Proper study guides for Abreast of the times GIAC GIAC Systems and Network Auditor certified begins with GIAC GSNA preparation products which designed to deliver the Actual GSNA questions by making you pass the GSNA test at your first time. Try the free GSNA demo right now.

Also have GSNA free dumps questions for you:

NEW QUESTION 1

You work as a Software Developer for UcTech Inc. You want to encode a URL, so that it can be used with the sendRedirect() method to send the response to the client. In order to accomplish this, you have to use a method of the HttpServletResponse interface. Which of the following methods will you use?

  • A. encodeResponseURL()
  • B. encodeRedirectURL()
  • C. encodeURL()
  • D. encodeURLResponse()

Answer: B

Explanation:

The encodeRedirectURL() method of the HttpServletResponse interface, returns a URL by including a session ID in it for use in the sendRedirect() method. If the encoding is not required, the URL is returned unchanged. If browser supports cookies, the encodeRedirectURL() method returns the input URL unchanged, since the session ID will be persisted as a cookie. This method is different from the encodeURL as this method redirects the request to a different URL in the same session. The syntax of the encodeRedirectURL() method is as follows: public String encodeRedirectURL(String urlstring) Here, urlstring is the URL to be encoded. Answer C is incorrect. The encodeURL() method of the HttpServletResponse interface returns a URL by including the session ID in it. If the encoding is not required, the URL is returned unchanged. If cookies are supported by the browser, the encodeURL() method returns the input URL unchanged since the session ID will be persisted as a cookie. The syntax of the encodeURL() method is as follows: public String encodeURL(String urlstring) Here, urlstring is the URL to be encoded.

NEW QUESTION 2

Samantha works as a Web Developer for XYZ CORP. She develops a Web application using Visual InterDev. She wants to group a series of HTML elements together so that an action can be performed collectively on them. Which of the following tags will Samantha use to accomplish this?

  • A. DIV
  • B. GROUP
  • C. BODY
  • D. SPAN

Answer: A

Explanation:

DIV is an HTML tag that groups a series of elements into a larger group. It can be used when an action needs to be performed collectively on the grouped elements. The DIV tag acts as a container for other elements. Answer D is incorrect. The SPAN tag is used within an element to group a part of it. For example, this tag can be used to group a few sentences from within a paragraph, so that a particular action can be performed only on them. Answer C is incorrect. The BODY tag is used to specify the beginning and end of
the document body. Answer B is incorrect. There is no tag such as GROUP in HTML.

NEW QUESTION 3

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the hard disk geometry parameters, cylinders, heads, and sectors. Which of the following Unix commands can you use to accomplish the task?

  • A. mke2fs
  • B. mkswap
  • C. mkfs
  • D. hdparm

Answer: D

Explanation:

In Unix, the hdparm command is used to get or set hard disk geometry parameters, cylinders, heads, and sectors. Answer C is incorrect. In Unix, the mkfs command initializes a Unix filesystem. This is a front end that runs a separate program depending on the filesystem's type. Answer A is incorrect. In Unix, the mke2fs command creates a Unix second extended filesystem. Answer B is incorrect. In Unix, the mkswap command sets up a Unix swap area on a device or file.

NEW QUESTION 4

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to use multiple security countermeasures to protect the integrity of the information assets of the company. To accomplish the task, you need to create a complex and multi-layered defense system. Which of the following components can be used as a layer that constitutes 'Defense in depth'? (Choose three)

  • A. Backdoor
  • B. Firewall
  • C. Antivirus software
  • D. Intrusion detection

Answer: BCD

Explanation:
The components of Defense in depth include antivirus software, firewalls, anti-spyware programs, hierarchical passwords, intrusion detection, and biometric verification. In addition to electronic countermeasures, physical protection of business sites along with comprehensive and ongoing personnel training enhances the security of vital data against compromise, theft, or destruction. Answer A is incorrect. A backdoor is any program that allows a hacker to connect to a computer without going through the normal authentication process. The main advantage of this type of attack is that the network traffic moves from inside a network to the hacker's computer. The traffic moving from inside a network to the outside world is typically the least restrictive, as companies are more concerned about what comes into a network, rather than what leaves it. It, therefore, becomes hard to detect backdoors.

