GIAC GISF Free Practice Questions

NEW QUESTION 1

Which of the following can be used to protect a computer system from malware, viruses, spyware, and various types of keyloggers? Each correct answer represents a complete solution. Choose all that apply.

• A. KFSensor
• B. Sheep dip
• C. Enum
• D. SocketShield

Answer: BD

NEW QUESTION 2

John works as a professional Ethical Hacker. He has been assigned a project to test the
security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?

• A. PsList
• B. Fpipe
• C. Cain
• D. PsExec

Answer: B

NEW QUESTION 3

You work as an Exchange Administrator for TechWorld Inc. The company has a Windows 2008 Active Directory-based network. The network contains an Exchange Server 2010 organization. The messaging organization contains one Hub Transport server, one Client Access server, and two Mailbox servers.
You are planning to deploy an Edge Transport server in your messaging organization to minimize the attack surface. At which of the following locations will you deploy the Edge Transport server?

• A. Active Directory site
• B. Intranet
• C. Behind the inner firewall of an organization
• D. Perimeter network

Answer: D

NEW QUESTION 4

You work as a Security manager for Orangesect Inc. The enterprise is using the OODA loop strategy to counter the security issues in the enterprise. Some of the IP addresses of the enterprise have been hacked. You match up the present hacking issue and condition with the past hacking experiences to find a solution. Which of the following phases of the OODA loop involves the procedure followed by you?

• A. The decide phase
• B. The orient phase
• C. The observe phase
• D. The act phase

Answer: B

NEW QUESTION 5

You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus.
Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

• A. Recovery
• B. Identification
• C. Containment
• D. Eradication

Answer: D

NEW QUESTION 6

Which of the following are the types of Intrusion detection system?

• A. Server-based intrusion detection system (SIDS)
• B. Client based intrusion detection system (CIDS)
• C. Host-based intrusion detection system (HIDS)
• D. Network intrusion detection system (NIDS)

Answer: CD

NEW QUESTION 7

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

• A. F936.28A1.5BCD.DEFA
• B. A3-07-B9-E3-BC-F9
• C. 1011-0011-1010-1110-1100-0001
• D. 132.298.1.23

Answer: B

NEW QUESTION 8

Which of the following is an organization that defines standards for anti-virus software?

• A. ICSA
• B. IETF
• C. IIS
• D. IEEE

Answer: A

NEW QUESTION 9

Which of the following types of firewalls forms a session flow table?

• A. Proxy server firewall
• B. Packet filtering firewall
• C. Stateless packet filtering firewall
• D. Stateful packet filtering firewall

Answer: D

NEW QUESTION 10

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

• A. S/MIME
• B. Asymmetric
• C. PGP
• D. Symmetric

Answer: D

NEW QUESTION 11

You and your project team want to perform some qualitative analysis on the risks you have identified and documented in Project Web Access for your project. You would like to create a table that captures the likelihood and affect of the risk on the project. What type of a chart or table would you like to create for the project risks?

• A. Risk Breakdown Structure
• B. Risk Probability and Impact Matrix
• C. Risk Review Table
• D. Risk Impact and Affect Matrix

Answer: B

NEW QUESTION 12

Which of the following protocols implements VPN using IPSec?

• A. SLIP
• B. PPTP
• C. PPP
• D. L2TP

Answer: D

NEW QUESTION 13

Which U.S. government agency is responsible for establishing standards concerning cryptography for nonmilitary use?

• A. American Bankers Association
• B. Central Security Service (CSS)
• C. National Institute of Standards and Technology (NIST)
• D. International Telecommunications Union
• E. Request for Comments (RFC)
• F. National Security Agency (NSA)

Answer: C

NEW QUESTION 14

What is a variant with regard to Configuration Management?

• A. A CI that has the same name as another CI but shares no relationship.
• B. A CI that has the same essential functionality as another CI but a bit different in some small manner.
• C. A CI that particularly refers to a hardware specification.
• D. A CI that particularly refers to a software version.

Answer: B

NEW QUESTION 15

Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address. He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam?
Each correct answer represents a complete solution. Choose all that apply.

• A. Forward a copy of the spam to the ISP to make the ISP conscious of the spam.
• B. Send an email to the domain administrator responsible for the initiating IP address.
• C. Report the incident to the FTC (The U.
• D. Federal Trade Commission) by sending a copy of the spam message.
• E. Close existing email account and open new email account.

Answer: AC

NEW QUESTION 16

Hardening a system is one of the practical methods of securing a computer system. Which of the following techniques is used for hardening a computer system?

• A. Disabling all user accounts
• B. Applying egress filtering
• C. Applying Access Control List (ACL)
• D. Applying a patch to the OS kernel

Answer: D

NEW QUESTION 17

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

• A. NetBus
• B. EliteWrap
• C. Trojan Man
• D. Tiny

Answer: C

NEW QUESTION 18
......