GIAC GCIA Free Practice Questions

NEW QUESTION 1
Which of the following is computed from an arbitrary block of digital data for the purpose of detecting accidental errors?

• A. Hash filter
• B. Checksum
• C. Hash buster
• D. Firewall

Answer: B

NEW QUESTION 2
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. What is the cause of the issue?

• A. Core Networking Firewall rules do not allow IPv4 or IPv6.
• B. Windows Firewall rules do not allow Core Networking Tool
• C. Windows Firewall blocks the command line tool
• D. Core Networking Firewall rules do not allow ICMPv4 or ICMPv6 Echo Request

Answer: D

NEW QUESTION 3
Which of the following tools is described below?
It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

• A. Dsniff
• B. Libnids
• C. Cain
• D. LIDS

Answer: A

NEW QUESTION 4
You work as a Network Administrator for McRobert Inc. Your company has a TCP/IP-based network. You have configured a WAN link for the network. You are facing connectivity problem across the WAN link. What will be your first step in troubleshooting the issue?

• A. Reinstall TCP/IP protoco
• B. Check that the correct default gateway is se
• C. Enable DN
• D. Ensure that NetBEUI protocol is loade
• E. Use the NETSTAT utility to view TCP/IP statistic

Answer: B

NEW QUESTION 5
You work as a network administrator for BlueWell Inc. You have to convert your 48-bit host address (MAC address) to an IPv6 54-bit address. Using the IEEE-EUI-64 conversion process, how do you convert the 48-bit host address (MAC address) to an IPv6 54-bit address?

• A. Add E
• B. FE between the third and fourth byte
• C. Add F
• D. EE between the third and fourth byte
• E. Add F
• F. EE between the third and fourth byte
• G. Add F
• H. FE between the third and fourth bytes

Answer: D

NEW QUESTION 6
Which of the following tools is used to recover data and partitions, and can run on Windows, Linux, SunOS, and Macintosh OS X operating systems?

• A. GetDataBack
• B. Acronis Recovery Expert
• C. Active@ Disk Image
• D. TestDisk

Answer: D

NEW QUESTION 7
Which of the following is a checksum algorithm?

• A. Hash buster
• B. Snort
• C. Adler-32
• D. Dsniff

Answer: C

NEW QUESTION 8
Which of the following is the unspecified address in IPv6?

• A. 1:1:1:1:1:1:1:1
• B. 0:0:0:0:0:0:0:0
• C. 0:0:0:0:0:0:0:1
• D. 1:0:0:0:0:0:0:0

Answer: B

NEW QUESTION 9
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except ports that must be used.
He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

• A. Block ICMP type 13 messages
• B. Block all outgoing traffic on port 21
• C. Block all outgoing traffic on port 53
• D. Block ICMP type 3 messages

Answer: A

NEW QUESTION 10
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?

• A. DriveSpy
• B. Ontrack
• C. Device Seizure
• D. Forensic Sorter

Answer: A

NEW QUESTION 11
Which of the following partitions contains the system files that are used to start the operating system?

• A. Boot partition
• B. System partition
• C. Secondary partition
• D. Primary partition

Answer: A

NEW QUESTION 12
Which of the following are well-known ports?
Each correct answer represents a complete solution. Choose two.

• A. 443
• B. 21
• C. 1024
• D. 8080

Answer: AB

NEW QUESTION 13
Which of the following tools implements a portable framework in tcpdump for capturing low-level network traffics in UNIX like networks?

• A. SysPcap
• B. libpcap
• C. BinPcap
• D. WinPcap

Answer: B

NEW QUESTION 14
SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?
Each correct answer represents a complete solution. Choose all that apply.

• A. Blowfish
• B. IDEA
• C. DES
• D. RC4

Answer: ABC

NEW QUESTION 15
Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)?

• A. Request for service, initial analysis, data collection, data reporting, data analysis
• B. Initial analysis, request for service, data collection, data analysis, data reporting
• C. Initial analysis, request for service, data collection, data reporting, data analysis
• D. Request for service, initial analysis, data collection, data analysis, data reporting

Answer: D

NEW QUESTION 16
Which of the following file systems is designed by Sun Microsystems?

• A. NTFS
• B. CIFS
• C. ZFS
• D. ext2

Answer: C

NEW QUESTION 17
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist.
Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?

• A. ImageMASSter Solo-3
• B. ImageMASSter 4002i
• C. FireWire DriveDock
• D. Wipe MASSter

Answer: A

NEW QUESTION 18
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a multimedia enabled mobile phone, which is suspected to be used in a cyber crime. Adam uses a tool, with the help of which he can recover deleted text messages, photos, and call logs of the mobile phone. Which of the following tools is Adam using?

• A. FAU
• B. FTK Imager
• C. Galleta
• D. Device Seizure

Answer: D

NEW QUESTION 19
Adam works as a Security Administrator for Umbrella. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

• A. The attack was Cross Site Scripting and the firewall blocked i
• B. Security was not compromised as the webpage was hosted internall
• C. The attack was social engineering and the firewall did not detect i
• D. Security was compromised as keylogger is invisible for firewal

Answer: C

NEW QUESTION 20
......