New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version GCFW GIAC Exam

Page: 4 / 15
Total 391 questions

GIAC Certified Firewall Analyst Questions and Answers

Question 13

You work as a Security Administrator for Tech Perfect Inc. You have implemented and configured a web application security scanner in the company's network. It helps in the automated review of the web applications with the defined purpose of discovering security vulnerabilities. In order to perform this task, the web application security scanner examines a number of vulnerabilities.

What are these vulnerabilities?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Input/Output validation

B.

Server configuration mistakes/errors/version

C.

Specific application problems

D.

Denials of service against the TCP/IP stack

Question 14

Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

Options:

A.

Endian firewall

B.

Proxy-based firewall

C.

Stateful firewall

D.

Packet filter firewall

Question 15

Choose the best explanation for the resulting error when entering the command below.

Options:

A.

The command is attempting to create a standard access list with extended access list param eters.

B.

The ACL commands should be entered from the (config-router) configuration mode.

C.

The wildcard mask is not provided for the source and destination addresses.

D.

The port number given does not correspond with the proper transport protocol.

Question 16

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

Options:

A.

Fragmentation overwrite attack

B.

Evasion attack

C.

Insertion attack

D.

Fragmentation overlap attack

Page: 4 / 15
Total 391 questions