GIAC Information Security Fundamentals v6.1 (GISF)

Page:    1 / 23   
Total 338 questions

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

  • A. F936.28A1.5BCD.DEFA
  • B. A3-07-B9-E3-BC-F9
  • C. 1011-0011-1010-1110-1100-0001
  • D. 132.298.1.23


Answer : B

Which of the following provide data confidentiality services by encrypting the data sent between wireless systems?
Each correct answer represents a complete solution. Choose two.

  • A. MS-CHAP v2
  • B. WEP
  • C. PAP
  • D. WPA


Answer : B,C

You have decided to implement an intrusion detection system on your network. You primarily are interested in the IDS being able to recognized known attack techniques.
Which type of IDS should you choose?

  • A. Signature Based
  • B. Passive
  • C. Active
  • D. Anomaly Based


Answer : A

You want to ensure that everyone who sends you an email should encrypt it. However you do not wish to exchange individual keys with all people who send you emails. In order to accomplish this goal which of the following should you choose?

  • A. DES
  • B. AES
  • C. Symmetric Encryption
  • D. Public Key encryption


Answer : D

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

  • A. SHA
  • B. AES
  • C. MD5
  • D. DES


Answer : C

Which of the following are some of the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk identification
  • B. Project schedule
  • C. Team members list
  • D. Risk analysis


Answer : A,B,C

Which of the following are core TCP/IP protocols that can be implemented with Windows
NT to connect computers and internetworks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Address Resolution Protocol (ARP)
  • B. Network Link Protocol (NWLink)
  • C. User Datagram Protocol (UDP)
  • D. Internet Control Message Protocol (ICMP)


Answer : A,C,D

TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?

  • A. Windows
  • B. Red Hat
  • C. Solaris
  • D. Knoppix


Answer : A

Which of the following protocols are used by Network Attached Storage (NAS)?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Apple Filing Protocol (AFP)
  • B. Server Message Block (SMB)
  • C. Network File System (NFS)
  • D. Distributed file system (Dfs)


Answer : A,B,C

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

  • A. Containment
  • B. Identification
  • C. Preparation
  • D. Eradication


Answer : C

You are working on your computer system with Linux Operating system. After working for a few hours, the hard disk goes to the inactive state (sleep). You try to restart the system and check the power circuits. You later discover that the hard disk has crashed. Which of the following precaution methods should you apply to keep your computer safe from such issues?

  • A. Use Incident handling
  • B. Use OODA loop
  • C. Use Information assurance
  • D. Use SMART model.


Answer : D

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

  • A. Containment
  • B. Preparation
  • C. Recovery
  • D. Identification


Answer : A

You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:
The information has proved beneficial to another company.
The other company is located about 340 feet away from your office.
The other company is also using wireless network.
The bandwidth of your network has degraded to a great extent.
Which of the following methods of attack has been used?

  • A. A piggybacking attack has been performed.
  • B. The information is traced using Bluebugging.
  • C. A DOS attack has been performed.
  • D. A worm has exported the information.


Answer : A

Which of the following options cannot be accessed from Windows Update?

  • A. Restore Hidden Updates
  • B. Check for Updates
  • C. View Update History
  • D. View AntiVirus Software Update


Answer : D

You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

  • A. Denial-of-Service
  • B. Eavesdropping
  • C. Spoofing
  • D. Packet manipulation


Answer : A

Page:    1 / 23   
Total 338 questions