NEW QUESTION 5

Which of the following methods can be helpful to eliminate social engineering threat? (Choose three)

  • A. Data encryption
  • B. Data classification
  • C. Password policies
  • D. Vulnerability assessments

Answer: BCD

Explanation:

The following methods can be helpful to eliminate social engineering threat: Password policies Vulnerability assessments Data classification Password policy should specify that how the password can be shared. Company should implement periodic penetration and vulnerability assessments. These assessments usually consist of using known hacker tools and common hacker techniques to breach a network security. Social engineering should also be used for an accurate assessment. Since social engineers use the knowledge of others to attain information, it is essential to have a data classification model in place that all employees know and follow. Data classification assigns level of sensitivity of company information. Each classification level specifies that who can view and edit data, and how it can be shared.

NEW QUESTION 6

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection? (Choose two)

  • A. Hardening the server OS
  • B. Using either WEP or WPA encryption
  • C. MAC filtering on the router
  • D. Strong password policies on workstations.
  • E. Not broadcasting SSID

Answer: AD

Explanation:

Both hardening the server OS and using strong password policies on workstations are good ideas, but neither has anything to do with securing your wireless connection. Answer B is incorrect. Using WEP or WPA is one of the most basic security steps in securing your wireless.

NEW QUESTION 7

Which of the following processes is described in the statement below? "This is the process of numerically analyzing the effect of identified risks on overall project objectives."

  • A. Perform Quantitative Risk Analysis
  • B. Monitor and Control Risks
  • C. Perform Qualitative Risk Analysis
  • D. Identify Risks

Answer: A

Explanation:

Perform Quantitative Risk Analysis is the process of numerically analyzing the effect of identified risks on overall project objectives. This process generally follows the Perform Qualitative Risk Analysis process. It is performed on risks that have been prioritized by the Perform Qualitative Risk Analysis process as potentially and substantially impacting the project's competing demands. The Perform Quantitative Risk Analysis should be repeated after Plan Risk Responses, as well as part of Monitor and Control Risks, to determine if the overall project risk has been decreased. Answer C is incorrect. This is the process of prioritizing risks for further analysis or action by accessing and combining their probability of occurrence and impact. Answer D is incorrect. This is the process of determiningbb which risks may affect the project and documenting their characteristics. Answer B is incorrect. This is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness through the project.

NEW QUESTION 8

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to configure the ACL with a Cisco router. Which of the following router prompts can you use to accomplish the task?

  • A. router(config-if)#
  • B. router(config)#
  • C. router(config-ext-nacl)#
  • D. router#

Answer: C

Explanation:

The auditor of a Cisco router should be familiar with the variety of privilege modes. The current privilege mode can be quickly identified by looking at the current router prompt. The prime modes of a Cisco router are as follows: #Nonprivileged mode: router>
#Priviledged mode: router# #Global configuration mode: router(config)# #Interface configuration mode: router(config-if)# #ACL configuration mode: router(config-ext-nacl)#
#Boot loader mode: router(boot) #Remote connectivity config mode: router(config-line)#

NEW QUESTION 9

You work as a Network Administrator for XYZ CORP. The company has a small TCP/IP- based network environment. The network contains a Cisco Catalyst 6000 family switch. A few sales people come to your outer office and use your local network to access the Internet, as well as to demonstrate their products. What will you do to prevent your network from being accessed by any outside computers?

  • A. Configure port security.
  • B. Configure a firewall for IP blocking on the network.
  • C. Configure a firewall for MAC address blocking on the network.
  • D. Configure a port scanner.

Answer: A

Explanation:
According to the question, you are required to prevent outside computers from accessing your network. You should therefore configure the switch's port access based on the MAC address, which can be done by configuring port security. Port security is a feature of Cisco Catalyst series switches. Port security is used to block input based on the media access control (MAC) address to an Ethernet, Fast Ethernet, or Gigabit Ethernet port. It denies the port access to a workstation when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Internet or other outside networks. Answer D is incorrect. A port scanner is a software tool that is designed to search a network host for open ports. This tool is often used by administrators to check the security of their networks. It is also used by hackers to compromise the network and systems.

