GCTI無料試験問題と解答PDF最新問題2025年05月 [Q74-Q97]

Share

GCTI無料試験問題と解答PDF最新問題2025年05月

最新GCTI試験問題集で最近更新された166問題

質問 # 74
What is the role of geopolitical context in cyber attack attribution?
Response:

  • A. It reduces the complexity of the investigation
  • B. It limits the scope of attribution to local actors
  • C. It improves network security
  • D. It provides motives that may point to specific threat actors

正解:D


質問 # 75
Which two data points are commonly used in pivot analysis?
Response:

  • A. DNS records
  • B. IP addresses
  • C. Internal employee schedules
  • D. Wi-Fi passwords

正解:A、B


質問 # 76
What is the primary goal of profiling intrusion characteristics in cyber threat intelligence?
Response:

  • A. To enhance data encryption
  • B. To improve software development practices
  • C. To identify patterns and tactics used by attackers
  • D. To create stronger firewalls

正解:C


質問 # 77
Why is dynamic analysis of malware important in threat intelligence?
Response:

  • A. It deletes the malware from the system
  • B. It allows analysts to observe how malware behaves in a controlled environment
  • C. It improves encryption algorithms
  • D. It helps speed up the system

正解:B


質問 # 78
What is a common challenge when integrating external threat feeds with internal log data?
Response:

  • A. Inability to compress the data
  • B. Lack of encryption
  • C. Formatting differences between data sources
  • D. Speed of data collection

正解:C


質問 # 79
How can intelligence analysts use data from network indicators effectively?
Response:

  • A. By ignoring outdated data
  • B. By restricting access to only a few analysts
  • C. By focusing solely on encrypted traffic
  • D. By correlating the data with known threat patterns

正解:D


質問 # 80
Which of the following is a key factor when considering cyber attack attribution?
Response:

  • A. The color scheme of the phishing email
  • B. Type of data compromised
  • C. Number of employees affected
  • D. Attack signatures and malware used

正解:D


質問 # 81
You are tasked with investigating a suspected intrusion in a corporate network. Logs from the Intrusion Detection System (IDS) show an unusual increase in inbound traffic from a foreign IP address, but no malicious signatures have been detected. What steps should you take to enhance your analysis?
(Select three)
Response:

  • A. Perform a correlation analysis using data from other sources
  • B. Ignore the event since no malicious signature was detected
  • C. Cross-reference the IP address with threat intelligence feeds
  • D. Monitor the IP address for additional suspicious activity
  • E. Block all traffic from foreign IP addresses

正解:A、C、D


質問 # 82
Which tool is commonly used for sharing cyber threat intelligence between organizations?
Response:

  • A. Microsoft Excel
  • B. Google Analytics
  • C. Photoshop
  • D. ThreatConnect

正解:D


質問 # 83
In the Diamond Model of Intrusion Analysis, which component represents the adversary's methods of attack?
Response:

  • A. Infrastructure
  • B. Capability
  • C. Adversary
  • D. Victim

正解:B


質問 # 84
When analyzing intelligence, which cognitive bias involves favoring information that confirms preexisting beliefs or theories?
Response:

  • A. Hindsight bias
  • B. Availability bias
  • C. Confirmation bias
  • D. Anchoring bias

正解:C


質問 # 85
Which tool is commonly used to perform static analysis on malware?
Response:

  • A. Notepad++
  • B. Google Chrome
  • C. IDA Pro
  • D. Wireshark

正解:C


質問 # 86
In pivot analysis, what is the significance of identifying relationships between domains?
Response:

  • A. To reduce the cost of domain registration
  • B. To create user-friendly websites
  • C. To uncover connections that reveal larger threat campaigns
  • D. To improve website performance

正解:C


質問 # 87
Which of the following are common sources for gathering cyber threat intelligence?
Response:

  • A. Social media feeds
  • B. Threat intelligence feeds
  • C. Open-source intelligence (OSINT)
  • D. Internal network logs
  • E. Physical security audits

正解:B、C、D


質問 # 88
What is the role of log repositories in cyber threat intelligence?
Response:

  • A. To store and organize log data for analysis and threat detection
  • B. To increase data transmission speeds
  • C. To enhance user authentication methods
  • D. To manage encryption keys

正解:A


質問 # 89
When sharing tactical intelligence with executives, what is a key consideration?
Response:

  • A. Simplifying complex data for clear understanding
  • B. Sharing intelligence only via email
  • C. Avoiding data from external sources
  • D. Using technical jargon to convey accuracy

正解:A


質問 # 90
You are investigating a phishing attack and have identified a malicious domain used to deliver the phishing emails. To expand the investigation, you want to discover additional domains and IP addresses linked to the same threat actor. What steps should you take?
(Select three)
Response:

  • A. Ignore the domain and focus on the email content
  • B. Use VirusTotal to check the domain's reputation and related artifacts
  • C. Perform a reverse IP lookup to find other domains hosted on the same server
  • D. Use WHOIS to investigate the domain ownership
  • E. Correlate the domain with known Indicators of Compromise (IOCs)

正解:B、C、D


質問 # 91
Which tool is commonly used by forensic analysts to investigate digital evidence?
Response:

  • A. Password crackers
  • B. Network switches
  • C. Forensic imaging tools
  • D. Wi-Fi analyzers

正解:C


質問 # 92
In the context of threat intelligence, what is the purpose of utilizing a threat intelligence platform (TIP)?
Response:

  • A. To provide real-time updates on network performance
  • B. To aggregate, correlate, and analyze threat data from various sources
  • C. To store all collected data in a centralized location without analysis
  • D. To create a user-friendly interface for end-users

正解:B


質問 # 93
Why is understanding the motivation behind a cyber campaign important for attribution?
Response:

  • A. It provides context that can point to specific threat actors or groups
  • B. It improves the speed of internet connectivity
  • C. It reduces the cost of security measures
  • D. It helps in developing user-friendly software

正解:A


質問 # 94
You are tasked with sharing threat intelligence regarding a critical vulnerability affecting multiple organizations in your industry. What steps should you take to ensure the intelligence is communicated effectively to both technical and non-technical stakeholders?
(Select three)
Response:

  • A. Present the key findings in a simplified format for non-technical stakeholders
  • B. Encrypt the intelligence data before sharing it externally
  • C. Use a standardized format like STIX to share detailed technical information
  • D. Share only with internal security teams
  • E. Avoid providing recommendations to prevent overwhelming stakeholders

正解:A、B、C


質問 # 95
Which analytical technique involves the breakdown of a complex issue into smaller, more manageable parts?
Response:

  • A. Root cause analysis
  • B. Decomposition
  • C. Trend analysis
  • D. Regression analysis

正解:B


質問 # 96
In the Diamond Model, which vertex describes the tools and techniques used by the adversary?
Response:

  • A. Infrastructure
  • B. Capability
  • C. Adversary
  • D. Victim

正解:B


質問 # 97
......

GIAC GCTIリアル2025年最新のブレーン問題集で模擬試験問題集:https://www.goshiken.com/GIAC/GCTI-mondaishu.html

GCTI試験問題リアルGCTI練習問題集:https://drive.google.com/open?id=18IjoN9n4gN9J3cGmNe-wlykLTC6yBATv