Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

John works as a Network Administrator for DigiNet Inc.

  1. Home
  2. GIAC
  3. Security Administration
  4. GCIA
  5. GCIA Questions
  6. GCIA – GIAC Certified Intrusion Analyst Practice Test Practice Questions

John works as a Network Administrator for DigiNet Inc. He wants to investigate failed logon attempts to a network. He uses Log Parser to detail out the failed logons over a specific time frame. He uses the following commands and query to list all failed logons on a specific date:

logparser.exe file:FailedLogons.sql -i:EVT -o:datagrid

SELECT

timegenerated AS LogonTime,

extract_token(strings, 0, '|') AS UserName

FROM Security

WHERE EventID IN (529;

530;

531;

532;

533;

534;

535;

537;

539)

AND to_string(timegenerated,'yyyy-MM-dd HH:mm:ss') like '2004-09%'

After investigation, John concludes that two logon attempts were made by using an expired account. Which of the following EventID refers to this failed logon?

A.

532

B.

531

C.

534

D.

529

GIAC GCIA View All Questions

GIAC GCIA Summary

  • Vendor: GIAC
  • Product: GCIA
  • Update on: Jul 25, 2025
  • Questions: 508
Price: $52.5  $149.99
Buy Now GCIA PDF + Testing Engine Pack
Next
Andrew works as a System Administrator for NetPerfect Inc.
You work as a Network Administrator of a TCP/IP network.
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 02 Aug 2025