NEW QUESTION 10

The routing algorithm uses certain variables to create a metric of a path. It is the metric that actually determines the routing path. In a metric, which of the following variables is used to define the 'largest size' of a message that can be routed?

  • A. Load
  • B. MTU
  • C. Hop count
  • D. Bandwidth

Answer: B

Explanation:

The routing algorithm uses certain variables to create a metric of a path. It is the metric that is actually used for path determination. Variables that are used to create a metric of a path are as follows: Hop count: It is the total number of routers that a data packet goes through to reach its destination. Cost: It is determined by the administrator or calculated by the router. Bandwidth: It is defined as the bandwidth that the link provides. Maximum transmission unit (MTU): It is the largest message size that a link can route. Load: It states the amount of work the CPU has to perform and the number of packets the CPU needs to analyze and make calculations on.

NEW QUESTION 11

The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAP-TLS?

  • A. It uses password hash for client authentication.
  • B. It uses a public key certificate for server authentication.
  • C. It is supported by all manufacturers of wireless LAN hardware and software.
  • D. It provides a moderate level of security.

Answer: BC

Explanation:

EAP-TLS can use only a public key certificate as the authentication technique. It is supported by all manufacturers of wireless LAN hardware and software. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP- TLS its authentication strength and illustrates the classic convenience vs. security trade-off. Answer D is incorrect. EAP-TLS provides the highest level of security. Answer A is incorrect. EAP-TLS uses a public key certificate for server authentication.

NEW QUESTION 12

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to run a command that forces all the unwritten blocks in the buffer cache to be written to the disk. Which of the following Unix commands can you use to accomplish the task?

  • A. swapon
  • B. tune2fs
  • C. swapoff
  • D. sync

Answer: D

Explanation:

The sync command is used to flush filesystem buffers. It ensures that all disk writes have been completed before the processor is halted or rebooted. Generally, it is preferable to use reboot or halt to shut down a system, as they may perform additional actions such as resynchronizing the hardware clock and flushing internal caches before performing a final sync. Answer B is incorrect. In Unix, the tune2fs command is used to adjust tunable filesystem parameters on the second extended filesystems. Answer A is incorrect. In Unix, the swapon command is used to activate a swap partition. Answer C is incorrect. In Unix, the swapoff command is used to de-activate a swap partition.

NEW QUESTION 13

Zorp is a proxy firewall suite developed by Balabit IT Security. Which of the following statements are true about Zorp?

  • A. It allows the administrators to fine-tune proxy decisions.
  • B. Zorp aims for compliance with the Common Criteria/Application Level Firewall Protection Profile for Medium Robustness.
  • C. It allows full analysis of embedded protocols.
  • D. The GPL version of Zorp lacks much of the usability and functions from the other versions.

Answer: ABC

Explanation:

Zorp is a proxy firewall suite developed by Balabit IT Security. Its core framework allows the administrator to fine-tune proxy decisions (with its built-in script language), and fully analyze embedded protocols (such as SSL with an embedded POP3 or HTTP protocol). The FTP, HTTP, FINGER, WHOIS, TELNET, and SSL protocols are fully supported with an application-level gateway. Zorp aims for compliance with the Common Criteria/Application Level Firewall Protection Profile for Medium Robustness. Zorp is released under GNU/GPL and commercial license too. The GPL version is completely usable and functional; however, it lacks some of the more advanced functions available in the commercially available version only. Some of the Zorp supported protocols are Finger, Ftp, Http, Pop3, NNTP, IMAP4, RDP, RPC, SIP, SSL, SSH, Telnet, Whois, LDAP, RADIUS, TFtp, SQLNet NET8, Rsh, etc. Answer D is incorrect. The GPL version of Zorp is completely usable and functional; however, it lacks some of the more advanced functions available in the commercially available version only.

NEW QUESTION 14

You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You have mplemented four VPN connections in the network. You use the Cisco IOS on the network. Which feature will you enable to maintain a separate routing and forwarding table for each VPN?

