It is impossible to pass GIAC GSNA exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed GIAC GSNA practice questions. You will get a surprising result by our Replace GIAC Systems and Network Auditor practice guides.

Free GSNA Demo Online For GIAC Certifitcation:

NEW QUESTION 1

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set some terminal characteristics and environment variables. Which of the following Unix configuration files can you use to accomplish the task?

  • A. /etc/sysconfig/routed
  • B. /proc/net
  • C. /etc/sysconfig/network-scripts/ifcfg-interface
  • D. /etc/sysconfig/init

Answer: D

Explanation:

In Unix, the /etc/sysconfig/init file is used to set terminal characteristics and environment variables. Answer B is incorrect. In Unix, the /proc/net file contains status information about the network protocols. Answer C is incorrect. In Unix, the /etc/sysconfig/network-scripts/ifcfg-interface file is the configuration file used to define a network interface. Answer A is incorrect. In Unix, the /etc/sysconfig/routed file is used to set up the dynamic routing policies.

NEW QUESTION 2

What will happen if you write the following parameters in the web.xml file?
<session-config>
<session-timeout>0</session-timeout>
</session-config>

  • A. There will be no effect on the session; it will last for its default time.
  • B. The session will never expire.
  • C. An error will occur during execution.
  • D. The session will expire immediately.

Answer: B

Explanation:

The <session-timeout> element of the deployment descriptor sets the session timeout. If the time specified for timeout is zero or negative, the session will never timeout.

NEW QUESTION 3

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the list of the filesystems mounted automatically at startup by the mount -a command in the /etc/rc startup file. Which of the following Unix configuration files can you use to accomplish the task?

  • A. /etc/named.conf
  • B. /etc/groups
  • C. /etc/mtab
  • D. /etc/fstab

Answer: D

Explanation:

In Unix, the /etc/fstab file is used by system administrators to list the filesystems that are mounted automatically at startup by the mount –a command (in /etc/rc or its equivalent startup file). Answer C is incorrect. In Unix, the /etc/mtab file contains a list of the currently mounted file systems. This is set up by the boot scripts and updated by the mount command. Answer A is incorrect. In Unix, the /etc/named.conf file is used for domain name servers. Answer B is incorrect. In Unix, the /etc/groups file contains passwords to let a user join a group.

NEW QUESTION 4

What will be the output of the following command? echo $(date %M) > date.txt

  • A. The current time (Month) will be written in the date.txt file.
  • B. It will create a variable $(date %M).
  • C. It will print a string "date %M".
  • D. The current time (Minutes) will be written in the date.txt file.

Answer: D

Explanation:

The date command with the %M specifier prints the current time (Minutes). Since the output is redirected towards the date.txt file, the current time (Minutes) will be printed in the date.txt file.

NEW QUESTION 5

Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs? (Choose two)

  • A. Using personal firewall software on your Laptop.
  • B. Using a protocol analyzer on your Laptop to monitor for risks.
  • C. Using portscanner like nmap in your network.
  • D. Using an IPSec enabled VPN for remote connectivity.

Answer: AD

Explanation:

According to the scenario, you want to implement a security policy to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs. For this, you will use the following two options:
* 1. Using IPSec enabled VPN for remote connectivity: Internet Protocol Security (IPSec) is a
standard-based protocol that provides the highest level of VPN security. IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password.
* 2. Using personal firewall software on your Laptop: You can also create a firewall rule to block malicious packets so that you can secure your network. Answer C is incorrect. Portscanner is used for scanning port and tells which ports are open. However, this tool is very much useful in information gathering step of the attacking process, it cannot be used to protect a WLAN network. Answer B is incorrect. You cannot use the packet analyzer to protect your network. Packet analyzer is used to analyze data packets flowing in the network.

NEW QUESTION 6

A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name. Which of the following are true about the naming conventions of Cisco Router interfaces?

  • A. An interface connected to a serial connection always starts with an S.
  • B. An interface connected to a Token Ring segment always starts with To.
  • C. An Ethernet interface that is fast always starts with an F.
  • D. An interface connected to an Ethernet segment of the network always starts with an En.

Answer: ABC

Explanation:

A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name. Following are some of the naming conventions of Cisco Router interfaces: An Ethernet interface that is fast always starts with an F. An interface connected to a serial connection always starts with an S. An interface connected to an Ethernet segment of the network always starts with an E. An interface connected to a Token Ring segment always starts with To.

