Online Access Free GDAT Exam Questions

Exam Code:	GDAT
Exam Name:	GIAC Defending Advanced Threats
Certification Provider:	GIAC
Free Question Number:	152
Posted:	Oct 07, 2025

Rating

100%

Page: 1 / 31
Total 152 questions

Question 1

Which of the following are techniques used by malware to maintain persistence on a system?
(Choose two)
Response:

A.Installing a new service on the system
B.Disabling automatic system updates
C.Writing malicious scripts to the startup folder
D.Encrypting all user data

Question 2

What measures can be implemented to enhance the security of Kerberos authentication systems in Active Directory?
Response:

A.Configuring account lockout policies for failed authentication attempts
B.Enabling AES encryption for Kerberos tickets
C.Increasing the maximum lifetime of service tickets
D.Requiring two-factor authentication for service ticket requests

Question 3

In the context of exploit mitigation, what is the purpose of employing a Web Application Firewall (WAF)?
Response:

A.To monitor network traffic
B.To serve as the primary user authentication method
C.To manage network bandwidth usage
D.To detect and prevent SQL injection and cross-site scripting attacks

Question 4

Discuss the advantages of using steganography for data exfiltration.
Response:

A.Leaves no trace on network security devices
B.Difficult to detect without awareness of the specific technique used
C.Can transfer large volumes of data quickly
D.Requires minimal technical skill to implement

Question 5

Your organization is preparing for an adversary emulation exercise to simulate a potential attack from an Advanced Persistent Threat (APT) group. During the exercise, the red team successfully establishes persistence on a critical server using a PowerShell script that bypassed the organization's security monitoring systems.
After detecting this activity, your blue team is tasked with mitigating the threat. What actions should be taken to both remediate the threat and improve future defense mechanisms?
Response:

A.Strengthen security monitoring to detect future PowerShell-based attacks
B.Conduct a forensic investigation to trace the origin and scope of the attack
C.Isolate the affected server from the network and remove the malicious scripts
D.Rebuild the affected server from a clean backup and review access policies

Latest Upload: 105HP.HPE6-A85.v2025-10-09.q102; 112Oracle.1Z0-1161-1.v2025-10-09.q18; 105Cisco.350-601.v2025-10-09.q638; 119SAP.C_BCBDC_2505.v2025-10-08.q34; 133GAQM.Databricks-Certified-Data-Engineer-Associate.v2025-10-08.q106; 130WGU.Scripting-and-Programming-Foundations.v2025-10-08.q82; 126PRINCE2.PRINCE2Foundation.v2025-10-07.q143; 133Cisco.300-425.v2025-10-07.q109; 109Cisco.200-901.v2025-10-07.q300; 120VMware.3V0-32.23.v2025-10-07.q93