GIAC GSEC Free Practice Questions

NEW QUESTION 1
How are differences in configuration settings handled between Domain and Local Group Policy Objects (GPOs)?

• A. Local and Domain GPOs control different configuration settings, so there will not be conflict
• B. Settings in the domain-wide GPO override conflicting settings in the local GPO on each compute
• C. Settings in the local GPO override conflicting settings when the domain-wide GPO is applie
• D. Precedence depends on which GPO was updated firs

Answer: B

NEW QUESTION 2
Which of the following tools is used to configure, control, and query the TCP/IP network interface parameters?

• A. NSLOOKUP
• B. IPCONFIG
• C. ARP
• D. IFCONFIG

Answer: D

NEW QUESTION 3
You are going to upgrade your hard disk's file system from FAT to NTFS. What are the major advantages of the NTFS file system over FAT16 and FAT32 file systems?
Each correct answer represents a complete solution. Choose all that apply.

• A. NTFS gives better file security than FAT16 and FAT32.
• B. Automatic backu
• C. NTFS file system supports for larger hard disk
• D. NTFS give improved disk compression than FAT16 and FAT32.

Answer: ACD

NEW QUESTION 4
Which of the following choices accurately describes how PGP works when encrypting email?

• A. PGP encrypts the message with the recipients public key, then encrypts this key with a random asymmetric ke
• B. PGP creates a random asymmetric key that it uses to encrypt the message, then encrypts this key with the recipient's public key
• C. PGP creates a random symmetric key that it uses to encrypt the message, then encrypts this key with the recipient's public key
• D. PGP encrypts the message with the recipients public key, then encrypts this key with a random symmetric ke

Answer: B

NEW QUESTION 5
Your organization is developing a network protection plan. No single aspect of your network seems more important than any other. You decide to avoid separating your network into segments or categorizing the systems on the network. Each device on the network is essentially protected in the same manner as all other devices.
This style of defense-in-depth protection is best described as which of the following?

• A. Uniform protection
• B. Threat-oriented
• C. Information-centric
• D. Protected enclaves

Answer: A

NEW QUESTION 6
You work as a Network Administrator for Rick International. The company has a TCP/IP-based network. A user named Kevin wants to set an SSH terminal at home to connect to the company's network. You have to configure your company's router for it. By default, which of the following standard ports does the SSH protocol use for connection?

• A. 443
• B. 22
• C. 21
• D. 80

Answer: B

NEW QUESTION 7
You work as a Network Administrator for McNeil Inc. You are installing an application. You want to view the log file whenever a new entry is added to the /var/log/messages log file. Which of the following commands will you use to accomplish this?

• A. TAIL -show /var/log/messages
• B. TAIL -f /var/log/messages
• C. TAIL -50 /var/log/messages
• D. TAIL -view /var/log/messages

Answer: B

NEW QUESTION 8
During which of the following steps is the public/private key-pair generated for Public Key Infrastructure (PKI)?

• A. Key Recovery
• B. Initialization
• C. Registration
• D. Certification

Answer: B

NEW QUESTION 9
The process of enumerating all hosts on a network defines which of the following activities?

• A. Port scanning
• B. Vulnerability scanning
• C. GPS mapping
• D. Network mapping

Answer: D

NEW QUESTION 10
Which of the following statements would describe the term "incident" when used in the branch of security known as Incident Handling?

• A. Any observable network event
• B. Harm to systems
• C. Significant threat of harm to systems
• D. A and C
• E. A, B, and C
• F. B and C
• G. A and B

Answer: D

NEW QUESTION 11
Which of the following is generally practiced by the police or any other recognized governmental authority?

• A. Spoofing
• B. SMB signing
• C. Wiretapping
• D. Phishing

Answer: C

NEW QUESTION 12
Which choice best describes the line below?
alert tcp any any -> 192.168.1.0/24 80 (content: /cgi-bin/test.cgi"; msg: "Attempted
CGI-BIN Access!!";)

• A. Tcpdump filter
• B. IP tables rule
• C. Wire shark filter
• D. Snort rule

Answer: D

NEW QUESTION 13
Which of the following is TRUE regarding the ability of attackers to eavesdrop on wireless communications?

• A. Eavesdropping attacks cannot be performed through concrete wall
• B. Eavesdropping attacks can take place from miles awa
• C. Eavesdropping attacks are easily detected on wireless network
• D. Eavesdropping attacks require expensive device

Answer: B

NEW QUESTION 14
You have an automated system for patching the operating systems of all your computers. All patches are supposedly current. Yet your automated vulnerability scanner has just reported vulnerabilities that you believe have been patched. Which of the actions below should you take next?

• A. Check some systems manuall
• B. Rerun the system patching routine
• C. Contact the incident response tea
• D. Ignore the findings as false positive

Answer: A

NEW QUESTION 15
A new data center is being built where customer credit information will be processed and stored. Which of the following actions will help maintain the confidentiality of the data?

• A. Environmental sensors in the server room
• B. Access control system for physical building
• C. Automated fire detection and control systems
• D. Frequent off-site backup of critical databases

Answer: B

NEW QUESTION 16
......