Download Full Version GCFW GIAC Exam

GIAC Certified Firewall Analyst Questions and Answers

Question 13

You work as a Security Administrator for Tech Perfect Inc. You have implemented and configured a web application security scanner in the company's network. It helps in the automated review of the web applications with the defined purpose of discovering security vulnerabilities. In order to perform this task, the web application security scanner examines a number of vulnerabilities.

What are these vulnerabilities?

Each correct answer represents a complete solution. Choose three.

Options:

Input/Output validation

Server configuration mistakes/errors/version

Specific application problems

Denials of service against the TCP/IP stack

Question 14

Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

Options:

Endian firewall

Proxy-based firewall

Stateful firewall

Packet filter firewall

Question 15

Choose the best explanation for the resulting error when entering the command below.

Options:

The command is attempting to create a standard access list with extended access list param eters.

The ACL commands should be entered from the (config-router) configuration mode.

The wildcard mask is not provided for the source and destination addresses.

The port number given does not correspond with the proper transport protocol.

Question 16

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

Options:

Fragmentation overwrite attack

Evasion attack

Insertion attack

Fragmentation overlap attack

Halloween Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

GIAC Certified Firewall Analyst Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: