All About Real GSEC Practice

NEW QUESTION 1
There is not universal agreement on the names of the layers in the TCP/IP networking model. Which of the following is one of the functions of the bottom layer which is sometimes called the Network Access or Link Layer?

• A. Provides end-to-end data delivery service for user applications
• B. Handles the routing of the data packets over the network
• C. Manages IP addressing and encryption for data packets
• D. Defines the procedures for interfacing with Ethernet devices

Answer: D

NEW QUESTION 2
Your CIO has found out that it is possible for an attacker to clone your company's RFID (Radio Frequency ID) based key cards. The CIO has tasked you with finding a way to ensure that anyone entering the building is an employee. Which of the following authentication types would be the appropriate solution to this problem?

• A. Mandatory Access Controls
• B. Bell-LaPadula
• C. Two-Factor
• D. TACACS

Answer: C

NEW QUESTION 3
Where is the source address located in an IPv4 header?

• A. At an offset of 20 bytes
• B. At an offset of 8 bytes
• C. At an offset of 16 bytes
• D. At an offset of 12 bytes

Answer: D

NEW QUESTION 4
You are implementing wireless access at a defense contractor. Specifications say, you must implement the AES Encryption algorithm. Which encryption standard should you choose?

• A. WPA
• B. TKIP
• C. WEP
• D. WPA 2

Answer: D

NEW QUESTION 5
Users at the Marketing department are receiving their new Windows XP Professional workstations. They will need to maintain local work files in the first logical volume, and will use a second volume for the information shared between the area group. Which is the best file system design for these workstations?

• A. Both volumes should be converted to NTFS at install tim
• B. First volume should be FAT32 and second volume should be NTF
• C. First volume should be EFS and second volume should be FAT32.
• D. Both volumes should be converted to FAT32 with NTFS DACL

Answer: A

NEW QUESTION 6
Against policy, employees have installed Peer-to-Peer applications on their workstations and they are using them over TCP port 80 to download files via the company network from other Peer-to-Peer users on the Internet. Which of the following describes this threat?

• A. Firewall subversion
• B. Backdoor installation
• C. Malicious software infection
• D. Phishing attempt

Answer: A

NEW QUESTION 7
Which of the following is TRUE regarding Ethernet?

• A. Stations are not required to monitor their transmission to check for collision
• B. Several stations are allowed to be transmitting at any given time within a single collision domai
• C. Ethernet is shared medi
• D. Stations are not required to listen before they transmi

Answer: C

NEW QUESTION 8
Which of the following statements about the integrity concept of information security management are true?
Each correct answer represents a complete solution. Choose three.

• A. It ensures that unauthorized modifications are not made to data by authorized personnel or processe
• B. It determines the actions and behaviors of a single individual within a system
• C. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situatio
• D. It ensures that modifications are not made to data by unauthorized personnel or processe

Answer: ACD

NEW QUESTION 9
In order to capture traffic for analysis, Network Intrusion Detection Systems (NIDS) operate with network cards in what mode?

• A. Discrete
• B. Reporting
• C. Promiscuous
• D. Alert

Answer: C

NEW QUESTION 10
A Host-based Intrusion Prevention System (HIPS) software vendor records how the Firefox Web browser interacts with the operating system and other applications, and identifies all areas of Firefox functionality. After collecting all the data about how Firefox should work, a database is created with this information, and it is fed into the HIPS software. The HIPS then monitors Firefox whenever it's in use. What feature of HIPS is being described in this scenario?

• A. Signature Matching
• B. Application Behavior Monitoring
• C. Host Based Sniffing
• D. Application Action Modeling

Answer: B

NEW QUESTION 11
Which of the following statements regarding the Secure Sockets Layer (SSL) security model are true?
Each correct answer represents a complete solution. Choose two.

• A. The client can optionally authenticate the serve
• B. The client always authenticates the serve
• C. The server always authenticates the clien
• D. The server can optionally authenticate the clien

Answer: BD

NEW QUESTION 12
A US case involving malicious code is brought to trial. An employee had opened a helpdesk ticket to report specific instances of strange behavior on her system. The IT helpdesk representative collected information by interviewing the user and escalated the ticket to the system administrators. As the user had regulated and sensitive data on her computer, the system administrators had the hard drive sent to the company's forensic consultant for analysis and configured a new hard drive for the user. Based on the recommendations from the forensic consultant and the company's legal department, the CEO decided to prosecute the author of the malicious code. During the court case, which of the following would be able to provide direct evidence?

• A. The IT helpdesk representative
• B. The company CEO
• C. The user of the infected system
• D. The system administrator who removed the hard drive

Answer: C

NEW QUESTION 13
Which of the following statements about Secure Sockets Layer (SSL) are true? Each correct answer represents a complete solution. Choose two.

• A. It provides communication privacy, authentication, and message integrit
• B. It provides mail transfer servic
• C. It uses a combination of public key and symmetric encryption for security of dat
• D. It provides connectivity between Web browser and Web serve

Answer: AC

NEW QUESTION 14
On which of the following OSI model layers does IPSec operate? A. Physical layer

• A. Network layer
• B. Data-link layer
• C. Session layer

Answer: B

NEW QUESTION 15
Which of the following protocols is used by a host that knows its own MAC (Media Access Control) address to query a server for its own IP address?

• A. RARP
• B. ARP
• C. DNS
• D. RDNS

Answer: A

NEW QUESTION 16
Which of the following fields CANNOT be hashed by Authentication Header (AH) in transport mode?

• A. Length
• B. Source IP
• C. TTL
• D. Destination IP

Answer: C

NEW QUESTION 17
You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You are configuring an application server. An application named Report, which is owned by the root user, is placed on the server. This application requires superuser permission to write to other files. All sales managers of the company will be using the application. Which of the following steps will you take in order to enable the sales managers to run and use the Report application?

• A. Change the Report application to a SUID comman
• B. Make the user accounts of all the sales managers the members of the root grou
• C. Provide password of root user to all the sales manager
• D. Ask each sales manager to run the application as the root use
• E. As the application is owned by the root, no changes are require

Answer: A

NEW QUESTION 18
When should you create the initial database for a Linux file integrity checker?

• A. Before a system is patched
• B. After a system has been compromised
• C. Before a system has been compromised
• D. During an attack

Answer: C

NEW QUESTION 19
An attacker gained physical access to an internal computer to access company proprietary
data. The facility is protected by a fingerprint biometric system that records both failed and successful entry attempts. No failures were logged during the time periods of the recent breach. The account used when the attacker entered the facility shortly before each incident belongs to an employee who was out of the area. With respect to the biometric entry system, which of the following actions will help mitigate unauthorized physical access to the facility?

• A. Try raising the Crossover Error Rate (CER)
• B. Try to lower the False Accept Rate (FAR)
• C. Try setting the Equal Error Rate (EER) to zero
• D. Try to set a lower False Reject Rate (FRR)

Answer: B

NEW QUESTION 20
......