New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium GIAC GSNA Dumps Questions Answers

Page: 1 / 14
Total 368 questions

GIAC Systems and Network Auditor Questions and Answers

Question 1

You work as an IT Technician for XYZ CORP. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company's wireless network. On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?

Options:

A.

RAS

B.

MAC Filtering

C.

SSID

D.

WEP

Buy Now
Question 2

Which of the following protocols are used to provide secure communication between a client and a server over the Internet? (Choose two)

Options:

A.

TLS

B.

SSL

C.

HTTP

D.

SNMP

Question 3

You have made a program secure.c to display which ports are open and what types of services are running on these ports. You want to write the program's output to standard output and simultaneously copy it into a specified file. Which of the following commands will you use to accomplish the task?

Options:

A.

cat

B.

more

C.

less

D.

tee

Question 4

Which of the following services are provided by the proxy servers?

Options:

A.

Intrusion detection

B.

Logging

C.

Hiding network resources

D.

Caching

Question 5

Which of the following statements about Secure Sockets Layer (SSL) are true? (Choose two)

Options:

A.

It provides connectivity between Web browser and Web server.

B.

It provides mail transfer service.

C.

It provides communication privacy, authentication, and message integrity.

D.

It uses a combination of public key and symmetric encryption for security of data.

Question 6

In which of the following attacking methods does an attacker distribute incorrect IP address?

Options:

A.

DNS poisoning

B.

IP spoofing

C.

Mac flooding

D.

Man-in-the-middle

Question 7

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He has successfully completed the following pre-attack phases while testing the security of the server: Footprinting Scanning Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?

Options:

A.

PsPasswd

B.

WinSSLMiM

C.

PsFile

D.

UserInfo

Question 8

The following output is generated by running the show ip route command: RouterA#show ip route < - - Output Omitted for brevity - -> Which next hop address will RouterA use in forwarding traffic to 10.10.100.0/24?

Options:

A.

192.168.10.0

B.

172.18.60.1

C.

172.18.50.1

D.

172.18.1.1

Question 9

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Options:

A.

Disaster recovery plan

B.

Continuity of Operations Plan

C.

Business continuity plan

D.

Contingency plan

Question 10

John works as a professional Ethical Hacker. He has been assigned a project to test the security of He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows: C.\whisker.pl -h target_IP_address -- whisker / v1.4.0 / rain forest puppy / -- = - = - = - = - = = Host: target_IP_address = Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22 + 200 OK: HEAD /cgi-bin/printenv John recognizes /cgi-bin/printenv vulnerability ( 'Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?

Options:

A.

With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

B.

'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.

C.

The countermeasure to 'printenv' vulnerability is to remove the CGI script.

D.

This vulnerability helps in a cross site scripting attack.

Question 11

Adam works as a Security Analyst for Umbrella Inc. He is retrieving large amount of log data from syslog servers and network devices such as Router and switches. He is facing difficulty in analyzing the logs that he has retrieved. To solve this problem, Adam decides to use software called Sawmill. Which of the following statements are true about Sawmill?

Options:

A.

It incorporates real-time reporting and real-time alerting.

B.

It is used to analyze any device or software package, which produces a log file such as Web servers, network devices (switches & routers etc.), syslog servers etc.

C.

It is a software package for the statistical analysis and reporting of log files.

D.

It comes only as a software package for user deployment.

Question 12

Choose the benefits of deploying switches over hubs in your infrastructure. (Choose two)

Options:

A.

Layer 2 switches allow for the creation of Virtual LANs providing options for further segmentation and security.

B.

Switches lower the number of collisions in the environment.

C.

Switches create an environment best suited for half duplex communications. This improves network performance and the amount of available bandwidth.

D.

Layer 2 switches increase the number of broadcast domains in the environment.

Question 13

You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?

Options:

A.

Group access policies

B.

Backup policies

C.

User access policies

D.

Storage and retention policies

Question 14

A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name. Which of the following are true about the naming conventions of Cisco Router interfaces?

Options:

A.

An interface connected to a serial connection always starts with an S.

B.

An interface connected to a Token Ring segment always starts with To.

C.

An Ethernet interface that is fast always starts with an F.

D.

An interface connected to an Ethernet segment of the network always starts with an En.

