Gcih - Study guides, Class notes & Summaries

A software management suite provided by Microsoft that allows users to manage a large number of Windows based computers. It features remote control, patch management, operating system deployment, network protection and other various services ☑: System Center Configuration Manager (SCCM) The action or plan for dealing with intrusions, cyber-theft, DoS and other computer security related events ☑: Incident Handling Refers to actions that result in harm or the significant threat of ha...

PICREL ☑: Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned What are the 6 steps of Incident Response process? ☑: PICERL - Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned HTTPS port ☑: TCP 443 HTTP port ☑: TCP 80 SMB Port ☑: TCP 44

Q: What is the relative identifier for the "Performance Log Users" group on the host 192.168.101.150? Use the credentials below: Username - Candidate Password - Pas$$w0rd ☑: A: rpcclient 102.168.101.150 -U Candidate <password from question> Rpcclient> enumalsgroups builtin Q: Analyze the memory file below using the netscan plugin, /home/giac/mem_captures/hen_. To Which address did PuTTY connect? Note: This analysis will take approximately 1 minute to run. ☑: A: cd ~/me...

netstat -naob ☑: network status, -o: process ID, -b: listening EXE and DLLs lsof -i ☑: UNIX: what services are running netstat -a ☑: UNIX/Windows - what services are running C:> tasklist ☑: what processes are running on the machine C:> tasklist /v ☑: what processes are running on the machine (verbose) C:> wmic process list full ☑: what processes are running on the machine - full list C:> ☑: list of running services C:> net star

SANS GCIH Exam 2024_2025 fully solved & updated

sptoolkit ☑: Phishing framework Phishme ☑: Phishing framework GRR Rapid Response ☑: Performing large-scale incident response and hunt teaming Rekall ☑: Memory Analysis tool Nessus ☑: Vulnerability Scanner Redline ☑: Malware reporting and risk assessment software

What people should be brought in as an incident response team? - ANSWER * Security * Systems Admin * Network Management * Legal * HR * Public Affairs * Disaster Recovery * Union Rep How should the incident response team be organized? - ANSWER With onsite people Establish a baseline for response What are some ways to prepare for issues? - ANSWER * System build checklists per system type * Establish comp time for the team - What should go into an emergency communications plan? - ANSW...

GCIH - Book 2 SOLUTIONS Hacker - ANSWER a highly intelligent individual who wants to explore technology to learn cracker - ANSWER is someone who maliciously breaks into a system Script Kiddies - ANSWER The less informed hackers. They look for low hanging fruit. AKA Ankle Biters. Hacktivism - ANSWER Launching Computer attacks to make a political point Ways hackers can make money on malicious code.... - ANSWER -sell the code -spam and web-based advertising -pump and dump stock schemes ...

Hacker - ANSWER a highly intelligent individual who wants to explore technology to learn cracker - ANSWER is someone who maliciously breaks into a system Script Kiddies - ANSWER The less informed hackers. They look for low hanging fruit. AKA Ankle Biters. Hacktivism - ANSWER Launching Computer attacks to make a political point Ways hackers can make money on malicious code.... - ANSWER -sell the code -spam and web-based advertising -pump and dump stock schemes -Phishing -DoS extortion ...