The purpose of this Sample Question Set is to provide you with information about the GIAC Enterprise Incident Response (GEIR) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the GEIR certification test. To get familiar with real exam environment, we suggest you try our Sample GIAC GEIR Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual GIAC Enterprise Incident Response (GEIR) certification exam.
These sample questions are simple and basic questions that represent likeness to the real GIAC Enterprise Incident Response exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium GIAC GEIR Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
GIAC GEIR Sample Questions:
01. Select the macOS features that assist in recovery and backup.
(Multiple Correct Answers)
a) Time Machine
b) Disk Utility
c) Finder
d) Boot Camp
e) Spotlight
02. Which tool is primarily used for detailed investigation of the filesystem in Linux DFIR tasks?
a) Grep
b) Sed
c) Awk
d) Debugfs
03. For analyzing log data effectively, which command is best suited for sorting and extracting specific information?
a) cat
b) grep
c) touch
d) chmod
04. In the context of rapid response triage at scale, which macOS features assist in remote incident handling?
(Choose Three)
a) Remote Desktop
b) Time Machine
c) Terminal
d) System Preferences
e) Screen Sharing
05. What are effective practices for maintaining enterprise visibility to support incident scoping?
a) Regular data purging to free up storage space
b) Continuous monitoring of network traffic
c) Integrating SIEM solutions for real-time analysis
d) Periodic manual audits of security settings
06. What is the FIRST step an incident responder should take after identifying an anomaly that could indicate a modern attack?
a) Notify all company employees about the anomaly
b) Isolate the affected system from the network
c) Collect and preserve digital evidence
d) Perform a full system backup
07. In a cloud-based incident response, which tool is commonly used to analyze network traffic to and from a cloud environment?
a) Wireshark
b) Splunk
c) Microsoft Excel
d) Adobe Acrobat
08. Which of the following are essential tools for malware analysis on macOS?
(Choose Two)
a) Terminal
b) Keychain Access
c) Activity Monitor
d) Finder
09. The default location for system log files in a Linux system is ______.
a) /var/log
b) /etc/log
c) /usr/log
d) /home/log
10. What capabilities should a tool have to effectively collect and process incident response data at scale across macOS endpoints?
(Choose Three)
a) Remote script execution
b) Automatic user logout
c) Network traffic monitoring
d) Live memory analysis
e) System log aggregation
Answers:
Question: 01
Answer: a, b |
Question: 02
Answer: d |
Question: 03
Answer: b |
Question: 04
Answer: a, c, e |
Question: 05
Answer: b, c |
Question: 06
Answer: c |
Question: 07
Answer: a |
Question: 08
Answer: a, c |
Question: 09
Answer: a |
Question: 10
Answer: a, d, e |
Note: For any error in GIAC Enterprise Incident Response (GEIR) certification exam sample questions, please update us by writing an email on feedback@edusum.com.