NEW QUESTION 7

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

  • A. Tiny
  • B. NetBus
  • C. Trojan Man
  • D. EliteWrap

Answer: C

Explanation:

The Trojan Man is a Trojan wrapper that not only combines two programs, but also encrypts the resulting package in an attempt to foil antivirus programs.

NEW QUESTION 8

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to identify the list of users with special privileges along with the commands that they can execute. Which of the following Unix configuration files can you use to accomplish the task?

  • A. /proc/meminfo
  • B. /etc/sysconfig/amd
  • C. /proc/modules
  • D. /etc/sudoers

Answer: D

Explanation:

In Unix, the /etc/sudoers file contains a list of users with special privileges along with the commands that they can execute. Answer A is incorrect. In Unix, the /proc/meminfo file shows information about the memory usage, both physical and swap. Answer B is incorrect. In Unix, the /etc/sysconfig/amd file is the configuration file that is used to configure the auto mount daemon. Answer C is incorrect. In Unix, the
/proc/modules file shows the kernel modules that are currently loaded.

NEW QUESTION 9

Which of the following tools is used to make fake authentication certificates?

  • A. Obiwan
  • B. Netcat
  • C. WinSSLMiM
  • D. Brutus

Answer: C

Explanation:
WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in Internet Explorer. The tool works under Windows 9x/2000. For example, Generate fake certificate: fc -s www.we-are-secure.com -f fakeCert.crt Launch WinSSLMiM: wsm -f fakeCert.crt Answer D is incorrect. Brutus is a password cracking tool that performs both dictionary and brute force attacks in which passwords are randomly generated from given characters. Brute forcing can be performed on the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File Transfer Protocol) SMB (Server Message Block) Telnet Answer A is incorrect. Obiwan is a Web password cracking tool that is used to perform brute force and hybrid attacks. It is effective against HTTP connections for Web servers that allow unlimited failed login attempts by the user. Obiwan uses wordlists as well as alphanumeric characters as possible passwords. Answer B is incorrect. Netcat is a freely available networking utility that reads and writes data across network connections by using the TCP/IP protocol. Netcat has the following features: It provides outbound and inbound connections for TCP and UDP ports. It provides special tunneling such as UDP to TCP, with the possibility of specifying all network parameters. It is a good port scanner. It contains advanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified file) of transmitted and received data. It is an optional RFC854 telnet code parser and responder.

NEW QUESTION 10

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?

  • A. 802.11g
  • B. 802.11n
  • C. 802.11b
  • D. 802.11a

Answer: ABCD

Explanation:

Kismet can sniff IEEE 802.11a, 802.11b, 802.11g, and 802.11n-based wireless network traffic.

NEW QUESTION 11

You work as the Network Administrator for XYZ CORP. The company has a Unix-based
network. You want to check the status of the printer and set its state. Which of the following Unix commands can you use to accomplish the task?

  • A. banner
  • B. lpq
  • C. lpc
  • D. lpr

Answer: C

Explanation:

In Unix, the lpc command is used to check the status of the printer and set its state. Answer A is incorrect. In Unix, the banner command is used to print a large banner on the printer. Answer D is incorrect. In Unix, the lpr command is used to submit a job to the printer.
Answer B is incorrect. In Unix, the lpq command is used to show the contents of a spool directory for a given printer.

NEW QUESTION 12

You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router. A user is unable to access the Internet from Host B. You also verify that Host B is not able to connect to other resources on the network. The IP configuration of Host B is shown below:
GSNA dumps exhibit
Which of the following is the most likely cause of the issue?

  • A. An incorrect subnet mask is configured on Host B.
  • B. The IP address of Host B is not from the correct IP address range of the network.
  • C. There is an IP address conflict on the network.
  • D. An incorrect default gateway is configured on Host B.

Answer: A

Explanation:

According to the network diagram, the IP address range used on the network is from the class C private address range. The class C IP address uses the following default subnet mask: 255.255.255.0 The question specifies that the subnet mask used in Host B is 255.255.0.0, which is an incorrect subnet mask.

NEW QUESTION 13

You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You want to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage. Which of the following steps will you take?

