It is more faster and easier to pass the GIAC GISF exam by using Realistic GIAC GIAC Information Security Fundamentals questuins and answers. Immediate access to the Avant-garde GISF Exam and find the same core area GISF questions with professionally verified answers, then PASS your exam with a high score now.
GIAC GISF Free Dumps Questions Online, Read and Test Now.
NEW QUESTION 1
The new security policy requires you to encrypt all data transmitted from the laptop computers of sales personnel to the distribution centers. How will you implement the security requirements?
(Click the Exhibit button on the toolbar to see the case study.)
- A. Use 40-bit encryption for Routing and Remote Access Service(RRAS) Serve
- B. Use PPTP without packet filtering for VPN.
- C. Use 128-bit encryption for Routing and Remote Access Service(RRAS) Serve
- D. Use PPTP without packet filtering for VPN.
- E. Use 128-bit encryption for Routing and Remote Access Service(RRAS) Serve
- F. Use PPTP with packet filtering for VPN.
- G. Use 40-bit encryption for the Routing and Remote Access Service(RRAS) Serve
- H. Use PPTP with packet filtering for VPN.
Answer: C
NEW QUESTION 2
Which of the following statements about Secure Shell (SSH) are true? Each correct answer represents a complete solution. Choose three.
- A. It was designed as a replacement for TELNET and other insecure shells.
- B. It is a network protocol used primarily on Linux and Unix based systems.
- C. It allows data to be exchanged using a secure channel between two networked devices.
- D. It is the core routing protocol of the Internet.
Answer: ABC
NEW QUESTION 3
You are the program manager of the BHG Program. One of the projects in your program will be using new materials that are somewhat untested. You are worried that there may be delays and waste because the project team is unaware of how to accurately use these materials. You elect to send the people that will be using the new materials through training on how to complete their project work. You also allow them to purchase some of the materials to experiment on their use before the actual project work is to be done. You want to ensure that mistakes do not enter into the project. What type of action have you provided in this scenario?
- A. This is an example of team development.
- B. This is an example of a corrective action.
- C. This is an example of quality assurance.
- D. This is an example of a preventive action.
Answer: D
NEW QUESTION 4
The Project Risk Management knowledge area focuses on which of the following processes?
Each correct answer represents a complete solution. Choose all that apply.
- A. Risk Management Planning
- B. Quantitative Risk Analysis
- C. Potential Risk Monitoring
- D. Risk Monitoring and Control
Answer: ABD
NEW QUESTION 5
Which of the following IDS/IPS detection methods do the URLs use to detect and prevent an attack?
- A. Encryption-based detection
- B. Policy-based detection
- C. Signature-based detection
- D. Internet bot detection
Answer: C
NEW QUESTION 6
You work as a Software Developer for uCertify Inc. The company has several branches worldwide. The company uses Visual Studio.NET 2005 as its application development platform. You have recently finished the development of an application using .NET Framework 2.0. The application can be used only for cryptography. Therefore, you have implemented the application on a computer. What will you call the computer that implemented cryptography?
- A. Cryptographer
- B. Cryptographic toolkit
- C. Cryptosystem
- D. Cryptanalyst
Answer: C
NEW QUESTION 7
Which of the following is an organization that defines standards for anti-virus software?
- A. ICSA
- B. IETF
- C. IIS
- D. IEEE
Answer: A
NEW QUESTION 8
The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?
- A. Organizing a solution to remove an incident
- B. Building up an incident response kit
- C. Working with QA to validate security of the enterprise
- D. Setting up the initial position after an incident
Answer: B
NEW QUESTION 9
Which of the following is a pillar of Information Assurance CIA triad?
- A. Integrity
- B. Affiliation
- C. Accessibility
- D. Isolation
Answer: A
NEW QUESTION 10
Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration.
The tool uses raw IP packets to determine the following:
What ports are open on our network systems. What hosts are available on the network. Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering. What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use. Which of the following tools is Victor using?
- A. Nessus
- B. Kismet
- C. Nmap
- D. Sniffer
Answer: C
NEW QUESTION 11
You work as a security manager for Qualxiss Inc. Your Company involves OODA loop for resolving and deciding over company issues. You have detected a security breach issue in your company.
Which of the following procedures regarding the breach is involved in the observe phase of the OODA loop?
- A. Follow the company security guidelines.
- B. Decide an activity based on a hypothesis.
- C. Implement an action practically as policies.
- D. Consider previous experiences of security breaches.
Answer: A
NEW QUESTION 12
Which of the following refers to encrypted text?
- A. Plaintext
- B. Cookies
- C. Ciphertext
- D. Hypertext
Answer: C
NEW QUESTION 13
Which of the following is a technique of attacks in which the attacker secretly listens to the private conversation between victims?
- A. Eavesdropping
- B. Intrusion
- C. Dialler attack
- D. Denial of service
Answer: A
NEW QUESTION 14
Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions, which is available to the Internet. Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.
- A. Attacker can exploit any protocol used to go into the internal network or intranet of the com pany.
- B. Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.
- C. Attacker can gain access to the Web server in a DMZ and exploit the database.
- D. Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.
Answer: ACD
NEW QUESTION 15
You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of _____.
- A. Bribery
- B. Irresponsible practice
- C. Illegal practice
- D. Conflict of interest
Answer: D
NEW QUESTION 16
......
Recommend!! Get the Full GISF dumps in VCE and PDF From Dumps-files.com, Welcome to Download: https://www.dumps-files.com/files/GISF/ (New 333 Q&As Version)