Question 15

A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather than wait, he has put his own wireless router attached to one of the network ports in his department. What security risk does this present?

Options:

A.

None, adding a wireless access point is a common task and not a security risk.

B.

It is likely to increase network traffic and slow down network performance.

C.

This circumvents network intrusion detection.

D.

An unauthorized WAP is one way for hackers to get into a network.

Question 16

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

Options:

A.

Safeguards

B.

Detective controls

C.

Corrective controls

D.

Preventive controls

Question 17

You work as a Network Administrator for XYZ CORP. The company has a Linux-based network. The company needs to provide secure network access. You have configured a firewall to prevent certain ports and applications from forwarding the packets to the company's intranet. What does a firewall check to prevent these ports and applications from forwarding the packets to the intranet?

Options:

A.

The network layer headers and the session layer port numbers

B.

The application layer port numbers and the transport layer headers

C.

The transport layer port numbers and the application layer headers

D.

The presentation layer headers and the session layer port numbers

Question 18

You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues: The information has proved beneficial to an other company. The other company is located about 340 feet away from your office. The other company is also using wireless network. The bandwidth of your network has degraded to a great extent. Which of the following methods of attack has been used?

Options:

A.

A piggybacking attack has been performed.

B.

A DOS attack has been performed.

C.

The information is traced using Bluebugging.

D.

A worm has exported the information.

Question 19

Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide? (Choose two)

Options:

A.

DNS cache poisoning

B.

DDoS attack

C.

IP spoofing attack

D.

MAC spoofing

Question 20

eBox Platform is an open source unified network server (or a Unified Network Platform) for SMEs. In which of the following forms can eBox Platform be used?

Options:

A.

Unified Communications Server

B.

Network Infrastructure Manager

C.

Gateway

D.

Sandbox

Question 21

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

Options:

A.

Single Loss Expectancy (SLE)

B.

Annualized Rate of Occurrence (ARO)

C.

Exposure Factor (EF)

D.

Safeguard

Question 22

Anonymizers are the services that help make a user's own Web surfing anonymous. An anonymizer removes all the identifying information from a user's computer while the user surfs the Internet. It ensures the privacy of the user in this manner. After the user anonymizes a Web access with an anonymizer prefix, every subsequent link selected is also automatically accessed anonymously. Which of the following are limitations of anonymizers?

Options:

A.

ActiveX controls

B.

Plugins

C.

Secure protocols

D.

Java applications

E.

JavaScript

Question 23

What are the different categories of PL/SQL program units?

Options:

A.

Default

B.

Unnamed

C.

Primary

D.

Named

Question 24

Which of the following statements is true about a relational database?

Options:

A.

It is difficult to extend a relational database.

B.

The standard user and application program interface to a relational database is Programming Language (PL).

C.

It is a collection of data items organized as a set of formally-described tables.

D.

It is a set of tables containing data fitted into runtime defined categories.

Question 25

John works as a professional Ethical Hacker. He is assigned a project to test the security of He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

Options:

A.

IPChains

B.

Tripwire

C.

Hunt

D.

Ethercap

Question 26

Which of the following are HTML tags, used to create a table?

Options:

A.

B.

C.

D.

E.

F.

, , and
tags. The tag designs the table layout, the tag is used to create a row, and the
tag is used to create a column. For example, the following code generates a table with two rows and two columns:

Cell 1 Cell 2
Cell 3 Cell 4

Answer: C, E, and D are incorrect. There are no HTML tags such as

, , and .

Question 27

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to print the super block and block the group information for the filesystem present on a system. Which of the following Unix commands can you use to accomplish the task?

Options:

A.

e2fsck

B.

dump

C.

dumpe2fs

D.

e2label

Question 28

You are responsible for a large network that has its own DNS servers. You periodically check the log to see if there are any problems. Which of the following are likely errors you might encounter in the log? (Choose three)

Options:

A.

The DNS server could not create FTP socket for address [IP address of server]

B.

The DNS server could not create an SMTP socket

C.

Active Directory Errors

D.

The DNS server could not create a Transmission Control Protocol (TCP) socket

E.

The DNS server could not initialize the Remote Procedure Call (RPC) service

Question 29

You are tasked with configuring your routers with a minimum security standard that includes the following: A local Username and Password configured on the router A strong privilege mode password Encryption of user passwords Configuring telnet and ssh to authenticate against the router user database Choose the configuration that best meets these requirements.

