GSEC | Avant-garde GSEC Free Draindumps For GIAC Security Essentials Certification Certification

NEW QUESTION 1
Which of the following describes software technologies that improve portability, manageability, and compatibility of applications by encapsulating them from the underlying operating system on which they are executed?

• A. System registry
• B. Group Policy
• C. Application virtualization
• D. System control

Answer: C

NEW QUESTION 2
Which of the following processes is known as sanitization?

• A. Assessing the risk involved in discarding particular informatio
• B. Verifying the identity of a person, network host, or system proces
• C. Physically destroying the media and the information stored on i
• D. Removing the content from the media so that it is difficult to restor

Answer: D

NEW QUESTION 3
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.uCertify.com. What is the most likely cause?

• A. DNS entry is not available for the host nam
• B. The site's Web server is offlin
• C. The site's Web server has heavy traffi
• D. WINS server has no NetBIOS name entry for the serve

Answer: A

NEW QUESTION 4
What is SSL primarily used to protect you against?

• A. Session modification
• B. SQL injection
• C. Third-patty sniffing
• D. Cross site scripting

Answer: C

NEW QUESTION 5
With regard to defense-in-depth, which of the following statements about network design principles is correct?

• A. A secure network design requires that systems that have access to the Internet should not be accessible from the Internet and that systems accessible from the Internet should not have access to the Interne
• B. A secure network design requires that networks utilize VLAN (Virtual LAN) implementations to insure that private and semi-public systems are unable to reach each other without going through a firewal
• C. A secure network design will seek to provide an effective administrative structure by providing a single choke-point for the network from which all security controls and restrictions will be enforce
• D. A secure network design will seek to separate resources by providing a security boundary between systems that have different network security requirement

Answer: D

NEW QUESTION 6
Which choice best describes the line below?
alert tcp any any -> 192.168.1.0/24 80 (content: /cgi-bin/test.cgi"; msg: "Attempted
CGI-BIN Access!!";)

• A. Tcpdump filter
• B. IP tables rule
• C. Wire shark filter
• D. Snort rule

Answer: D

NEW QUESTION 7
In a /24 subnet, which of the following is a valid broadcast address?

• A. 200.11.11.1
• B. 221.10.10.10
• C. 245.20.30.254
• D. 192.10.10.255

Answer: D

NEW QUESTION 8
Which Host-based IDS (HIDS) method of log monitoring utilizes a list of keywords or phrases that define the events of interest for the analyst, then takes a list of keywords to watch for and generates alerts when it sees matches in log file activity?

• A. Passive analysis
• B. Retroactive analysis
• C. Exclusive analysis
• D. Inclusive analysis

Answer: D

NEW QUESTION 9
Your CIO has found out that it is possible for an attacker to clone your company's RFID (Radio Frequency ID) based key cards. The CIO has tasked you with finding a way to ensure that anyone entering the building is an employee. Which of the following authentication types would be the appropriate solution to this problem?

• A. Mandatory Access Controls
• B. Bell-LaPadula
• C. Two-Factor
• D. TACACS

Answer: C

NEW QUESTION 10
What does the "x" character in the second field of the user account record of the /etc/passwd file indicate?

• A. The user account is using a shadow passwor
• B. The user account is shared by more than one use
• C. The user account is disable
• D. The user account does not exis

Answer: A

NEW QUESTION 11
Which port category does the port 110 fall into?

• A. Well known port
• B. Dynamic port
• C. Private port
• D. Application port

Answer: A

NEW QUESTION 12
Which of the following protocols provides maintenance and error reporting function?

• A. UDP
• B. ICMP
• C. PPP
• D. IGMP

Answer: B

NEW QUESTION 13
You have reason to believe someone with a domain user account has been accessing and modifying sensitive spreadsheets on one of your application servers. You decide to enable auditing for the files to see who is accessing and changing them. You enable the Audit Object Access policy on the files via Group Policy. Two weeks later, when you check on
the audit logs, you see they are empty. What is the most likely reason this has happened?

• A. You cannot enable auditing on files, just folders
• B. You did not enable auditing on the files
• C. The person modifying the files turned off auditing
• D. You did not save the change to the policy

Answer: B

NEW QUESTION 14
At what point in the Incident Handling process should an organization determine its approach to notifying law enforcement?

• A. When performing analysis
• B. When preparing policy
• C. When recovering from the incident
• D. When reacting to an incident

Answer: D

NEW QUESTION 15
Users at the Marketing department are receiving their new Windows XP Professional workstations. They will need to maintain local work files in the first logical volume, and will use a second volume for the information shared between the area group. Which is the best file system design for these workstations?

• A. Both volumes should be converted to NTFS at install tim
• B. First volume should be FAT32 and second volume should be NTF
• C. First volume should be EFS and second volume should be FAT32.
• D. Both volumes should be converted to FAT32 with NTFS DACL

Answer: A

NEW QUESTION 16
What would the following IP tables command do?
IP tables -I INPUT -s 99.23.45.1/32 -j DROP

• A. Drop all packets from the source address
• B. Input all packers to the source address
• C. Log all packets to or from the specified address
• D. Drop all packets to the specified address

Answer: A

NEW QUESTION 17
Which of the below choices should an organization start with when implementing an effective risk management process?

• A. Implement an incident response plan
• B. Define security policy requirements
• C. Conduct periodic reviews
• D. Design controls and develop standards for each technology you plan to deploy

Answer: B

NEW QUESTION 18
If you do NOT have an original file to compare to, what is a good way to identify steganography in potential carrier files?

• A. Determine normal properties through methods like statistics and look for changes
• B. Determine normal network traffic patterns and look for changes
• C. Find files with the extension .stg
• D. Visually verify the files you suspect to be steganography messages

Answer: A

NEW QUESTION 19
......