GSNA | What Validated GSNA Exam Topics Is

NEW QUESTION 1

You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site. Which type of style sheet will you use?

• A. Internal Style Sheet
• B. External Style Sheet
• C. Inline Style Sheet
• D. Embedded Style Sheet

Answer: B

Explanation:

To apply the same style consistently throughout your Web site you should use external style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628

NEW QUESTION 2

You have to ensure that your Cisco Router is only accessible via telnet and ssh from the following hosts and subnets: 10.10.2.103 10.10.0.0/24 Which of the following sets of commands will you use to accomplish the task?

• A. access-list 10 permit host 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4 access-class 10 out
• B. access-list 10 permit 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4 access-group 10 in
• C. access-list 10 permit host 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4access-class 10 in
• D. access-list 10 permit host 10.10.2.103access-list 11 permit host 10.10.0.0 255.255.255.0access-list 12 deny any line vty 0 4access-group 10, 11, 12 in

Answer: C

Explanation:

In order to accomplish the task, you will have to run the following sets of commands: access-list 10 permit host 10.10.2.103 access-list 10 permit 10.10.0.0 0.0.0.255 access-list 10 deny any line vty 0 4 access-class 10 in This configuration set meets all the requirements. The ACL is correctly configured and is applied to the VTY lines using the access-class command for inbound connections. Answer D is incorrect. This
configuration actually creates 3 separate ACL's (10, 11, and 12) and also incorrectly attempts to apply the ACL's to the VTY lines. Answer A is incorrect. This configuration is correct except for the access-class command being applied in the outbound direction. When using "access-class out", the router will not match connections coming into the router for Telnet and/or SSH. Instead, it will match connections being generated from the router. Answer B is incorrect. This configuration is correct except for the access-group command. Access-group is used to apply ACLs to an interface. Access-class is used to apply ACLs to VTY lines.

NEW QUESTION 3

Which of the following Windows processes supports creating and deleting processes and threads, running 16-bit virtual DOS machine processes, and running console windows?

• A. smss.exe
• B. services.exe
• C. csrss.exe
• D. System

Answer: C

Explanation:

csrss.exe is a process that supports creating and deleting processes and threads, running 16-bit virtual DOS machine processes, and running console windows. Answer B is incorrect. This process is the Windows Service Controller, which is responsible for starting and stopping system services running in the background. Answer A is incorrect. This process supports the programs needed to implement the user interface, including the graphics subsystem and the log on processes. Answer D is incorrect. This process includes most kernel-level threads, which manage the underlying aspects of the operating system.

NEW QUESTION 4

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?

• A. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.
• B. Look at the Web servers logs and normal traffic logging.
• C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.
• D. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

Answer: ABD

Explanation:

You can use the following methods to investigate Cross-Site Scripting attack:
* 1. Look at the Web servers logs and normal traffic logging.
* 2. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.
* 3. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site. Answer C is incorrect. This method is not used to investigate Cross-Site Scripting attack.

NEW QUESTION 5

Sam works as a Network Administrator for XYZ CORP. The computers in the company run Windows Vista operating system, and they are continuously connected to the Internet. This makes the network of the company susceptible to attacks from unauthorized users. Which of the following will Sam choose to protect the network of the company from such attacks?

• A. Firewall
• B. Windows Defender
• C. Software Explorer
• D. Quarantined items

Answer: A

Explanation:
A firewall is a set of related programs configured to protect private networks connected to the Internet from intrusion. It is used to regulate the network traffic between different computer networks. It permits or denies the transmission of a network packet to its destination based on a set of rules. A firewall is often installed on a separate computer so that an incoming packet does not get into the network directly. Answer B is incorrect. Windows Defender is a software product designed by Microsoft to provide continuous security against malware. If it detects anything suspicious, an alert will appear on the screen. Windows Defender can also be used to scan a computer for suspicious software. It can remove or quarantine any malware or spyware it finds. Answer C is incorrect. Software Explorer is a tool of Windows Defender. It is used to remove, enable, or disable the programs running on a computer. Answer D is incorrect. Quarantined items is a tool of Windows Defender. It is used to remove or restore a program blocked by Windows Defender.

NEW QUESTION 6

Which of the following controls define the direction and behavior required for technology to function properly?

