GIAC G2700 - GIAC Certified ISO-2700 Specialist Practice Test Exam

Page:    1 / 91   
Total 453 questions

Mark works as a Network Security Administrator for uCertify Inc. An employee of the organization comes to Mark and tells him that a few months ago, the employee had filled an online bank form due to some account related work. Today, when again visiting the site, the employee finds that some of his personal information is still being displayed in the webpage. Which of the following types of cookies should be disabled by Mark to resolve the issue?

  • A. Session
  • B. Temporary
  • C. Secure
  • D. Persistent


Answer : D

You work as an Information Security Manager for uCertify Inc. You are working on the documentation of control A.10.1.1. What is the purpose of control A.10.1.1?

  • A. It is concerned with the documentation of the human resource security to make recruitments clear to the organization.
  • B. It is concerned with the documentation of the supply chain management.
  • C. It is concerned with the documentation of operating procedures to ensure the correct and secure use of information processing facilities.
  • D. It is concerned with the documentation of the disaster recovery management to ensure proper backup technologies.


Answer : C

Mark works as a Network Security Administrator for uCertify Inc. He has been assigned the task of installing a MySQL server. Mark wants to monitor only the data that is directed to or originating from the server and he also wants to monitor running processes, file system access and integrity, and user logins for identifying malicious activities. Which of the following intrusion detection techniques will Mark use to accomplish the task?

  • A. Network-based IDS
  • B. Signature-based IDS
  • C. Anomaly-based IDS
  • D. Host-based IDS


Answer : D

Which of the following are the exceptions of the Data Protection Act?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Section 36 - Domestic purposes
  • B. Section 28 - National security
  • C. Section 55 - Unlawful obtaining of personal data
  • D. Section 29 - Crime and taxation


Answer : A,B,D

Which of the following statements are true about security risks?
Each correct answer represents a complete solution. Choose three.

  • A. These are considered as an indicator of threats coupled with vulnerability.
  • B. These can be removed completely by taking proper actions.
  • C. These can be mitigated by reviewing and taking responsible actions based on possible risks.
  • D. These can be analyzed and measured by the risk analysis process.


Answer : A,C,D

Page:    1 / 91   
Total 453 questions