Top Tips Of Latest GSNA Practice Question

NEW QUESTION 1

You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall. While configuring ISA Server 2006, which of the following is NOT necessary?

• A. Setting up of monitoring on ISA Server
• B. Defining how ISA Server would cache Web contents
• C. Defining ISA Server network configuration
• D. Configuration of VPN access

Answer: D

Explanation:

Configuration of VPN access is not mandatory. It is configured on the basis of requirement. Answer A, B, C are incorrect. All these steps are mandatory for the configuration of the ISA Server 2006 firewall.

NEW QUESTION 2

You work as a Web Developer for XYZ CORP. The company has a Windows-based
network. You have been assigned the task to secure the website of the company. To accomplish the task, you want to use a website monitoring service. What are the tasks performed by a website monitoring service?

• A. It checks the health of various links in a network using end-to-end probes sent by agents located at vantage points in the network.
• B. It checks SSL Certificate Expiry.
• C. It checks HTTP pages.
• D. It checks Domain Name Expiry.

Answer: BCD

Explanation:

Website monitoring service can check HTTP pages, HTTPS, FTP, SMTP, POP3, IMAP, DNS, SSH, Telnet, SSL, TCP, PING, Domain Name Expiry, SSL Certificate Expiry, and a range of other ports with great variety of check intervals from every four hours to every one minute. Typically, most website monitoring services test a server anywhere between once-per hour to once-per-minute. Advanced services offer in-browser web transaction monitoring based on browser add-ons such as Selenium or iMacros. These services test a website by remotely controlling a large number of web browsers. Hence, it can also detect website issues such a JavaScript bugs that are browser specific. Answer A is incorrect. This task is performed under network monitoring. Network tomography deals with monitoring the health of various links in a network using end-to-end probes sent by agents located at vantage points in the network/Internet.

NEW QUESTION 3

In a network, a data packet is received by a router for transmitting it to another network. For forwarding the packet to the other available networks, the router is configured with a static or a dynamic route. What are the benefits of using a static route?

• A. It is a fault tolerant path.
• B. It reduces load on routers, as no complex routing calculations are required.
• C. It reduces bandwidth usage, as there is no excessive router traffic.
• D. It provides precise control over the routes that packets will take across the network.

Answer: BCD

Explanation:

Static routing is a data communication concept that describes a way to configure path selection of routers in computer networks. This is achieved by manually adding routes to the routing table. However, when there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted. Static routing is beneficial in many ways: Precise control over the routes that a packet will take across the network Reduced load on the routers, as no complex routing calculations are required Reduced bandwidth use, as there is no excessive router traffic. Easy to configure in small networks Answer A is incorrect. This is a property of a dynamic route. A static route cannot choose the best path. It can only choose the paths that are manually entered.
When there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted.

NEW QUESTION 4

You are the project manager of a Web development project. You want to get information about your competitors by hacking into their computers. You and the project team determine should the hacking attack not be performed anonymously, you will be traced. Hence, you hire a professional hacker to work on the project. This is an example of what type of risk response?

• A. Transference
• B. Mitigation
• C. Acceptance
• D. Avoidance

Answer: A

Explanation:

Whenever the risk is transferred to someone else, it is an example of transference risk response. Transference usually has a fee attached to the service provider that will own the risk event.

NEW QUESTION 5

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to identify the secure terminals from where the root can be allowed to log in. Which of the following Unix configuration files can you use to accomplish the task?

• A. /etc/services
• B. /etc/ioports
• C. /proc/interrupts
• D. /etc/securetty

Answer: D

Explanation:

In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be allowed to log in. Answer B is incorrect. In Unix, the /etc/ioports file shows which I/O ports are in use at the moment. Answer A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services that the system supports. Answer C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in use and how many of each there has been.

NEW QUESTION 6

The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAP-TLS?

• A. It uses password hash for client authentication.
• B. It uses a public key certificate for server authentication.
• C. It is supported by all manufacturers of wireless LAN hardware and software.
• D. It provides a moderate level of security.