• A. Detailed IS controls
• B. General controls
• C. Application controls
• D. Pervasive IS controls

Answer: D

Explanation:
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The pervasive control permeates the area by using a greater depth of control integration over a wide area of influence. Answer B is incorrect. General controls are the parent class of controls that governs all areas of a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. Answer A is incorrect. Detailed IS controls are controls used for manipulating the on-going tasks in an organization. Some of the specific tasks require additional detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as: The way system security parameters are set. How input data is verified before being accepted into an application. How to lock a user account after unsuccessful logon attempts. How the department handles acquisitions, security, delivery, implementation, and support of IS services. Answer C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in the control family. An activity should be filtered through the general controls, then the pervasive controls and detailed controls, before reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that each system meets the requirement.

NEW QUESTION 7

Pingdom is a website monitoring service. Which of the following services are provided by Pingdom?

• A. It creates complicated charts to spot trends and imprecisely pinpoint problems.
• B. It works as an iPhone application to make sure that a website is reachable and responding properly at all times.
• C. It is used to monitor sites and servers on the Internet.
• D. It is used to track the uptime, downtime, and performance of websites.

Answer: BCD

Explanation:
Pingdom is a website monitoring service that is used by administrators to monitor sites and servers on the Internet. It alerts the site owners if it detects a problem. Pingdom service is used to track the uptime, downtime, and overall performance of websites. Pingdom also works as an iPhone application to make sure that a website is reachable and responding properly at all times. If not so, it provides the administrator with the email and SMS alerts. It creates charts and tables that are easy to understand. These charts and tables enable an administrator to spot trends and accurately pinpoint problems. Answer A is incorrect. Pingdom creates charts that are easy to understand. These charts are used to spot trends and accurately pinpoint problems.

NEW QUESTION 8

You work as a Web Deployer for UcTech Inc. You write the <security constraint> element for an application in which you write the <auth-constraint> sub-element as follows: <auth- constraint> <role-name>*</role-name> </auth-constraint> Who will have access to the application?

• A. Only the administrator
• B. No user
• C. All users
• D. It depends on the application.

Answer: C

Explanation:

The <auth-constraint> element is a sub-element of the <security-constraint> element. It defines the roles that are allowed to access the Web resources specified by the
<web-resource-collection> sub-elements. The <auth-constraint> element is written in the deployment descriptor as follows: <security-constraint> <web-resource-collection> -----------
----- </web-resource-collection> <auth-constraint> <role-name>Administrator</role-name>
</auth-constraint> </security-constraint> Writing Administrator within the <role-name> element will allow only the administrator to have access to the resource defined within the
<web-resource-collection> element.

NEW QUESTION 9

What is the purpose of Cellpadding attribute of <Table> tag?

• A. Cellpadding is used to set the width of cell border and its content.
• B. Cellpadding is used to set the width of a table.
• C. Cellpadding is used to set the space between the cell border and its content.
• D. Cellpadding is used to set the space between two cells in a table.

Answer: C

Explanation:

Cellpadding attribute is used to set the space, in pixels , between the cell border and its content. If you have not set the value of Cellpadding attribute for a table, the browser takes the default value as 1.

NEW QUESTION 10

You have just installed a Windows 2003 server. What action should you take regarding the default shares?

• A. Disable them only if this is a domain server.
• B. Disable them.
• C. Make them hidden shares.
• D. Leave them, as they are needed for Windows Server operations.

Answer: B

Explanation:

Default shares should be disabled, unless they are absolutely needed. They pose a significant security risk by providing a way for an intruder to enter your machine. Answer A is incorrect. Whether this is a domain server, a DHCP server, a file server, or database server does not change the issue with shared drives/folders. Answer C is incorrect. They cannot be hidden. Shared folders are, by definition, not hidden but rather available to users on the network. Answer D is incorrect. These are not necessary for Windows Server operations.

NEW QUESTION 11

Samantha works as a Web Developer for XYZ CORP. She develops a Web application using Visual InterDev. She wants to group a series of HTML elements together so that an action can be performed collectively on them. Which of the following tags will Samantha use to accomplish this?

• A. DIV
• B. GROUP
• C. BODY
• D. SPAN

Answer: A

Explanation:

DIV is an HTML tag that groups a series of elements into a larger group. It can be used when an action needs to be performed collectively on the grouped elements. The DIV tag acts as a container for other elements. Answer D is incorrect. The SPAN tag is used within an element to group a part of it. For example, this tag can be used to group a few sentences from within a paragraph, so that a particular action can be performed only on them. Answer C is incorrect. The BODY tag is used to specify the beginning and end of
the document body. Answer B is incorrect. There is no tag such as GROUP in HTML.

NEW QUESTION 12

Which of the following are the countermeasures against WEP cracking?

• A. Using the longest key supported by hardware.
• B. Changing keys often.
• C. Using a non-obvious key.
• D. Using a 16 bit SSID.

Answer: ABC

Explanation:

A user can use some countermeasures to prevent WEP cracking. Although WEP is least secure, it should not be used. However, a user can use the following methods to mitigate WEP cracking: Use a non-obvious key. Use the longest key supported by hardware. Change keys often. Use WEP in combination with other security features, such as rapid WEP key rotation and dynamic keying using 802.1x. Consider WEP a deterrent, not a guarantee. Answer D is incorrect. SSID stands for Service Set Identifier. It is used to identify a wireless network. SSIDs are case sensitive text strings and have a maximum length of 32 characters. All wireless devices on a wireless network must have the same SSID in order to communicate with each other. The SSID on computers and the devices in WLAN can be set manually and automatically. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks will create a conflict. A network administrator often uses a public SSID that is set on the access point. The access point broadcasts SSID to all wireless devices within its range. Some newer wireless access points have the ability to disable the automatic SSID broadcast feature in order to improve network security.

NEW QUESTION 13

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

• A. Single Loss Expectancy (SLE)
• B. Annualized Rate of Occurrence (ARO)
• C. Exposure Factor (EF)
• D. Safeguard

Answer: B

Explanation:

The Annualized Rate of Occurrence (ARO) is a number that represents the estimated frequency at which a threat is expected to occur. It is calculated based upon the probability of the event occurring and the number of employees that could make that event occur. Answer C is incorrect. The Exposure Factor (EF) represents the % of assets loss caused by a threat. The EF is required to calculate the Single Loss Expectancy (SLE). Answer A is incorrect. The Single Loss Expectancy (SLE) is the value in dollars that is assigned to a single event. SLE = Asset Value ($) X Exposure Factor (EF) Answer D is incorrect. Safeguard acts as a countermeasure for reducing the risk associated with a specific threat or a group of threats.

NEW QUESTION 14

You work as a Network Administrator for Tech Perfect Inc. For security issues, the company requires you to harden its routers. You therefore write the following code: Router#config terminal Router(config) #no ip bootp server Router(config) #no ip name- server Router(config) #no ntp server Router(config) #no snmp server Router(config) #no ip http server Router(config) #^Z Router# What services will be disabled by using this configuration fragment?

• A. BootP service
• B. Finger
• C. CDP
• D. DNS function

Answer: AD

Explanation:

The above configuration fragment will disable the following services from the router: The BootP service The DNS function The Network Time Protocol The Simple Network Management Protocol Hyper Text Transfer Protocol

NEW QUESTION 15

You work as a Network Administrator for Techpearl Inc. You are configuring the rules for the firewall of the company. You need to allow internal users to access secure external websites. Which of the following firewall rules will you use to accomplish the task?

• A. TCP 172.16.1.0/24 any any 80 HTTP permit
• B. TCP 172.16.1.0/24 any any 25 SMTP permit
• C. TCP 172.16.1.0/24 any any 80 HTTP deny
• D. TCP 172.16.1.0/24 any any 443 HTTPs permit

Answer: D

Explanation:

The TCP 172.16.1.0/24 any any 443 HTTPs permit rule is used to allow internal users to access secure external websites. Answer A is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP permit rule is used to allow internal users to access external websites (secure & unsecure both). Answer C is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP deny rule is used to deny internal users to access external websites. Answer B is incorrect. The TCP 172.16.1.0/24 any any 25 SMTP permit rule is used to allow internal mail servers to deliver mails to external mail servers.

NEW QUESTION 16

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. Which of the following tools can you use to accomplish the task?

• A. Wget
• B. WinSSLMiM
• C. Whisker
• D. httprint

Answer: D

Explanation:

