GIAC GISP Dumps

Which of the following is generally practiced by the police or any other recognized governmental authority?

Which of the following is executed when a predetermined event occurs?

Which of the following types of computers is used for attracting potential intruders?

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

What is the hash value length of the Secure Hash Algorithm (SHA-1)?

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

Which of the following performs packet screening for security on the basis of port numbers?

Which of the following is used by the Diffie-Hellman encryption algorithm?

You are using a Windows-based sniffer named ASniffer to record the data traffic of a network. You have extracted the following IP Header information of a randomly chosen packet from the sniffer's log:

45 00 00 28 00 00 40 00 29 06 43 CB D2 D3 82 5A 3B 5E AA 72

Which of the following TTL decimal values and protocols are being carried by the IP Header of this packet?

In which of the following does a Web site store information such as user preferences to provide customized services to users?

Which of the following statements about RSA algorithm are true?

Each correct answer represents a complete solution. Choose two.

Which of the following protocols are used to provide secure communication between a client and a server over the Internet?

Each correct answer represents a part of the solution. Choose two.

Which of the following works at the network layer and hides the local area network IP address and topology?

Which of the following statements about the Instant messaging programs are true?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

Which of the following components come under the physical layer of the OSI model?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is required to be backed up on a domain controller to recover Active Directory?

Which of the following concepts represent the three fundamental principles of information security?

Each correct answer represents a complete solution. Choose three.

Which of the following processes is known as Declassification?

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company.

To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

Which of the following statements about Denial-of-Service (DoS) attack are true?

Each correct answer represents a complete solution. Choose three.

Which of the following protocols work at the session layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Which of the following classes of fire comes under Class C fire?

Which of the following tools was developed by the FBI and is used for keystroke logging in order to capture encryption keys and other information useful for deciphering transmissions?

Which of the following hashing algorithms produces a variable length hash value?

Which of the following access control models requires centralize database of user accounts?

John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

Which of the following encryption algorithms are based on stream ciphers?

Each correct answer represents a complete solution. Choose two.

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the _____ layer of the OSI model.

Which of the following is a reason to implement security logging on a DNS server?

Which of the following are politically motivated threats that an organization faces?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following types of virus is capable of changing its signature to avoid detection?

You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is NOT a countermeasure against a spoofing attack?

Brutus is a password cracking tool that can be used to crack the following authentications:

•HTTP (Basic Authentication)

•HTTP (HTML Form/CGI)

•POP3 (Post Office Protocol v3)

•FTP (File Transfer Protocol)

•SMB (Server Message Block)

•Telnet

Which of the following attacks can be performed by Brutus for password cracking?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following protocols is used with a tunneling protocol to provide security?

Which of the following are the major tasks of risk management?

Each correct answer represents a complete solution. Choose two.

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of The company has provided the following information about the infrastructure of its network:

•Network diagrams of the we-are-secure infrastructure

•Source code of the security tools

•IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?

Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?

Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

Which of the following statements about incremental backup are true?

Each correct answer represents a complete solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against

__________.

Which of the following tools or services is used to find the entire IP address range used by an organization?

You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. An employee of the company is dismissed for attempting to access secret data on the network. What measure will you take next to make the network secure?

You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following protocols work at the Session layer of the OSI model?

Which of the following statements about packet filtering is true?

Which of the following is the most secure method of authentication?

Which of the following are advantages of NTFS file system over FAT32 and FAT?

Each correct answer represents a part of the solution. Choose two.

Which of the following layers are the sub layers of the data-link layer?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is the best method to stop vulnerability attacks on a Web server?

In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?

Which of the following safes are large enough to allow a person to enter?

Which of the following need to be reduced to suppress a fire?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following are the responsibilities of the custodian of data?

Each correct answer represents a complete solution. Choose two.

It is the technique for gathering information for a Web site owner about a user through a few lines of code that reside in the Web pages. This information is gathered through __________.

Which of the following provides protection against network eavesdropping and signal interference and works at the physical layer?

Which of the following are the levels of military data classification system?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?

Each correct answer represents a complete solution. Choose two.

Which of the following components come under the network layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Which of the following rated systems of the Orange book has mandatory protection of the TCB?

Which of the following encryption strengths is used to secure NTLM version 2 passwords?

A ________ is a detailed step-by-step document that explains exactly what is to be done.

Which of the following is a reason to implement security logging on a DNS server?

Which of the following techniques allows an attacker to take network traffic coming towards a host at one port and redirect it from that host to another host.

On which of the following OSI model layers does the Point-to-Point Protocol (PPP) work?

Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS)?

Each correct answer represents a complete solution. Choose three.

The _______ protocol allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

Which of the following is not a level of military data-classification system?

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Which of the following protocols are used to provide secure communication between a client and a server over the Internet?

Each correct answer represents a part of the solution. Choose two.

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

Which of the following steps are generally followed in computer forensic examinations?

Each correct answer represents a complete solution. Choose three.

Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

Which of the following methods is a behavior-based IDS detection method?

Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?

Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?

Which of the following heights of fence deters only casual trespassers?

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Which of the following authentication techniques will you use to implement the security policy of the company?

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this?

Each correct answer represents a complete solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He writes the following snort rule:

This rule can help him protect the We-are-secure server from the __________.

Which of the following is the best way of protecting important data against virus attack?

Which of the following does Certification Authority (CA) provide in an e-commerce system?

Each correct answer represents a complete solution. Choose two.

Which of the following standards is used in wireless local area networks (WLANs)?

Which of the following statements about active attack is true?

Which of the following statements about Network Address Translation (NAT) are true?

Each correct answer represents a complete solution. Choose two.

Fill in the blank with the appropriate value.

Primary Rate Interface (PRI) of an ISDN connection contains _______ B channels and ______ D channel.

Which of the following are the application layer protocols for security?

Each correct answer represents a complete solution. Choose three.

Which of the following terms is used for securing an operating system from an attack?

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?

Each correct answer represents a complete solution. Choose two.

Which of the following refers to encrypted text?

Which of the following type of errors occurs when a legitimate user incorrectly denied access to resources by the Biometrics authentication systems?

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.