Options:

A.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4 RouterA(config-line)#login

B.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable password n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

C.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

D.

RouterA(config)#service enable-password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login user

Question 30

In 1947, the American Institute of Certified Public Accountants (AICPA) adopted GAAS to establish standards for audits. Which of the following categories of audit standards established by GAAS are related to professional and technical competence, independence, and professional due care?

Options:

A.

Reporting standards

B.

Risk Analysis standards

C.

General standards

D.

Field work standards

Question 31

The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAP-TLS?

Options:

A.

It uses password hash for client authentication.

B.

It uses a public key certificate for server authentication.

C.

It is supported by all manufacturers of wireless LAN hardware and software.

D.

It provides a moderate level of security.

Question 32

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: Which of the following tools is John using to crack the wireless encryption keys?

Options:

A.

Cain

B.

PsPasswd

C.

Kismet

D.

AirSnort

Question 33

Mark is an attacker. He wants to discover wireless LANs by listening to beacons or sending probe requests and thereby provide a launch point for further attacks. Which of the following tools can he use to accomplish the task?

Options:

A.

DStumbler

B.

Wellenreiter

C.

KisMAC

D.

Airmon-ng

Question 34

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the hard disk geometry parameters, cylinders, heads, and sectors. Which of the following Unix commands can you use to accomplish the task?

Options:

A.

mke2fs

B.

mkswap

C.

mkfs

D.

hdparm

Question 35

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the user login features on the systems with the shadow passwords. Which of the following Unix configuration files can you use to accomplish the task?

Options:

A.

/etc/logrotate.conf

B.

/etc/login.defs

C.

/etc/magic

D.

/etc/filesystems

Question 36

You work as a Desktop Support Technician for XYZ CORP. The company uses a Windows-based network comprising 50 Windows XP Professional computers. You want to include the Safe Mode with Command Prompt feature into the boot.ini file of a Windows XP Professional computer. Which of the following switches will you use?

Options:

A.

/safeboot:network /sos /bootlog /noguiboot

B.

/safeboot:minimal /sos /bootlog /noguiboot

C.

/safeboot:minimal(alternateshell) /sos /bootlog /noguiboot

D.

/safeboot:dsrepair /sos

Question 37

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has recently backed up his entire Linux hard drive into the my_backup.tgz file. The size of the my_backup.tgz file is 800MB. Now, he wants to break this file into two files in which the size of the first file named my_backup.tgz.aa should be 600MB and that of the second file named my_backup.tgz.ab should be 200MB. Which of the following commands will John use to accomplish his task?

Options:

A.

split --verbose -b 200m my_backup.tgz my_backup.tgz

B.

split --verbose -b 200m my_backup.tgz my_backup.tgz

C.

split --verbose -b 600m my_backup.tgz my_backup.tgz

D.

split --verbose -b 600m my_backup.tgz my_backup.tgz

Question 38

You have purchased a laptop that runs Windows Vista Home Premium. You want to protect your computer from malicious applications, such as spyware, while connecting to the Internet. You configure Windows Defender on your laptop to schedule scan daily at 2 AM as shown in the image below:

You want Windows Defender to scan the laptop for all the known spyware and other potentially unwanted software, including the latest one. You do not want to manually perform this task. Which of the following actions will you perform to accomplish the task?

Options:

A.

Create a scheduled task to download definition files for Windows Defender every Sunday.

B.

Configure Windows Defender to use the definition file placed on the Microsoft Update site for scanning the laptop.

C.

Select the Check for updated definitions before scanning check box in the Automatic Scanning section.

D.

Click the arrow beside the Help button Click the Check for updates option.

Question 39

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

Options:

A.

Web ripping

B.

Steganography

C.

Email spoofing

D.

Social engineering

Question 40

Which of the following types of servers are dedicated to provide resources to hosts on the network? (Choose three)

Options:

A.

Web servers

B.

Monitoring servers

C.

Mail servers

D.

Default gateway servers

E.

Print servers

Question 41

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to query an image root device and RAM disk size. Which of the following Unix commands can you use to accomplish the task?

