GISF | Improved GISF Training For GIAC Information Security Fundamentals Certification

NEW QUESTION 1

Which of the following are core TCP/IP protocols that can be implemented with Windows NT to connect computers and internetworks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Address Resolution Protocol (ARP)
• B. Network Link Protocol (NWLink)
• C. User Datagram Protocol (UDP)
• D. Internet Control Message Protocol (ICMP)

Answer: ACD

NEW QUESTION 2

Which of the following types of viruses can prevent itself from being detected by an antivirus application?

• A. File virus
• B. Boot sector virus
• C. Multipartite virus
• D. Stealth virus

Answer: D

NEW QUESTION 3

You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network.
You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?

• A. Autonomous system area (AS)
• B. Demilitarized zone (DMZ)
• C. Border network area
• D. Site network area

Answer: C

NEW QUESTION 4

You are the project manager for BlueWell Inc. You are reviewing the risk register for your project. The risk register provides much information to you, the project manager and to the project team during the risk response planning. All of the following are included in the risk register except for which item?

• A. Trends in qualitative risk analysis results
• B. Symptoms and warning signs of risks
• C. List of potential risk responses
• D. Network diagram analysis of critical path activities

Answer: D

NEW QUESTION 5

Which of the following components are usually found in an Intrusion detection system (IDS)?
Each correct answer represents a complete solution. Choose two.

• A. Console
• B. Sensor
• C. Firewall
• D. Modem
• E. Gateway

Answer: AB

NEW QUESTION 6

Mark is implementing security on his e-commerce site. He wants to ensure that a customer
sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

• A. Authentication
• B. Firewall
• C. Packet filtering
• D. Digital signature

Answer: D

NEW QUESTION 7

Which of the following types of firewalls forms a session flow table?

• A. Proxy server firewall
• B. Packet filtering firewall
• C. Stateless packet filtering firewall
• D. Stateful packet filtering firewall

Answer: D

NEW QUESTION 8

Which two security components should you implement on the sales personnel portable computers to increase security?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

• A. Remote access policy
• B. L2TP over IPSec
• C. PPTP
• D. Remote Authentication Dial-In User Service (RADIUS)
• E. Encrypting File System (EFS)

Answer: BE

NEW QUESTION 9

You have successfully installed an IRM server into your environment. This IRM server will be utilized to protect the company's videos, which are available to all employees but contain sensitive data. You log on to the WSS 3.0 server with administrator permissions and navigate to the Operations section. What option should you now choose so that you can input the RMS server name for the WSS 3.0 server to use?

• A. Self-service site management
• B. Content databases
• C. Information Rights Management
• D. Define managed paths

Answer: C

NEW QUESTION 10

Which of the following tools can be used for stress testing of a Web server? Each correct answer represents a complete solution. Choose two.

• A. Internet bots
• B. Spyware
• C. Scripts
• D. Anti-virus software

Answer: AC

NEW QUESTION 11

Your corporate network uses a Proxy Server for Internet access. The Manufacturing group has access permission for WWW protocol in the Web Proxy service, and access permission for POP3 protocol, in the WinSock Proxy service. The Supervisors group has access permission for WWW and FTP Read protocols in the Web Proxy service, and access permission for the SMTP protocol in the WinSock Proxy service. The Quality Control group has access permission only for WWW protocol in the Web Proxy service. The Interns group has no permissions granted in any of the Proxy Server services. Kate is a member of all four groups. In the Proxy Server services, which protocols does Kate have permission to use?

• A. WWW only
• B. FTP Read and SMTP only
• C. WWW, FTP Read, POP3, and SMTP
• D. WWW and POP3 only

Answer: C

NEW QUESTION 12

Which of the following protocols is used to prevent switching loops in networks with
redundant switched paths?

• A. Cisco Discovery Protocol (CDP)
• B. Spanning Tree Protocol (STP)
• C. File Transfer Protocol (FTP)
• D. VLAN Trunking Protocol (VTP)

Answer: B

NEW QUESTION 13

In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?

• A. Bandwidth
• B. Load
• C. Delay
• D. Frequency

Answer: D

NEW QUESTION 14

The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for uCertify Software Systems Pvt. Ltd.?
(Click the Exhibit button on the toolbar to see the case study.)

• A. Providing secure communications between Washington and the headquarters office.
• B. Implementing Certificate services on Texas office.
• C. Preventing denial-of-service attacks.
• D. Ensuring secure authentication.
• E. Preventing unauthorized network access.
• F. Providing two-factor authentication.
• G. Protecting employee data on portable computers.
• H. Providing secure communications between the overseas office and the headquarters.

Answer: DEGH

NEW QUESTION 15

Which of the following are the types of Intrusion detection system?

• A. Server-based intrusion detection system (SIDS)
• B. Client based intrusion detection system (CIDS)
• C. Host-based intrusion detection system (HIDS)
• D. Network intrusion detection system (NIDS)

Answer: CD

NEW QUESTION 16

You work as a Software Developer for Mansoft Inc. You have participated in the customization of a previously developed Configuration Management Application Block (CMAB) that manages an application configuration setting in multiple data stores. Based on requirements, you have extended the CMAB to read and write configuration data to and from an Oracle database. You need to create a unit test strategy. Which of the following steps would you include in a unit test of the CMAB?
Each correct answer represents a part of the solution. Choose all that apply.

• A. Perform White box testing
• B. Regression test the existing functionality
• C. Execute Use cases of the application
• D. Perform Stress testing
• E. Review the implementation

Answer: ABE

NEW QUESTION 17

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.
• B. Look at the Web servers logs and normal traffic logging.
• C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.
• D. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

Answer: ABD

NEW QUESTION 18
......