nerdexam
GIAC

GSLC · Question #473

GSLC Question #473: Real Exam Question with Answer & Explanation

The correct answer is A. File integrity auditing. File integrity auditing compares cryptographic hash values of system files against a known-good baseline to detect unauthorized modifications.

Question

Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

Options

  • AFile integrity auditing
  • BReconnaissance
  • CSpoofing
  • DShoulder surfing

Explanation

File integrity auditing compares cryptographic hash values of system files against a known-good baseline to detect unauthorized modifications.

Common mistakes.

  • B. Reconnaissance is the process of gathering information about a target system or network prior to an attack, not comparing cryptographic hash values of files.
  • C. Spoofing involves impersonating a legitimate entity such as an IP address, MAC address, or email sender, which is unrelated to hash comparison of system files.
  • D. Shoulder surfing is a social engineering technique of visually observing someone's screen or keyboard to steal credentials, not a file hash comparison process.

Concept tested. File integrity monitoring via cryptographic hashing

Reference. https://csrc.nist.gov/publications/detail/sp/800-137/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice