GIAC Certified Incident Handler (GCIH) — Question 35

What action does the following command perform?

C:\DefenderCheck.exe .\giac1.exe

Answer options

• A. Scans the giac1.exe file to determine whether it is safe for users to execute
• B. Splits and scans the giac1.exe file to identify code areas that don’t trigger an alert
• C. Adds the giac1.exe file to the local block list for unauthorized applications
• D. Hashes the giac1.exe file and compares it against a list of known bad file hashes

Correct answer: A

Explanation

The correct answer is A because the command is designed to scan the specified file for safety before execution. Options B, C, and D describe actions that are not performed by this command, such as splitting the file, blocking it, or hashing it.