Practical GIAC GISF Question Online

NEW QUESTION 1

Which of the following statements about a brute force attack is true?

• A. It is a program that allows access to a computer without using security checks.
• B. It is an attack in which someone accesses your e-mail server and sends misleading information to others.
• C. It is a virus that attacks the hard drive of a computer.
• D. It is a type of spoofing attack.
• E. It is an attempt by an attacker to guess passwords until he succeeds.

Answer: E

NEW QUESTION 2

Which Wireless network standard operates at 2.4 GHz and transfers data at a rate of 54 Mbps?

• A. 802.11a
• B. 802.11n
• C. 802.11b
• D. 802.11g

Answer: D

NEW QUESTION 3

You work as a Software Developer for Mansoft Inc. You create an application. You want to use the application to encrypt data. You use the HashAlgorithmType enumeration to specify the algorithm used for generating Message Authentication Code (MAC) in Secure Sockets Layer (SSL) communications.
Which of the following are valid values for HashAlgorithmType enumeration? Each correct answer represents a part of the solution. Choose all that apply.

• A. MD5
• B. None
• C. DES
• D. RSA
• E. SHA1
• F. 3DES

Answer: ABE

NEW QUESTION 4

Which of the following can be used to protect a computer system from malware, viruses, spyware, and various types of keyloggers? Each correct answer represents a complete solution. Choose all that apply.

• A. KFSensor
• B. Sheep dip
• C. Enum
• D. SocketShield

Answer: BD

NEW QUESTION 5

Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three.

• A. 18 U.S.
• B. 1029
• C. 18 U.S.
• D. 1028
• E. 18 U.S.
• F. 1030
• G. 18 U.S.
• H. 2510

Answer: ACD

NEW QUESTION 6

What is a variant with regard to Configuration Management?

• A. A CI that has the same name as another CI but shares no relationship.
• B. A CI that has the same essential functionality as another CI but a bit different in some small manner.
• C. A CI that particularly refers to a hardware specification.
• D. A CI that particularly refers to a software version.

Answer: B

NEW QUESTION 7

You work as a Network Administrator for Tech Perfect Inc. The company has recruited a large number of fresh employees. You have been asked to give them a presentation on data protection and confidentiality to ensure a secure wireless communication between the employees. What types of information require confidentiality? Each correct answer represents a complete solution. Choose all that apply.

• A. Information that is public
• B. Information that reveals technical data
• C. Information that may reveal systems relationships
• D. Information that may reveal organizational relationships

Answer: BCD

NEW QUESTION 8

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

• A. Snort
• B. Wireshark
• C. NetWitness
• D. Netresident

Answer: B

NEW QUESTION 9

Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

• A. Preparation phase
• B. Eradication phase
• C. Differential phase
• D. Identification phase

Answer: D

NEW QUESTION 10

John works as a security manager in Mariotx.Inc. He has been tasked to resolve a network attack issue. To solve the problem, he first examines the critical information about the attacker's interaction to the network environment. He prepares a past record and behavioral document of the attack to find a direction of the solution. Then he decides to perform an action based on the previous hypothesis and takes the appropriate action against the attack. Which of the following strategies has John followed?

• A. Maneuver warfare
• B. Control theory
• C. SWOT Analysis
• D. OODA loop

Answer: D

NEW QUESTION 11

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

• A. NetBus
• B. EliteWrap
• C. Trojan Man
• D. Tiny

Answer: C

NEW QUESTION 12

You work as a security manager for Qualxiss Inc. Your Company involves OODA loop for resolving and deciding over company issues. You have detected a security breach issue in your company.
Which of the following procedures regarding the breach is involved in the observe phase of the OODA loop?

• A. Follow the company security guidelines.
• B. Decide an activity based on a hypothesis.
• C. Implement an action practically as policies.
• D. Consider previous experiences of security breaches.

Answer: A

NEW QUESTION 13

You are a Product manager of Marioxiss Inc. Your company management is having a conflict with another company Texasoftg Inc. over an issue of security policies. Your legal advisor has prepared a document that includes the negotiation of views for both the companies. This solution is supposed to be the key for conflict resolution. Which of the following are the forms of conflict resolution that have been employed by the legal advisor?
Each correct answer represents a complete solution. Choose all that apply.

• A. Orientation
• B. Mediation
• C. Negotiation
• D. Arbitration

Answer: BCD

NEW QUESTION 14

Which of the following policies define how Identification and Authorization occur and determine access control, audits, and network connectivity?

• A. Information policies
• B. Usage policies
• C. Security policies
• D. Administrative policies
• E. Disaster Recovery Plans
• F. Design Requirements

Answer: C

NEW QUESTION 15

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

• A. IPChains
• B. OpenSSH
• C. Stunnel
• D. IPTables

Answer: D

NEW QUESTION 16

You have purchased a wireless router for your home network. What will you do first to enhance the security?

• A. Change the default password and administrator's username on the router
• B. Disable the network interface card on the computer
• C. Configure DMZ on the router
• D. Assign a static IP address to the computers

Answer: A

NEW QUESTION 17

Which of the following protocols are used by Network Attached Storage (NAS)?
Each correct answer represents a complete solution. Choose all that apply.

• A. Apple Filing Protocol (AFP)
• B. Server Message Block (SMB)
• C. Network File System (NFS)
• D. Distributed file system (Dfs)

Answer: ABC

NEW QUESTION 18

John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He analyzes that the company has blocked all ports except port 80.
Which of the following attacking methods can he use to send the dangerous software protocols?

• A. HTTP tunneling
• B. URL obfuscation
• C. Banner grabbing
• D. MAC spoofing

Answer: A

NEW QUESTION 19

Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

• A. Encrypted Data Transmissions
• B. Digital certificates
• C. Two-factor authentication
• D. PAP authentication
• E. Encrypting File System (EFS)

Answer: BE

NEW QUESTION 20
......