The Secret Of GIAC GISF Preparation Exams

NEW QUESTION 1

Each time you start your computer, you receive an error message that your TCP/IP address is in use. Which of the following attacks is this?

• A. Worm attack
• B. ICMP attack
• C. Back door attack
• D. TCP/IP hijacking
• E. TCP Sequence Number attack
• F. TCP SYN or TCP ACK flood attack

Answer: D

NEW QUESTION 2

You are the Network Administrator for a software development company. Your company creates various utilities and tools. You have noticed that some of the files your company creates are getting deleted from systems. When one is deleted, it seems to be deleted from all the computers on your network. Where would you first look to try and diagnose this problem?

• A. Antivirus log
• B. System log
• C. IDS log
• D. Firewall log

Answer: A

NEW QUESTION 3

The Information assurance pillars provide the surety of data availability to the users of an Information system. Which of the following network infrastructure techniques accomplishes the objective of an efficient data availability management on a network?
Each correct answer represents a complete solution. Choose all that apply.

• A. SAN
• B. EFS
• C. NAS
• D. RAID

Answer: ACD

NEW QUESTION 4

This type of virus infects programs that can execute and load into memory to perform predefined steps for infecting systems. It infects files with the extensions .EXE, .COM, .BIN, and .SYS. As it can replicate or destroy these types of files, the operating system becomes corrupted and needs reinstallation. This type of virus is known as .

• A. Multipartite virus
• B. Boot sector virus
• C. File virus
• D. Stealth virus
• E. Polymorphic virus

Answer: C

NEW QUESTION 5

Which of the following are used as primary technologies to create a layered defense for giving protection to a network?
Each correct answer represents a complete solution. Choose all that apply.

• A. Vulnerability
• B. Firewall
• C. Endpoint authentication
• D. IDS

Answer: BCD

NEW QUESTION 6

The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for uCertify Software Systems Pvt. Ltd.?
(Click the Exhibit button on the toolbar to see the case study.)

• A. Providing secure communications between Washington and the headquarters office.
• B. Implementing Certificate services on Texas office.
• C. Preventing denial-of-service attacks.
• D. Ensuring secure authentication.
• E. Preventing unauthorized network access.
• F. Providing two-factor authentication.
• G. Protecting employee data on portable computers.
• H. Providing secure communications between the overseas office and the headquarters.

Answer: DEGH

NEW QUESTION 7

Which of the following processes is described in the statement below?
"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

• A. Perform Quantitative Risk Analysis
• B. Perform Qualitative Risk Analysis
• C. Monitor and Control Risks
• D. Identify Risks

Answer: C

NEW QUESTION 8

You are the project manager for BlueWell Inc. You are reviewing the risk register for your project. The risk register provides much information to you, the project manager and to the project team during the risk response planning. All of the following are included in the risk register except for which item?

• A. Trends in qualitative risk analysis results
• B. Symptoms and warning signs of risks
• C. List of potential risk responses
• D. Network diagram analysis of critical path activities

Answer: D

NEW QUESTION 9

You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

• A. Set long session timeouts.
• B. Open up all the unused management ports.
• C. Set similar passwords for each management port.
• D. Ignore usage of the default account settings.

Answer: D

NEW QUESTION 10

What is a variant with regard to Configuration Management?

• A. A CI that has the same name as another CI but shares no relationship.
• B. A CI that has the same essential functionality as another CI but a bit different in some small manner.
• C. A CI that particularly refers to a hardware specification.
• D. A CI that particularly refers to a software version.

Answer: B

NEW QUESTION 11

Which of the following tools can be used for stress testing of a Web server? Each correct answer represents a complete solution. Choose two.

• A. Internet bots
• B. Spyware
• C. Scripts
• D. Anti-virus software

Answer: AC

NEW QUESTION 12

Which of the following is used to determine whether or not a principal is allowed to perform a requested action?

• A. Authentication
• B. Security policy
• C. Authorization
• D. Principal

Answer: C

NEW QUESTION 13

Which of the following network connectivity devices translates one protocol into another and is used to connect dissimilar network technologies?

• A. Hub
• B. Firewall
• C. Bridge
• D. Gateway

Answer: D

NEW QUESTION 14
CORRECT TEXT
Fill in the blank with the appropriate value. SHA-1 produces a _____ -bit message digest.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 15

Which U.S. government agency is responsible for establishing standards concerning cryptography for nonmilitary use?

• A. American Bankers Association
• B. Central Security Service (CSS)
• C. National Institute of Standards and Technology (NIST)
• D. International Telecommunications Union
• E. Request for Comments (RFC)
• F. National Security Agency (NSA)

Answer: C

NEW QUESTION 16
......