GIAC Information Security Professional v6.0 (GISP)

Page:    1 / 44   
Total 662 questions

Which of the following access control models are used in the commercial sector?
Each correct answer represents a complete solution. Choose two.

  • A. Clark-Wilson model
  • B. Clark-Biba model
  • C. Bell-LaPadula model
  • D. Biba model


Answer : A,D

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully performed the following steps of the preattack phase to check the security of the We-are-secure network:

Gathering information -

Determining the network range -

Identifying active systems -
Now, he wants to find the open ports and applications running on the network. Which of the following tools will he use to accomplish his task?

  • A. ARIN
  • B. APNIC
  • C. SuperScan
  • D. RIPE


Answer : C

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?

  • A. The site's Web server has heavy traffic.
  • B. The site's Web server is offline.
  • C. WINS server has no NetBIOS name entry for the server.
  • D. DNS entry is not available for the host name.


Answer : D

Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?

  • A. Anti-x
  • B. LIDS
  • C. Scanlogd
  • D. KFSensor


Answer : A

Mark works as a Network Administrator for NetTech Inc. The company has a Windows
2000 domain-based network. Users report that they are unable to log on to the network.
Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?

  • A. SYN attack
  • B. Spoofing
  • C. PING attack
  • D. Brute force attack


Answer : D

Which of the following are tunneling protocols?
Each correct answer represents a complete solution. Choose two.

  • A. NNTP
  • B. SMTP
  • C. L2TP
  • D. PPTP


Answer : C,D

security system
are true?
Each correct answer represents a complete solution. Choose two.

  • A. It requires a password only once to authenticate users.
  • B. It requires a new password every time a user authenticates himself.
  • C. It generates passwords by using either the MD4 or MD5 hashing algorithm.
  • D. It generates passwords by using Kerberos v5.


Answer : B,C

Which of the following are ensured by the concept of integrity in information system security?
Each correct answer represents a complete solution. Choose two.

  • A. Unauthorized modifications are not made by authorized users.
  • B. Data modifications are not made by an unauthorized user or process.
  • C. The intentional or unintentional unauthorized disclosure of a message or important document contents is prevented.
  • D. The systems are up and running when they are needed.


Answer : A,B

You work as a Network Administrator for Net World International. The company has a
Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run
Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?

  • A. Install PEAP-MS-CHAP v2.
  • B. Install Service Pack 1.
  • C. Enable WEP.
  • D. Install EAP-TLS.


Answer : C

You work as a Network Administrator for Infonet Inc. The company's network has an FTP server.
You want to secure the server so that only authorized users can access it. What will you do to accomplish this?

  • A. Stop the FTP service on the server.
  • B. Disable anonymous authentication.
  • C. Disable the network adapter on the server.
  • D. Enable anonymous authentication.


Answer : B

Fill in the blank with the appropriate layer name of the OSI model.
Secure Socket Layer (SSL) operates at the _______ layer of the OSI model.

  • A. transport


Answer : A

Which of the following is a source port forwarder and redirector tool?

  • A. Fpipe
  • B. NMAP
  • C. SuperScan
  • D. NSLOOKUP


Answer : A

policy is true?

  • A. It provides information about new viruses.
  • B. It is a method used to authenticate users on a network.
  • C. It identifies the level of confidentiality of information.
  • D. It is a method for securing database servers.


Answer : C

Which of the following methods backs up all changes made since the last full or normal backup?

  • A. Half backup
  • B. Incremental backup
  • C. Differential backup
  • D. Full backup


Answer : C

is true?

  • A. It is a rule list containing access control entries.
  • B. It specifies whether an audit activity should be performed when an object attempts to access a resource.
  • C. It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.
  • D. It is a unique number that identifies a user, group, and computer account.


Answer : C

Page:    1 / 44   
Total 662 questions