  • A. Intrusion Prevention System
  • B. VRF-aware firewall
  • C. Virtual Private Network
  • D. Stateful firewall

Answer: B

Explanation:

In this scenario, the company's network has a vast majority of Cisco Systems routers and Cisco network switches. The security administrator of the company has implemented four VPN connections in the network and uses the Cisco IOS on the network. He needs to maintain a separate routing and forwarding table for each VPN in order to provide more secure communication. To accomplish this task, he should enable the VRF- aware firewall feature on the Cisco IOS routers.

NEW QUESTION 15

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to identify the secure terminals from where the root can be allowed to log in. Which of the following Unix configuration files can you use to accomplish the task?

  • A. /etc/services
  • B. /etc/ioports
  • C. /proc/interrupts
  • D. /etc/securetty

Answer: D

Explanation:

In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be allowed to log in. Answer B is incorrect. In Unix, the /etc/ioports file shows which I/O ports are in use at the moment. Answer A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services that the system supports. Answer C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in use and how many of each there has been.

NEW QUESTION 16

Which of the following tags will create two vertical frames, as given in the image below, where the left frame is half as wide as the right one?
GSNA dumps exhibit

  • A. <FRAMESET ROWS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
  • B. <FRAMESET ROWS = "1, 2"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
  • C. <FRAMESET COLS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
  • D. <FRAMESET ROWS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
  • E. <FRAMESET COLS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>

Answer: E

Explanation:
<FRAMESET> tag specifies a frameset used to organize multiple frames and nested framesets in an HTML document. It defines the location, size, and orientation of frames. An HTML document can either contain a
<FRAMESET> tag or a <BODY> tag. The COLS attribute of the
<FRAMESET> tag defines the width of the vertical frames. The ROWS attribute defines the height of the horizontal frames. The code in answer option E will create two identical frames. The left frame will be half as wide as the right frame because of the relative size attributes given in the <FRAMESET> tag, i.e.,
<FRAMESET COLS = "*, 2*">.

NEW QUESTION 17

Which of the following responsibilities does not come under the audit process?

  • A. Reporting all facts and circumstances of the irregular and illegal acts.
  • B. Planning the IT audit engagement based on the assessed level of risk.
  • C. Reviewing the results of the audit procedures.
  • D. Applying security policies.

Answer: ABC

Explanation:

According to the standards of ISACA, an auditor should hold the following responsibilities: Planning the IT audit engagement based on an assessed level of risk. Designing audit procedures of irregular and illegal acts. Reviewing the results of the audit procedures. Assuming that acts are not isolated. Determining why the internal control system failed for that act. Conducting additional audit procedures. Evaluating the results of the expanded audit procedures. Reporting all facts and circumstances of the irregular and illegal acts. Distributing the report to the appropriate internal parties, such as managers. Answer D is incorrect. The auditor is not responsible for applying security policies.

NEW QUESTION 18

Which of the following statements about URL rewriting are true?

  • A. If cookies are supported by the browser, URL rewriting will return the URL unchanged.
  • B. The request.encodeRedirectURL() method is used to add a session id info to the URL and send the request to another URL.
  • C. The request.encodeURL() method is used to add a session id info to the URL.
  • D. URL rewriting is used in cases where cookies are not supported by the browser.

Answer: AD

Explanation:

By default, session tracking uses cookies to associate a session identifier with a unique user. URL rewriting is used in cases where cookies are not supported by the browser.

NEW QUESTION 19

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the following is the required information that you will need to configure the client computer? (Choose two)

  • A. SSID of the WLAN
  • B. WEP key
  • C. IP address of the router
  • D. MAC address of the router

Answer: AB

Explanation:

In order to connect a client computer to a secured Wireless LAN (WLAN), you are required to provide the following information: SSID of the WLAN WEP key rticlesItemsReportsHelp

NEW QUESTION 20
......

Thanks for reading the newest GSNA exam dumps! We recommend you to try the PREMIUM Dumps-hub.com GSNA dumps in VCE and PDF here: https://www.dumps-hub.com/GSNA-dumps.html (368 Q&As Dumps)