GIAC GSEC Free Practice Questions

NEW QUESTION 1
If a DNS client wants to look up the IP address for good.news.com and does not receive an authoritative reply from its local DNS server, which name server is most likely to provide an authoritative reply?

• A. The news.com domain name server
• B. The .com (top-level) domain name server
• C. The .(root-level) domain name server
• D. The .gov (top-level) domain name server

Answer: A

NEW QUESTION 2
Which of the following is a name, symbol, or slogan with which a product is identified?

• A. Copyright
• B. Trademark
• C. Trade secret
• D. Patent

Answer: B

NEW QUESTION 3
Which of the following is an Implementation of PKI?

• A. SSL
• B. 3DES
• C. Kerberos
• D. SHA-1

Answer: A

NEW QUESTION 4
What is SSL primarily used to protect you against?

• A. Session modification
• B. SQL injection
• C. Third-patty sniffing
• D. Cross site scripting

Answer: C

NEW QUESTION 5
Two clients connecting from the same public IP address (for example - behind the same NAT firewall) can connect simultaneously to the same web server on the Internet, provided what condition is TRUE?

• A. The server is not using a well-known por
• B. The server is on a different networ
• C. The client-side source ports are differen
• D. The clients are on different subnet

Answer: C

NEW QUESTION 6
Which of the following are advantages of Network Intrusion Detection Systems (NIDS)?

• A. Analysis of encrypted traffic
• B. Provide insight into network traffic
• C. Detection of network operations problems
• D. Provide logs of network traffic that can be used as part of other security measure
• E. Inexpensive to manage
• F. B, C, and D
• G. A, C, and E
• H. B, D, and E
• I. A, B, and C

Answer: C

NEW QUESTION 7
You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based
network. You have created a folder named Report. You have made David the owner of the folder. The members of a group named JAdmin can access the folder and have Read, Write, and Execute permissions. No other user can access the folder. You want to ensure that the members of the JAdmin group do not have Write permission on the folder. Also, you want other users to have Read permission on the Report folder.
Which of the following commands will you use to accomplish the task?

• A. chmod 777 report
• B. chown david.jadmin report
• C. chmod 555 report
• D. chmod 754 report

Answer: D

NEW QUESTION 8
You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering?
Each correct answer represents a complete solution. Choose two.

• A. Reduce power consumption
• B. Ease of maintenance
• C. Load balancing
• D. Failover

Answer: CD

NEW QUESTION 9
In addition to securing the operating system of production honey pot hosts, what is recommended to prevent the honey pots from assuming the identities of production systems that could result in the denial of service for legitimate users?

• A. Deploy the honey pot hosts as physically close as possible to production system
• B. Deploy the honey pot hosts in an unused part of your address spac
• C. Deploy the honey pot hosts to only respond to attack
• D. Deploy the honey pot hosts on used address spac

Answer: B

NEW QUESTION 10
You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addition to the NOP commands, there appears to be a malicious payload. Of the following, which is the most appropriate preventative measure for this type of attack?

• A. Limits on the number of failed logins
• B. Boundary checks on program inputs
• C. Controls against time of check/time of use attacks
• D. Restrictions on file permissions

Answer: C

NEW QUESTION 11
Which of the following Unix syslog message priorities is the MOST severe?

• A. err
• B. emerg
• C. crit
• D. alert

Answer: B

NEW QUESTION 12
Which of the following networking topologies uses a hub to connect computers?

• A. Bus
• B. Ring
• C. Star
• D. Cycle

Answer: C

NEW QUESTION 13
What is the main reason that DES is faster than RSA?

• A. DES is less secur
• B. DES is implemented in hardware and RSA is implemented in softwar
• C. Asymmetric cryptography is generally much faster than symmetri
• D. Symmetric cryptography is generally much faster than asymmetri

Answer: D

NEW QUESTION 14
Which of the following is a private, RFC 1918 compliant IP address that would be assigned to a DHCP scope on a private LAN?

• A. 127.0.0.100
• B. 169.254.1.50
• C. 10.254.1.50
• D. 172.35.1.100

Answer: C

NEW QUESTION 15
Which of the below choices should an organization start with when implementing an effective risk management process?

• A. Implement an incident response plan
• B. Define security policy requirements
• C. Conduct periodic reviews
• D. Design controls and develop standards for each technology you plan to deploy

Answer: B

NEW QUESTION 16
......