GIAC GCIA Free Practice Questions

NEW QUESTION 1
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate and examine drive image of a compromised system, which is suspected to be used in cyber crime. Adam uses Forensic Sorter to sort the contents of hard drive in different categories. Which of the following type of image formats is NOT supported by Forensic Sorter?

• A. EnCase image file
• B. PFR image file
• C. RAW image file
• D. iso image file

Answer: D

NEW QUESTION 2
Which of the following statements are true about snort?
Each correct answer represents a complete solution. Choose all that apply.

• A. It develops a new signature to find vulnerabilitie
• B. It detects and alerts a computer user when it finds threats such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors and system vulnerabilities, and DDoS client
• C. It encrypts the log file using the 256 bit AES encryption scheme algorith
• D. It is used as a passive trap to record the presence of traffic that should not be found on a network, such as NFS or Napster connection

Answer: ABD

NEW QUESTION 3
Which of the following tools is a wireless sniffer and analyzer that works on the Windows operating system?

• A. Aeropeek
• B. Void11
• C. Airsnort
• D. Kismet

Answer: A

NEW QUESTION 4
Which of the following statements is NOT true about FAT16 file system?
Each correct answer represents a complete solution. Choose all that apply.

• A. FAT16 file system supports Linux operating syste
• B. FAT16 file system supports file-level compressio
• C. FAT16 file system works well with large disks because the cluster size increases as the disk partition size increase
• D. FAT16 does not support file-level securit

Answer: BC

NEW QUESTION 5
You work as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains Windows Server 2008 based two-node Network Load Balancing (NLB) cluster named Info.nettech.com. The cluster is implemented for high availability and load balancing for the company's intranet Web site. You find that the users can see the Network Load Balancing (NLB) cluster on the network neighborhood. The users are able to connect to various services by using the Info.nettech.com. The cluster is configured with the one port rule that equally balances all TCP/IP traffic across the cluster nodes. You want to configure the cluster to accept only HTTP traffic. What will you do to accomplish the task?
Each correct answer represents a part of the solution. Choose two.

• A. Create a new port rule to allow TCP port 110.
• B. Reconfigure the Network Load Balancing (NLB) cluste
• C. Delete the default port rules by using Network Load Balancing cluster consol
• D. Create a new port rule to allow TCP port 80.

Answer: CD

NEW QUESTION 6
Which of the following are default ports for the FTP service?
Each correct answer represents a complete solution. Choose two.

• A. 80
• B. 21
• C. 20
• D. 443

Answer: BC

NEW QUESTION 7
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. The network is configured on IP version 6 protocol. All the computers on the network are connected to a switch device. One day, users complain that they are unable to connect to a file server. You try to ping the client computers from the server, but the pinging fails. You try to ping the server's own loopback address, but it fails to ping. You restart the server, but the problem persists.
What is the most likely cause?

• A. The switch device is not workin
• B. The cable that connects the server to the switch is broke
• C. Automatic IP addressing is not workin
• D. The server's NIC is not workin
• E. The server is configured with unspecified IP addres

Answer: D

NEW QUESTION 8
For a host to have successful Internet communication, which of the following network protocols are required? You should assume that the users will not manually configure the computer in anyway and that the measure of success will be whether the user can access Web sites after powering the computer and logging on.
Each correct answer represents a complete solution. Choose all that apply.

• A. DNS
• B. HTTP/HTTPS
• C. DHCP
• D. NTP

Answer: ABC

NEW QUESTION 9
John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He scans the We-are-secure server and gets the following result:
sysDescr.0 = STRING. "SunOS we-are-secure.com 4.1.3_U1 1 sun4m"
sysObjectID.0 = OID. enterprises.hp.nm.hpsystem.10.1.1
sysUpTime.0 = Timeticks: (156474552) 18 days, 12:00:09
sysContact.0 = STRING. ""
sysName.0 = STRING. "we-are-secure.com"
sysLocation.0 = STRING. ""
sysServices.0 = INTEGER: 6
Which of the following tools is John using to perform the scan?

• A. snmpwalk
• B. Kismet
• C. AirMagnet
• D. AiroPeek

Answer: A

NEW QUESTION 10
Which of the following are the two different file formats in which Microsoft Outlook saves e-mail messages based on system configuration?
Each correct answer represents a complete solution. Choose two.

• A. .txt
• B. .pst
• C. .xst
• D. .ost

Answer: BD

NEW QUESTION 11
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
A branch office is connected to the headquarters through a T1 line. Users at the branch office report poor voice quality on the IP phone while communicating with the headquarters. You find that an application, named WorkReport, at the branch office is suffocating bandwidth by sending large packets for file synchronization. You need to improve the voice quality on the IP phone. Which of the following steps will you choose to accomplish this?

• A. Configure traffic shaping to increase the time interval for the WorkReport packet
• B. Configure traffic shaping to increase the time interval for the IP phone packet
• C. Configure traffic shaping to reduce bandwidth for the IP phon
• D. Configure traffic shaping to reduce bandwidth for WorkRepor

Answer: D

NEW QUESTION 12
Which of the following IP addresses is the loopback address in IPv6?

• A. 1:0:0:0:0:0:0:0
• B. 0:0:0:0:0:0:0:0
• C. 0:0:0:0:0:0:0:1
• D. 0:0:0:1:1:0:0:0

Answer: C

NEW QUESTION 13
Which of the following statements are true about routers?
Each correct answer represents a complete solution. Choose all that apply.

• A. Routers do not limit physical broadcast traffi
• B. Routers organize addresses into classes, which are used to determine how to move packets from one network to anothe
• C. Routers act as protocol translators and bind dissimilar network
• D. Routers are responsible for making decisions about which of several paths network (or Internet) traffic will follo

Answer: BCD

NEW QUESTION 14
What is the order of the extension headers that is followed by IPv6?

• A. Destination Options (first), Routing, IPv6 header, Hop-by-Hop, Fragment, Authentication, Encrypted Security Payload, Destination Options (second), followed by an Upper-layer header, indicating payloa
• B. Routing, Hop-by-Hop, Destination Options (first), Fragment, Authentication, Encrypted Security Payload, Destination Options (second), followed by an Upper-layer header, indicating payloa
• C. Fragment, Routing, Hop-by-Hop, Destination Options (first), Authentication, Encrypted Security Payload, Destination Options (second), followed by an Upper-layer header, indicating payloa
• D. IPv6 header, Hop-by-Hop, Destination Options (first), Routing, Fragment, Authentication, Encrypted Security Payload, Destination Options (second), followed by an Upper-layer header, indicating payloa

Answer: D

NEW QUESTION 15
Adam works as a professional Computer Hacking Forensic Investigator. He has been assigned with a project to investigate a computer in the network of SecureEnet Inc. The compromised system runs on Windows operating system. Adam decides to use Helix Live for Windows to gather data and electronic evidences starting with retrieving volatile data and transferring it to server component via TCP/IP. Which of the following application software in Helix Windows Live will he use to retrieve volatile data and transfer it to the server component via TCP/IP?

• A. FAU
• B. FTK imager
• C. Drive Manager
• D. FSP

Answer: D

NEW QUESTION 16
Sasha wants to add an entry to your DNS database for your mail server. Which of the following types of resource records will she use to accomplish this?

• A. ANAME
• B. SOA
• C. MX
• D. CNAME

Answer: C

NEW QUESTION 17
John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?

• A. Rainbow attack
• B. DoS attack
• C. ARP spoofing
• D. Replay attack

Answer: B

NEW QUESTION 18
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?

• A. Brute Force attack
• B. Hybrid attack
• C. Dictionary attack
• D. Rainbow attack

Answer: D

NEW QUESTION 19
You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

• A. IPCONFIG
• B. PING
• C. TRACERT
• D. NSLOOKUP

Answer: D

NEW QUESTION 20
......