Options:

A.

rdev

B.

rdump

C.

setfdprm

D.

mount

Question 42

Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company. The Manager of the company requires Mark to use tables instead of frames in the Web site. What is the major advantage that a table-structured Web site has over a frame-structured Web site?

Options:

A.

Easy maintenance

B.

Speed

C.

Better navigation

D.

Capability of being bookmarked or added to the Favorites folder

Question 43

Which of the following are the limitations for the cross site request forgery (CSRF) attack?

Options:

A.

The attacker must determine the right values for all the form inputs.

B.

The attacker must target a site that doesn't check the referrer header.

C.

The target site should have limited lifetime authentication cookies.

D.

The target site should authenticate in GET and POST parameters, not only cookies.

Question 44

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the following is the required information that you will need to configure the client computer? (Choose two)

Options:

A.

SSID of the WLAN

B.

WEP key

C.

IP address of the router

D.

MAC address of the router

Question 45

Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?

Options:

A.

Change hub with switch.

B.

Deploying a powerful antenna.

C.

Disabling SSID broadcast.

D.

Implement WEP.

Question 46

In a network, a data packet is received by a router for transmitting it to another network. In order to make decisions on where the data packet should be forwarded, the router checks with its routing table. Which of the following lists does a router check in a routing table?

Options:

A.

Available networks

B.

Available packets

C.

Available protocols

D.

Available paths

Question 47

Which of the following statements about data integrity of a container are true? (Choose two)

Options:

A.

It ensures that a hacker cannot alter the contents of an HTTP message while it is in transit from a container to a client.

B.

Data integrity ensures that information is made available to users who are authorized to access it.

C.

Data integrity ensures that information has not been modified by a third party while it is in transit.

D.

It ensures that an eavesdropper cannot read an HTTP message being sent from a client to a container.

Question 48

Which of the following is an example of penetration testing?

Options:

A.

Configuring firewall to block unauthorized traffic

B.

Implementing HIDS on a computer

C.

Simulating an actual attack on a network

D.

Implementing NIDS on a network

Question 49

Which of the following are attributes of the

tag? (Choose three)

Options:

A.

BORDER

B.

ALIGN

C.

TD

D.

WIDTH

tag is used to set the width of a table. Width can be specified in pixels and percentage. For example, if a table of the same width as that of the parent object has to be created, the WIDTH attribute must be set to 100%. The ALIGN attribute aligns the table within the text flow. By default alignment is set to left. The BORDER attribute of the
tag is used to set the width of the table border. Answer: C is incorrect.
is not an attribute of the tag. It is a tag used to specify cells in a table.

Question 50

Which of the following is a prevention-driven activity to reduce errors in the project and to help the project meet its requirements?

Options:

A.

Audit sampling

B.

Asset management

C.

Access control

D.

Quality assurance

Question 51

You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes. Which of the following files store a copy of the data dictionary? (Choose two)

Options:

A.

Online redo log files

B.

Operating system flat file

C.

Dump file

D.

Control file

Question 52

You are the Network Administrator for a company. You have decided to conduct a user access and rights review. Which of the following would be checked during such a review? (Choose three)

Options:

A.

Access Control Lists

B.

Encryption Methods

C.

User Roles

D.

Firewalls

E.

Group Membership

Question 53

Which of the following does an anti-virus program update regularly from its manufacturer's Web site?

Options:

A.

Hotfixes

B.

Permissions

C.

Service packs

D.

Definition

Question 54

You work as a Network Administrator for Tech Perfect Inc. You need to configure the company firewall so that only Simple Network Management Protocol (SNMP) and Secure HTTP (HTTPS) traffic is allowed into the intranet of the company. No other traffic should be allowed into the intranet. Which of the following rule sets should you use on your firewall to accomplish the task? (Assume left to right equals top to bottom.)

Options:

A.

Output chain: allow port 443, allow 25, deny all

B.

Input chain: deny all, allow port 25, allow 443

C.

Input chain: allow port 25, allow 443, deny all

D.

Output chain: allow port 25, allow 443, deny all

Question 55

Which of the following are the drawbacks of the NTLM Web authentication scheme?

Options:

A.

The password is sent in hashed format to the Web server.

B.

It works only with Microsoft Internet Explorer.

C.

The password is sent in clear text format to the Web server.

D.

It can be brute forced easily.

Page: 1 / 14
Total 368 questions