Pass4sure offers free demo for GISF exam. "GIAC Information Security Fundamentals", also known as GISF exam, is a GIAC Certification. This set of posts, Passing the GIAC GISF exam, will help you answer those questions. The GISF Questions & Answers covers all the knowledge points of the real exam. 100% real GIAC GISF exams and revised by experts!

Check GISF free dumps before getting the full version:

NEW QUESTION 1

Which of the following are the differences between routed protocols and routing protocols?
Each correct answer represents a complete solution. Choose two.

  • A. A routing protocol is configured on an interface and decides the method of packet delivery.
  • B. A routing protocol decides the path for a packet through the network.
  • C. A routed protocol is configured on an interface and decides how a packet will be delivered.
  • D. A routed protocol works on the transport layer of the OSI model.

Answer: BC

NEW QUESTION 2

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

  • A. Electronic Communications Privacy Act of 1986
  • B. Economic Espionage Act of 1996
  • C. Computer Fraud and Abuse Act
  • D. Wiretap Act

Answer: A

NEW QUESTION 3

The workstations on your network utilize Windows XP (service pack 2 or later). Many users
take their laptops on the road. You are very concerned about the security and want to have a robust firewall solution for mobile users. You have decided that all your firewalls to use the Stateful Packet Inspection (SPI) method. What must you do to provide SPI to your mobile users?

  • A. You must purchase a third party firewall solution for your mobile users.
  • B. Do nothin
  • C. Windows XP service pack 2 has a firewall turned on by default.
  • D. Download the SPI template from Microsoft.
  • E. Configure the Windows XP firewall to use SPI.

Answer: A

NEW QUESTION 4

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

  • A. F936.28A1.5BCD.DEFA
  • B. A3-07-B9-E3-BC-F9
  • C. 1011-0011-1010-1110-1100-0001
  • D. 132.298.1.23

Answer: B

NEW QUESTION 5

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

  • A. Configuration Status Accounting
  • B. Configuration Item Costing
  • C. Configuration Identification
  • D. Configuration Verification and Auditing

Answer: B

NEW QUESTION 6

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

  • A. Authentication
  • B. Confidentiality
  • C. Integrity
  • D. Non-repudiation

Answer: B

NEW QUESTION 7

Which of the following types of attack can guess a hashed password?

  • A. Teardrop attack
  • B. Evasion attack
  • C. Denial of Service attack
  • D. Brute force attack

Answer: D

NEW QUESTION 8

Which of the following statements about Encapsulating Security Payload (ESP) are true? Each correct answer represents a complete solution. Choose two.

  • A. It can also be nested with the Layer Two Tunneling Protocol (L2TP).
  • B. It is an IPSec protocol.
  • C. It is a text-based communication protocol.
  • D. It uses TCP port 22 as the default port and operates at the application layer.

Answer: AB

NEW QUESTION 9

How should you configure USSOWA1 and USSTIME1 to allow secure access for remote employees?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose three.

  • A. Place USSTIME1 on the internal network
  • B. Place USSOWA1 on the internal network
  • C. Enable all connections from external network
  • D. Place USSTIME1 in a DMZ
  • E. Place USSOWA1 in a DMZ
  • F. Allow only TCP port 443 connections from the external network
  • G. Allow only TCP port 80 connections from the external network

Answer: DEF

NEW QUESTION 10

You and your project team have identified the project risks and now are analyzing the probability and impact of the risks. What type of analysis of the risks provides a quick and high-level review of each identified risk event?

  • A. A risk probability-impact matrix
  • B. Quantitative risk analysis
  • C. Qualitative risk analysis
  • D. Seven risk responses

Answer: C

NEW QUESTION 11

Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three.

  • A. 18 U.S.
  • B. 1029
  • C. 18 U.S.
  • D. 1028
  • E. 18 U.S.
  • F. 1030
  • G. 18 U.S.
  • H. 2510

Answer: ACD

NEW QUESTION 12

Which of the following factors determine the strength of the encryption?

  • A. Character-set encoding
  • B. Length of the key
  • C. Operating system
  • D. Ease of use

Answer: B

NEW QUESTION 13

Which of the following statements about asymmetric encryption are true? Each correct answer represents a complete solution. Choose two.

  • A. Asymmetric encryption is faster as compared to symmetric encryption.
  • B. Asymmetric encryption uses a public key and a private key pair for data encryption.
  • C. In asymmetric encryption, only one key is needed to encrypt and decrypt data.
  • D. In asymmetric encryption, the public key is distributed and the private key is available only to the recipient of the message.

Answer: BD

NEW QUESTION 14

You want to install a server that can be accessed by external users. You also want to ensure that these users cannot access the rest of the network. Where will you place the server?

  • A. Intranet
  • B. Local Area Network
  • C. Internet
  • D. Demilitarized Zone
  • E. Extranet
  • F. Wide Area Network

Answer: D

NEW QUESTION 15

John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Samhain
  • B. SARA
  • C. Snort
  • D. Tripwire

Answer: AC

NEW QUESTION 16
......

P.S. Thedumpscentre.com now are offering 100% pass ensure GISF dumps! All GISF exam questions have been updated with correct answers: https://www.thedumpscentre.com/GISF-dumps/ (333 New Questions)