GIAC GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test Exam
Page: 2 / 102
Total 507 questions
Question #6 (Topic: Volume A)
Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized
Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.
Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.
Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.
Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.
A. Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.
B. Attacker can gain access to the Web server in a DMZ and exploit the database.
C. Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.
D. Attacker can exploit any protocol used to go into the internal network or intranet of the com pany
Answer: ABD
Question #7 (Topic: Volume A)
Which of the following is known as a message digest?
A. Hash function
B. Hashing algorithm
C. Spider
D. Message authentication code
Answer: A
Question #8 (Topic: Volume A)
Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected
Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc.
Which of the following types of Cross-Site Scripting attack Ryan intends to do?
Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc.
Which of the following types of Cross-Site Scripting attack Ryan intends to do?
A. Document Object Model (DOM)
B. Non persistent
C. SAX
D. Persistent
Answer: D
Question #9 (Topic: Volume A)
for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for
classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in
Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching
data on a Windows based system?
classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in
Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching
data on a Windows based system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, interne t traces
B. Volatile data, file slack, file system, registry, memory dumps, system state backup, interne t traces
C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
D. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
Answer: B
Question #10 (Topic: Volume A)
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive
a notification when a possible attack is in process. Which of the following actions will you take for this?
a notification when a possible attack is in process. Which of the following actions will you take for this?
A. Enable verbose logging on the firewall
B. Install a network-based IDS
C. Install a DMZ firewall
D. Install a host-based IDS
Answer: B
