GISP GIAC Information Security Professional Question and Answers

Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Which of the following are the major tasks of risk management?

Each correct answer represents a complete solution. Choose two.

In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?

Which of the following statements about the authentication concept of information security management is true?

Which of the following statement about snooping is true?

Which of the following should be implemented to protect an organization from spam?

Which of the following terms ensures that no intentional or unintentional unauthorized modification is made to data?

Which of the following are the examples of technical controls?

Each correct answer represents a complete solution. Choose three.

Which of the following is used by attackers to record everything a person types, including usernames, passwords, and account information?

Which of the following are threats to network security?

Each correct answer represents a complete solution. Choose two.

You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company's network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?

Which of the following protocols work at the network layer?

Each correct answer represents a complete solution. Choose three.

What does TACACS stand for?

Which of the following is used by the Diffie-Hellman encryption algorithm?

Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?

Which of the following statements about DES (Data Encryption Standard) is true?

The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from children under __ years of age without verifiable permission of a parent?

Which of the following ports is used by a BOOTP server?

Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?

Which U.S. government agency is responsible for establishing standards concerning cryptography for nonmilitary use?

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the _______ layer of the OSI model.

Which of the following are the ways of sending secure e-mail messages over the Internet?

Each correct answer represents a complete solution. Choose two.

Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?

Which of the following tools can be used by a user to hide his identity?

Each correct answer represents a complete solution. Choose all that apply.

The _______ protocol allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.

Which of the following is a program that monitors data packets traveling across a network?

Which of the following is an industry standard authentication protocol commonly used in UNIX networks?

Which of the following is a technique used to attack an Ethernet wired or wireless network?

Which of the following is not a level of military data-classification system?

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?

An attacker sends a large number of packets to a target computer that causes denial of service. Which of the following type of attacks is this?

Which of the following hashing algorithms produces a variable length hash value?

Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?

Which of the following are the ways of sending secure e-mail messages over the Internet?

Each correct answer represents a complete solution. Choose two.

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.

A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a link-state routing protocol?

Which of the following types of attacks occurs when attackers enter a system or capture network traffic and make changes to selected files or data packets?

Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?

Which of the following refers to a program that allows access to a system by skipping the security checks?

Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

Which of the following provides the best protection against a man-in-the-middle attack?

Which of the following statements about digital signature are true?

Each correct answer represents a complete solution. Choose two.

Which of the following layers of the OSI model provides non-repudiation services?

Fill in the blank with the appropriate value.

Primary Rate Interface (PRI) of an ISDN connection contains _______ B channels and ______ D channel.

Which of the following authentication methods support mutual authentication?

Each correct answer represents a complete solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are-secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes is known as sanitization?

Which of the following types of attacks slows down or stops a server by overloading it with requests?

Which of the following components come under the network layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain-based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?

At which of the following layers Structured Query Language (SQL) works?

Which of the following policies is set by a network administrator to allow users to keep their emails and documents for a fixed period of time?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:

This rule can help him protect the We-are-secure server from the __________.

Which of the following statements about Network Address Translation (NAT) are true?

Each correct answer represents a complete solution. Choose two.

Which of the following statements about the bridge are true?

Each correct answer represents a complete solution. Choose two.

Which of the following practices come in the category of denial of service attack?

Each correct answer represents a complete solution. Choose three.

Which of the following is the default port for the NetBIOS name service?

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this?

Each correct answer represents a complete solution. Choose two.

Which of the following protocols is used to query and modify information stored within the directory services?

Which of the following is a process of monitoring data packets that travel across a network?

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?

Each correct answer represents a complete solution. Choose two.

Which of the following defines the communication link between a Web server and Web applications?

Fill in the blank with the appropriate term.

A ___________ is a digital representation of information that identifies authorized users on the Internet and intranets.

Brutus is a password cracking tool that can be used to crack the following authentications:

•HTTP (Basic Authentication)

•HTTP (HTML Form/CGI)

•POP3 (Post Office Protocol v3)

•FTP (File Transfer Protocol)

•SMB (Server Message Block)

•Telnet

Which of the following attacks can be performed by Brutus for password cracking?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following protocols work at the session layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Which of the following is not a major concern in traditional business transactions as compare to online transactions?

Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.

A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?

Which of the following statements about Secure Sockets Layer (SSL) are true?

Each correct answer represents a complete solution. Choose two.

Routers and firewalls use _______ to determine which packets should be forwarded or dropped.

In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?

Which of the following is a reason to implement security logging on a DNS server?

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the _____ layer of the OSI model.

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:

•Network diagrams of the we-are-secure infrastructure

•Source code of the security tools

•IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?

Which of the following provides the best protection against a man-in-the-middle attack?

Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server.

Which of the following DoS attacks is Maria using to accomplish her task?

Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?

Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?

Which of the following attacks is specially used for cracking a password?

Which of the following protocols work at the Application layer of an OSI model?

Each correct answer represents a complete solution. Choose three.

Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:

•Information gathering

•Determination of network range

•Identification of active systems

•Location of open ports and applications

Now, which of the following tasks should he perform next?

Which of the following types of activities can be audited for security?

Each correct answer represents a complete solution. Choose three.

Which of the following services does Internet Information Server (IIS) provide along with HTTP?

Each correct answer represents a complete solution. Choose three.

In which of the following cryptographic attacking techniques does an attacker obtain encrypted messages that have been encrypted using the same encryption algorithm?

Which of the following records is the first entry in a DNS database file?

Which of the following are politically motivated threats that an organization faces?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is generally practiced by the police or any other recognized governmental authority?

Which of the following protocols are used to provide secure communication between a client and a server over the Internet?

Each correct answer represents a part of the solution. Choose two.

Which of the following are types of social engineering attacks?

Each correct answer represents a complete solution. Choose two.