According to the scenario, you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. For this, you will use the httprint tool to accomplish the task. httprint is a fingerprinting tool that is based on Web server characteristics to accurately identify Web servers. It works even when Web server may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. It can also be used to detect Web enabled devices that do not contain a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings for identification, and an attacker can also add signatures to the signature database. Answer A is incorrect. Wget is a Website copier that is used to analyze the vulnerabilities of a Website offline. Answer C is incorrect. Whisker is an HTTP/Web vulnerability scanner that is written in the PERL language. Whisker runs on both the Windows and UNIX environments. It provides functions for testing HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Answer B is incorrect. WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in Internet Explorer. The tool works under Windows 9x/2000. Which of the following tools can be used to automate the MITM attack? A. Airjack B. Kismet C. Hotspotter D. IKECrack Answer A
Airjack is a collection of wireless card drivers and related programs. It uses a program called monkey_jack that is used to automate the MITM attack. Wlan_jack is a DoS tool in the set of airjack tools, which accepts a target source and BSSID to send continuous deauthenticate frames to a single client or an entire network. Another tool, essid_jack is used to send a disassociate frame to a target client in order to force the client to reassociate with the network and giving up the network SSID. Answer C is incorrect. Hotspotter is a wireless hacking tool that is used to detect rogue access point. It fools users to connect, and authenticate with the hacker's tool. It sends the deauthenticate frame to the victim's computer that causes the victim's wireless connection to be switched to a non- preferred connection. Answer D is incorrect. IKECrack is an IKE/IPSec authentication crack tool, which uses brute force for searching password and key combinations of Pre- Shared-Key authentication networks. The IKECrack tool undermines the latest Wi-Fi security protocol with repetitive attempts at authentication with random passphrases or keys. Answer B is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks: To identify networks by passively collecting packets To detect standard named networks To detect masked networks To collect the presence of non-beaconing networks via data traffic

NEW QUESTION 17

Which of the following statements are true about data aggregation?

• A. A common aggregation purpose is to get more information about particular groups based on specific variables.
• B. Data aggregation cannot be user-based.
• C. Data aggregation is any process in which information is gathered and expressed in a summary form.
• D. Online analytic processing (OLAP) is a simple type of data aggregation.

Answer: ACD

Explanation:

Data aggregation is any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis. A common aggregation purpose is to get more information about particular groups based on specific variables such as age, profession, or income. The information about such groups can then be used for Web site personalization to choose content and advertising likely to appeal to an individual belonging to one or more groups for which data has been collected. For example, a site that sells music CDs might advertise certain CDs based on the age of the user and the data aggregate for their age group. Online analytic processing (OLAP) is a simple type of data aggregation in which the marketer uses an online reporting mechanism to process the information. Answer B is incorrect. Data aggregation can be user-based. Personal data aggregation services offer the user a single point for collection of their personal information from other Web sites. The customer uses a single master personal identification number (PIN) to give them access to their various accounts (such as those for financial institutions, airlines, book and music clubs, and so on). Performing this type of data aggregation is sometimes referred to as "screen scraping."

NEW QUESTION 18

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint. Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

• A. nmap -sS
• B. nmap -sU -p
• C. nmap -O -p
• D. nmap -sT

Answer: C

Explanation:

The nmap -O -p switch can be used to perform TCP/IP stack fingerprinting. Nmap is a free open-source utility for network exploration and security auditing. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux, Microsoft Windows etc. Answer B is incorrect. The nmap -sU -p switch can be used to perform UDP port scanning. Answer A is incorrect. The nmap -sS switch is used to perform a TCP half scan. TCP SYN scanning is also known as half-open scanning because in this a full TCP connection is never opened. Answer D is incorrect. The nmap -sT switch is used to perform a TCP full scan.

NEW QUESTION 19

Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. Peter specifies MARGINHEIGHT="0" and MARGINWIDTH="0" in one of the Web pages. How will this affect the Web page?

• A. It will create a borderless page structure when viewed in any browser.
• B. It will create a borderless page structure when viewed in Netscape Navigator.
• C. It will delete all the text from the margins.
• D. It will create a borderless page structure when viewed in Internet Explorer.

Answer: B

Explanation:

The MARGINHEIGHT and MARGINWIDTH attributes are used in the <BODY> tag to adjust the top and left margins of a Web page to be displayed in Netscape Navigator. Specifying MARGINHEIGHT="0" and MARGINWIDTH="0" within the <BODY> tag will create a borderless page structure when viewed in Netscape Navigator. Answer D is incorrect. The TOPMARGIN and LEFTMARGIN attributes are used in the <BODY> tag to adjust the top and left margins of a Web page to be displayed in Internet Explorer. Specifying TOPMARGIN="0" and LEFTMARGIN="0" within the <BODY> tag will create a borderless page structure when viewed in Internet Explorer. Answer C is incorrect. These attributes are used to adjust margins and not to delete text from margins.

NEW QUESTION 20

Which of the following is an example of penetration testing?

• A. Configuring firewall to block unauthorized traffic
• B. Implementing HIDS on a computer
• C. Simulating an actual attack on a network
• D. Implementing NIDS on a network

Answer: C

Explanation:

Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a penetration testing is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security of penetration testing.

NEW QUESTION 21
......