GCIA – GIAC Certified Intrusion Analyst Practice Test v6.0 (GCIA)

Page:    1 / 34   
Total 517 questions

You work as a Network Administrator for Infonet Inc. The company has a Windows Server
2008 Active Directory-based single forest multiple domain IPv4 network. All the DNS servers on the network run Windows Server 2008. The users in the network use NetBIOS name to connect network application on the network. You have migrated the network to
IPv6-enabled network. Now you want to enable DNS Server to perform lookups in
GlobalNames Zone. Which of the following commands will you use to accomplish the task?

  • A. Dnscmd <server name> /config /enableglobalnames 1
  • B. Dnscmd <server name> /config /enableglobalnamessupport 0
  • C. Dnscmd <server name> /config /enableglobalnamessupport 1
  • D. Dnscmd <server name> /config /globalnamesqueryorder 0


Answer : C

Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses
'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew's password?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Buffer-overflow attack
  • B. Brute force attack
  • C. Dictionary-based attack
  • D. Password guessing
  • E. Social engineering
  • F. Zero-day attack
  • G. Denial-of-service (DoS) attack
  • H. Rainbow attack


Answer : B,C,D,E,H

John enters a URL http://www.cisco.com/web/learning in the web browser. A web page appears after he enters the URL. Which of the following protocols is used to resolve www.cisco.com into the correct IP address?

  • A. DNS
  • B. SMTP
  • C. DHCP
  • D. ARP


Answer : A

Which of the following types of firewall functions at the Session layer of OSI model?

  • A. Circuit-level firewall
  • B. Switch-level firewall
  • C. Packet filtering firewall
  • D. Application-level firewall


Answer : A

Mark works as the Network Administrator of a Windows 2000 based network. The network has a DNS server installed. He experiences host name resolution problems on the network. name resolution problems on the network.
Which of the following tools will he use to do this?

  • A. NSLOOKUP
  • B. IPCONFIG
  • C. NBTSTAT
  • D. NETSTAT


Answer : A

Peter works as a Computer Hacking Forensic Investigator. He has been called by an organization to conduct a seminar to give necessary information related to sexual harassment within the work place. Peter started with the definition and types of sexual harassment. He then wants to convey that it is important that records of the sexual harassment incidents should be maintained, which helps in further legal prosecution. Which of the following data should be recorded in this documentation?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Names of the victims
  • B. Date and time of incident
  • C. Nature of harassment
  • D. Location of each incident


Answer : A,B,D

You work as a Network Administrator for Net Perfect Inc. The company has a Windows

Server -
2008 network environment. The servers on the network run Windows Server 2008 R2. All client computers on the network run Windows 7 Ultimate. You have configured feature on the laptop of few sales managers so that they can access corporate network from remote locations. Their laptops run Windows 7 Ultimate. Which of the following options does the DirectAccess use to keep data safer while traveling through travels public networks?

  • A. IPv6-over-IPsec
  • B. IPSec-over-IPv4
  • C. VPN
  • D. SSL


Answer : A

Which of the following tools is used to detect spam email without checking the content?

  • A. Kismet
  • B. EtherApe
  • C. DCC
  • D. Sniffer


Answer : C

).
IP addressing version 6 uses_____ -bit address. Its____ IP address assigned to a single host allows the host to send and receive data.

  • A. IP addressing version 6 uses 128 -bit address. Its unicast IP address assigned to a single host allows the host to send and receive data.


Answer : A

You work as a Network Administrator for a bank. For securing the bank's network, you configure a firewall and an IDS. In spite of these security measures, intruders are able to attack the network.
After a close investigation, you find that your IDS is not configured properly and hence is unable to generate alarms when needed. What type of response is the IDS giving?

  • A. False Positive
  • B. True Negative
  • C. False Negative
  • D. True Positive


Answer : C

Which of the following commands in MQC tool matches IPv4 and IPv6 packets when IP parameter is missing?

  • A. Match access-group
  • B. Match fr-dlci
  • C. Match IP precedence
  • D. Match cos


Answer : C

You work as a Network Administrator for Infonet Inc. The company has a Windows Server
2008 domain-based network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

  • A. Configure Internet Protocol Security (IPSec).
  • B. Configure Network address translation (NAT).
  • C. Disable Windows firewall logging.
  • D. Enable Windows firewall logging.


Answer : D

You work as a professional Computer Hacking Forensic Investigator. A project has been assigned to you to investigate the DoS attack on a computer network of SecureEnet Inc.
Which of the following methods will you perform to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Look for core files or crash dumps on the affected systems.
  • B. Sniff network traffic to the failing machine.
  • C. Seize all computers and transfer them to the Forensic lab.
  • D. Look for unusual traffic on Internet connections and network segments.


Answer : A,B,D

You work as a Network Administrator for Tech2tech Inc. You have configured a network- based IDS for your company.
You have physically installed sensors at all key positions throughout the network such that they all report to the command console.
What will be the key functions of the sensors in such a physical layout?
Each correct answer represents a complete solution. Choose all that apply.

  • A. To collect data from operating system logs
  • B. To notify the console with an alert if any intrusion is detected
  • C. To analyze for known signatures
  • D. To collect data from Web servers


Answer : B,C

  • A. 21
  • B. 25
  • C. 23
  • D. 80


Answer : A

Page:    1 / 34   
Total 517 questions