  • A. Secure the boot configuration
  • B. Restore an archived primary bootset
  • C. Verify the security of the bootset
  • D. Enable the image resilience

Answer: A

Explanation:

In order to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage, you should secure the boot configuration of the router using the secure boot-config command. Answer D is incorrect. You can enable the image resilience, if you want to secure the Cisco IOS image. Answer C is incorrect. By verifying the security of bootset, you can examine whether or not the Cisco IOS Resilient Configuration is enabled and the files in the bootset are secured. Answer B is incorrect. By restoring an archived primary bootset, you can restore a primary bootset from a secure archive after an NVRAM has been erased or a disk has been formatted.

NEW QUESTION 14

Which of the following does an anti-virus program update regularly from its manufacturer's Web site?

  • A. Hotfixes
  • B. Permissions
  • C. Service packs
  • D. Definition

Answer: D

Explanation:

An anti-virus program updates the virus definition file regularly from the anti- virus manufacturer's Web site. Antivirus (or anti-virus) software is used to prevent, detect, and remove malware, including computer viruses, worms, and trojan horses. Such programs may also prevent and remove adware, spyware, and other forms of malware. Traditional antivirus software solutions run virus scanners on schedule, on demand and some run scans in real time. If a virus or malware is located, the suspect file is usually placed into a quarantine to terminate its chances of disrupting the system. Traditional antivirus solutions scan and compare against a publicized and regularly updated dictionary of malware otherwise known as a blacklist. Some antivirus solutions have additional options that employ a heuristic engine which further examines the file to see if it is behaving in a similar manner to previous examples of malware. A new technology utilized by a few antivirus solutions is whitelisting; this technology first checks if the file is trusted and only questions those that are not. With the addition of wisdom of crowds, antivirus solutions backup other antivirus techniques by harnessing the intelligence and advice of a community of trusted users to protect each other. Answer C is incorrect. A service pack is a collection of Fixes and Patches in a single product. A service pack can be used to handle a large number of viruses and bugs or to update an operating system with advanceB, Detter capabilities. A service pack usually contains a number of file replacements. Answer A is incorrect. Hotfix is a collection of files used by Microsoft for software updates that are released between major service pack releases. A hotfix is about a problem, occurring under specific circumstances, which cannot wait to be fixed till the next service pack release. Hotfixes are generally related to security problems. Hence, it is essential to fix these problems as soon as possible. Answer B is incorrect. An anti-virus program does not update Permissions regularly from its manufacturer's Web site.

NEW QUESTION 15

Data mining is a process of sorting through data to identify patterns and establish relationships. Which of the following data mining parameters looks for patterns where one event is connected to another event?

  • A. Sequence or path analysis
  • B. Forecasting
  • C. Clustering
  • D. Association

Answer: D

Explanation:

Data mining is a process of sorting through data to identify patterns and establish relationships. Following are the data mining parameters: Association: Looking for patterns where one event is connected to another event. Sequence or path analysis: Looking for patterns where one event leads to another later event. Classification: Looking for new patterns (may result in a change in the way the data is organized but is acceptable). Clustering: Finding and visually documenting groups of facts not previously known. Forecasting: Discovering patterns in data that can lead to reasonable predictions about the future (This area of data mining is known as predictive analytics).

NEW QUESTION 16

You have been assigned a project to develop a Web site for a construction company. You plan to develop a Web site and want to use cascading style sheets (CSS) as it helps you to get more control over the appearance and presentation of your Web pages and also extends your ability to precisely specify the position and appearance of the elements on a page and create special effects. You want to define styles for individual elements of a page. Which type of style sheet will you use?

  • A. Embedded Style Sheet
  • B. Internal Style Sheet
  • C. External Style Sheet
  • D. Inline Style Sheet

Answer: D

Explanation:

Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page. Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628

NEW QUESTION 17

Which of the following is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control?

  • A. Airwave Management Platform
  • B. Andrisoft WANGuard Platform
  • C. akk@da
  • D. Aggregate Network Manager

Answer: D

Explanation:

Aggregate Network Manager is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control. Answer A is incorrect. Airwave Management Platform (AMP) is wireless network management software. It offers centralized control for Wi-Fi networks. Some of its common features are access point configuration management, reporting, user tracking, help desk views, and rogue AP discovery. Answer C is incorrect. akk@da is a simple network monitoring system. It is designed for small and middle size computer networks. Its function is to quickly detect the system or network faults and display the information about detected faults to the administrators. The information is collected by it in every single minute (a user can decrease this period to 1 second). Approximately all the services of the monitored hosts are discovered automatically. Answer B is incorrect. Andrisoft WANGuard Platform offers solutions for various network issues such as WAN links monitoring, DDoS detection and mitigation, traffic accounting, and graphing.

