIAC

GCIH · Question #634

GCIH Question #634: Real Exam Question with Answer & Explanation

Sign in or unlock GCIH to reveal the answer and full explanation for question #634. The question stem and answer options stay visible for context.

Malware Analysis & Advanced Persistent Threats

Question

As indicated in the following image, an analyst runs the dir and more commands. What can the analyst conclude about Judges.txt?

Exhibit

GCIH question #634 exhibit

Options

  • AThe file size is 35 bytes
  • BThe file is encoded by Quarterly_Results.txt
  • CIt is on a FAT partition
  • DIt is an alternate data stream

Unlock GCIH to see the answer

You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock GCIH - $49.99 / 30 daysSign in

Topics

#alternate data streams#NTFS forensics#Windows#data hiding
Full GCIH Practice