New Release GCED Security Certification: GASF Questions

GIAC Certified Enterprise Defender Questions and Answers

Question 9

Network administrators are often hesitant to patch the operating systems on CISCO router and switch operating systems, due to the possibility of causing network instability, mainly because of which of the following?

Options:

Having to rebuild all ACLs

Having to replace the kernel

Having to re-IP the device

Having to rebuild ARP tables

Having to rebuild the routing tables

Question 10

Which of the following is an SNMPv3 security feature that was not provided by earlier versions of the protocol?

Options:

Authentication based on RSA key pairs

The ability to change default community strings

AES encryption for SNMP network traffic

The ability to send SNMP traffic over TCP ports

Question 11

If a Cisco router is configured with the “service config” configuration statement, which of the following tools could be used by an attacker to apply a new router configuration?

Options:

TFTPD

Hydra

Ettercap

Yersinia

Question 12

An analyst will capture traffic from an air-gapped network that does not use DNS. The analyst is looking for unencrypted Syslog data being transmitted. Which of the following is most efficient for this purpose?

Options:

tcpdump –s0 –i eth0 port 514

tcpdump –nnvvX –i eth0 port 6514

tcpdump –nX –i eth0 port 514

tcpdump –vv –i eth0 port 6514

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

New Release GCED Security Certification: GASF Questions

GIAC Certified Enterprise Defender Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

CompTIA

Fortinet

Microsoft

Salesforce