Answer: BC

Explanation:

EAP-TLS can use only a public key certificate as the authentication technique. It is supported by all manufacturers of wireless LAN hardware and software. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP- TLS its authentication strength and illustrates the classic convenience vs. security trade-off. Answer D is incorrect. EAP-TLS provides the highest level of security. Answer A is incorrect. EAP-TLS uses a public key certificate for server authentication.

NEW QUESTION 7

Which of the following are the methods of the HttpSession interface? (Choose three)

• A. setAttribute(String name, Object value)
• B. getAttribute(String name)
• C. getAttributeNames()
• D. getSession(true)

Answer: ABC

Explanation:

The HttpSession interface methods are setAttribute(String name, Object value), getAttribute(String name), and getAttributeNames(). The getAttribute(String name) method of the HttpSession interface returns the value of the named attribute as an object. It returns a null value if no attribute with the given name exists.
The setAttribute(String name, Object value) method stores an attribute in the current session. The setAttribute(String name, Object value) method binds an object value to a session using the String name. If an object with the same name is already bound, it will be replaced. The getAttributeNames() method returns an Enumeration containing the names of the attributes available to the current request. It returns an empty Enumeration if the request has no attributes available to it. Answer D is incorrect. The getSession(true) method is a method of the HttpServletRequest interface. The getSession(true) method gets the current session associated with the client request. If the requested session does not exist, the getSession(true) method creates a new session object explicitly for the request and returns it to the client.

NEW QUESTION 8

John works as a Network Auditor for XYZ CORP. The company has a Windows-based network. John wants to conduct risk analysis for the company. Which of the following can be the purpose of this analysis? (Choose three)

• A. To ensure absolute safety during the audit
• B. To analyze exposure to risk in order to support better decision-making and proper management of those risks
• C. To try to quantify the possible impact or loss of a threat
• D. To assist the auditor in identifying the risks and threats

Answer: BCD

Explanation:

There are many purposes of conducting risk analysis, which are as follows: To try to quantify the possible impact or loss of a threat To analyze exposure to risk in order to support better decision-making and proper management of those risks To support risk-based audit decisions To assist the auditor in determining the audit objectives To assist the auditor in identifying the risks and threats Answer A is incorrect. The analysis of risk does not ensure absolute safety. The main purpose of using a risk-based audit strategy is to ensure that the audit adds value with meaningful information.

NEW QUESTION 9

Which of the following statements about data integrity of a container are true? (Choose two)

• A. It ensures that a hacker cannot alter the contents of an HTTP message while it is in transit from a container to a client.
• B. Data integrity ensures that information is made available to users who are authorized to access it.
• C. Data integrity ensures that information has not been modified by a third party while it is in transit.
• D. It ensures that an eavesdropper cannot read an HTTP message being sent from a client to a container.

Answer: AC

Explanation:

Data integrity ensures that information has not been modified, altered, or destroyed by a third party while it is in transit. Data integrity ensures that the data received is same as the data that was sent. Moreover, no one can tamper with the data during transmission from source to destination.
It also ensures that a hacker cannot alter the contents of an HTTP message while it is in transit from the container to the client. This will be accomplished through the use of HTTPS. The HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer. The HTTPS encrypts and decrypts the page requests and page information between the client browser and the Web server using a Secure Socket Layer. Answer D is incorrect. This answer option describes confidentiality. Answer B is incorrect. This answer option also describes confidentiality.

NEW QUESTION 10

You work as a Network Administrator for ABC Inc. The company needs a secured wireless network. To provide network security to the company, you are required to configure a device that provides the best network perimeter security. Which of the following devices would you use to accomplish the task?

• A. Proxy server
• B. IDS
• C. Packet filtering firewall
• D. honeypot

Answer: C

Explanation:

Packet filtering firewalls work on the first three layers of the OSI reference model, which means all the work is done between the network and physical layers. When a packet originates from the sender and filters through a firewall, the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. In a software firewall, packet filtering is done by a program called a packet filter. The packet filter examines the header of each packet based on a specific set of rules, and on that basis, decides to prevent it from passing (called DROP) or allow it to pass (called ACCEPT). A packet filter passes or blocks packets at a network interface based on source and destination addresses, ports, or protocols. The process is used in conjunction with packet mangling and Network Address Translation (NAT). Packet filtering is often part of a firewall program for protecting a local network from unwanted intrusion. This type of firewall can be best used for network perimeter security. Answer B is incorrect. An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic. An intrusion detection system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms). Answer A is incorrect. A proxy server exists between a client's Web- browsing program and a real Internet server. The purpose of the proxy server is to enhance the performance of user requests and filter requests. A proxy server has a database called cache where the most frequently accessed Web pages are stored. The next time such pages are requested, the proxy server is able to suffice the request locally, thereby greatly reducing the access time. Only when a proxy server is unable to fulfill a request locally does it forward the request to a real Internet server. The proxy server can also be used for filtering user requests. This may be done in order to prevent the users from visiting non- genuine sites. Answer D is incorrect. A honeypot is a term in computer terminology used for a trap that is set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, and monitored, and which seems to contain information or a resource of value to attackers.

NEW QUESTION 11

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer? (Choose two)

• A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
• B. Attacker can use the Ping Flood DoS attack if WZC is used.
• C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
• D. It will not allow the configuration of encryption and MAC filterin
• E. Sending information is not secure on wireless network.

Answer: AC

Explanation:

Wireless Zero Configuration (WZC), also known as Wireless Auto Configuration, or WLAN AutoConfig is a wireless connection management utility included with Microsoft Windows XP and later operating systems as a service that dynamically selects a wireless network to connect to based on a user's preferences and various default settings. This can be used instead of, or in the absence of, a wireless network utility from the manufacturer of a computer's wireless networking device. The drivers for the wireless adapter query the NDIS Object IDs and pass the available network names to the service. WZC also introduce some security threats, which are as follows: WZC will probe for networks that are already connected. This information can be viewed by anyone using a wireless analyzer and can be used to set up fake access points to connect. WZC attempts to connect to the wireless network with the strongest signal. Attacker can create fake wireless networks with high- power antennas and cause computers to associate with his access point. Answer D is incorrect. WZC does not interfere in the configuration of encryption and MAC filtering. Answer B is incorrect. In a ping flood attack, an attacker sends a large number of ICMP packets to the target computer using the ping command, i.e., ping -f target_IP_address. When the target computer receives these packets in large quantities, it does not respond and hangs.

NEW QUESTION 12

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

• A. WPA-EAP
• B. WEP
• C. WPA-PSK
• D. WPA2

Answer: D

Explanation:

WPA2 is an updated version of WPA. This standard is also known as IEEE 802.11i. WPA2 offers enhanced protection to wireless networks than WPA and WEP standards. It is also available as WPA2-PSK and WPA2-EAP for home and enterprise environment respectively. Answer B is incorrect. than WEP (Wired Equivalent Protection).
Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows: WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit key. WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote Authentication Dial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network.

NEW QUESTION 13

Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are- secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus. A summary of the report is given below: This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs. The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME. Which of the following viruses has the symptoms as the one described above?

• A. I Love You
• B. Nimda
• C. Chernobyl
• D. Melissa

Answer: C

Explanation:

The Chernobyl (CIH) virus is a good example of a dual payload virus. Since the first payload of the virus changes the first megabyte of a computer's hard drive to zero, the contents of the partition tables are deleted, resulting in the computer hanging. The second payload of CIH replaces the code of the flash BIOS with garbage values so that the flash BIOS is unable to give a warning, the end result being that the user is incapable of changing the BIOS settings. CIH spreads under the Portable Executable file format under Windows 95, Windows 98, and Windows ME.
Answer A is incorrect. The I LOVE YOU virus is a VBScript virus in which a victim gets an email attachment titled as "I Love You" with an attachment file named as "Love-Letter-For- You.txt.vbs". When the victim clicks on this attachment, the virus script infects the victim's computer. The virus first scans system's memory for passwords, which are sent back to the virus' creator. In the next step, the virus replicates itself and sends its copy to each address in the victim's Outlook address book. Finally, the virus corrupts files with extensions .vbs, .vbe, .js, .css, .wsh, .sct, .hta, .jpg, .jpeg, .mp2, and .mp3 by overwriting them with a copy of itself. Answer D is incorrect. The Melissa virus infects Word 97 documents and the NORMAL.DOT file of Word 97 and Word 2000. This macro virus resides in word documents containing one macro named as "Melissa". The Melissa virus has the ability to spread itself very fast by using an e-mail. When the document infected by the Melissa virus is opened for the first time, the virus checks whether or not the user has installed Outlook on the computer. If it finds the Outlook, it sends e-mail to 50 addresses from the address book of the Outlook. This virus can spread only by using the Outlook. This virus is also known as W97M/Melissa, Kwyjibo, and Word97.Meliss Answer B is incorrect. Nimda is a mass mailing virus that spreads itself in attachments named README.EXE. It affects Windows 95, 98, ME, NT4, and Windows 2000 users. Nimda uses the Unicode exploit to infect IIS Web servers.

NEW QUESTION 14

Which of the following statements is true about residual risks?

• A. It is the probabilistic risk after implementing all security measures.
• B. It can be considered as an indicator of threats coupled with vulnerability.
• C. It is a weakness or lack of safeguard that can be exploited by a threat.
• D. It is the probabilistic risk before implementing all security measures.

Answer: A

Explanation:

The residual risk is the risk or danger of an action or an event, a method or a (technical) process that still conceives these dangers even if all theoretically possible safety measures would be applied. The formula to calculate residual risk is (inherent risk) x (control risk) where inherent risk is (threats vulnerability). Answer B is incorrect. In information security, security risks are considered as an indicator of threats coupled with vulnerability. In other words, security risk is a probabilistic function of a given threat agent exercising a particular vulnerability and the impact of that risk on the organization. Security risks can be mitigated by reviewing and taking responsible actions based on possible risks. Answer C is incorrect. Vulnerability is a weakness or lack of safeguard that can be exploited by a threat, thus causing harm to the information systems or networks. It can exist in hardware , operating systems, firmware, applications, and configuration files. Vulnerability has been variously defined in the current context as follows: 1.A security weakness in a Target of Evaluation due to failures in analysis, design, implementation, or operation and such. 2.Weakness in an information system or components (e.g. system security procedures, hardware design, or internal controls that could be exploited to produce an information-related misfortune.) 3.The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system, network, application, or protocol involved.

NEW QUESTION 15

Which of the following statements is true about a relational database?

• A. It is difficult to extend a relational database.
• B. The standard user and application program interface to a relational database is Programming Language (PL).
• C. It is a collection of data items organized as a set of formally-described tables.
• D. It is a set of tables containing data fitted into runtime defined categories.

Answer: C

Explanation:

A relational database is a collection of data items organized as a set of formally-described tables from which data can be accessed or reassembled in many different ways without having to reorganize the database tables. Answer B is incorrect. The standard user and application program interface to a relational database is the structured query language (SQL). Answer A is incorrect. In addition to being relatively easy to create and access, a relational database has the important advantage of being easy to extend. Answer D is incorrect. A relational database is a set of tables containing data fitted into predefined categories. Each table (which is sometimes called a relation) contains one or more data categories in columns. Each row contains a unique instance of data for the categories defined by the columns.

NEW QUESTION 16

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?

• A. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.
• B. Look at the Web servers logs and normal traffic logging.
• C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.
• D. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

Answer: ABD

Explanation:

You can use the following methods to investigate Cross-Site Scripting attack:
* 1. Look at the Web servers logs and normal traffic logging.
* 2. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.
* 3. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site. Answer C is incorrect. This method is not used to investigate Cross-Site Scripting attack.

NEW QUESTION 17
......