NEW QUESTION 18

Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly?

  • A. Path MTU discovery (PMTUD)
  • B. AS Route Inference
  • C. AS PATH Inference
  • D. Firewalking

Answer: C

Explanation:

AS PATH Inference is one of the prominent techniques used for creating Internet maps. This technique relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly. Each BGP entry contains a Path Vector attribute called the AS Path. This path represents an autonomous system forwarding path from a given origin for a given set of prefixes. These paths can be used to infer AS-level connectivity and in turn be used to build AS topology graphs. However, these paths do not necessarily reflect how data is actually forwardeA, Ddjacencies between AS nodes only represent a policy relationship between them. A single AS link can in reality be several router links. It is also much harder to infer peering between two AS nodes, as these peering relationships are only propagated to an ISP's customer networks. Nevertheless, support for this type of mapping is increasing as more and more ISP's offer to peer with public route collectors such as Route-Views and RIPE. New toolsets are emerging such as Cyclops and NetViews that take advantage of a new experimental BGP collector BGPMon. NetViews can not only build topology maps in seconds but visualize topology changes moments after occurring at the actual router. Hence, routing dynamics can be visualized in real time. Answer B is incorrect. There is no such Internet mapping technique.
Answer D is incorrect. Firewalking is a technique for gathering information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. If the firewall allows this crafted packet through, it forwards the packet to the next hop. On the next hop, the packet expires and elicits an ICMP "TTL expired in transit" message to the attacker. If the firewall does not allow the traffic, there should be no response, or an ICMP "administratively prohibited" message should be returned to the attacker. A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall. To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall. The main drawback of this technique is that if an administrator blocks ICMP packets from leaving the network, it is ineffective. Answer A is incorrect. Path MTU discovery (PMTUD) is a technique in computer networking for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts, usually with the goal of avoiding IP fragmentation. Path MTU discovery works by setting the DF (Don't Fragment) option bit in the IP headers of outgoing packets. Then, any device along the path whose MTU is smaller than the packet will drop it, and send back an ICMP "Fragmentation Needed" (Type 3, Code 4) message containing its MTU, allowing the source host to reduce its path MTU appropriately. The process repeats until the MTU is small enough to traverse the entire path without fragmentation. If the path MTU changes after the connection is set up and is lower than the previously determined path MTU, the first large packet will cause an ICMP error and the new, lower path MTU will be found. Conversely, if PMTUD finds that the path allows a larger MTU than what is possible on the lower link, the OS will periodically reprobe to see if the path has changed and now allows larger packets. On Linux this timer is set by default to ten minutes.

NEW QUESTION 19

Which of the following is a basic feature of the Unix operating system? (Choose three)

  • A. It is highly portable across hardware.
  • B. All files can be individually protected using read, write, and execute permissions for the user, group, and others.
  • C. It allows all the modules to be loaded into memory.
  • D. A user can execute multiple programs at the same time from a single terminal.

Answer: ABD

Explanation:

The basic features of Unix are as follows: Multi-user: It supports more than one user to access the system simultaneously through a set of terminals attached to a system. Multi-tasking: A user can execute multiple programs at the same time from a single terminal. Time sharing: The operating system shares CPU time among tasks. Portability: It is highly portable across hardware. Modularity: It allows only needed modules to be loaded into the memory. File structure: It has an inverted tree like file structure, with files and directories created within the file structure. Security: All files can be individually protected using read, write, and execute permissions for the user, group, and others. Network support: It uses the TCP/IP protocol. Advanced graphics: CAD-CAM applications perform the best in a Unix System with its varied support for graphics card.

NEW QUESTION 20
......

Thanks for reading the newest GSNA exam dumps! We recommend you to try the PREMIUM Dumpscollection.com GSNA dumps in VCE and PDF here: https://www.dumpscollection.net/dumps/GSNA/ (368 Q&As Dumps)