GIAC Security Essentials v7.0 (GSEC)

Page:    1 / 19   
Total 279 questions

A folder D:\Files\Marketing has the following NTFS permissions:
Administrators: Full Control
Marketing: Change and Authenticated
Users: Read
It has been shared on the server as "MARKETING", with the following share permissions:
Full Control share permissions for the Marketing group
Which of the following effective permissions apply if a user from the Sales group accesses the \\FILESERVER\MARKETING shared folder?

  • A. No access
  • B. Full Control
  • C. Read
  • D. Change


Answer : C

Which of the following SIP INVITE lines indicates to the remote registrar the VoIP phone that initiated the call?

  • A. Via
  • B. To
  • C. From-Agent
  • D. User-Agent


Answer : D

What is the following sequence of packets demonstrating?

  • A. telnet.com.telnet > client.com.38060: F 4289:4289(0) ack 92 win 1024
  • B. client.com.38060 > telnet.com.telnet: .ack 4290 win 8760 (DF)
  • C. client.com.38060 > telnet.com.telnet: F 92:92(0) ack 4290 win 8760 (DF)
  • D. telnet.com.telnet > client.com.38060: .ack 93 win 1024


Answer : C

When an IIS filename extension is mapped, what does this mean?

  • A. Files with the mapped extensions cannot be interpreted by the web server.
  • B. The file and all the data from the browser's request are handed off to the mapped interpreter.
  • C. The files with the mapped extensions are interpreted by CMD.EXE.
  • D. The files with the mapped extensions are interpreted by the web browser.


Answer : B

The previous system administrator at your company used to rely heavily on email lists, such as vendor lists and Bug Traq to get information about updates and patches. While a useful means of acquiring data, this requires time and effort to read through. In an effort to speed things up, you decide to switch to completely automated updates and patching. You set up your systems to automatically patch your production servers using a cron job and a scripted apt-get upgrade command. Of the following reasons, which explains why you may want to avoid this plan?

  • A. The apt-get upgrade command doesn't work with the cron command because of incompatibility
  • B. Relying on vendor and 3rd party email lists enables updates via email, for even faster patching
  • C. Automated patching of production servers without prior testing may result in unexpected behavior or failures
  • D. The command apt-get upgrade is incorrect, you need to run the apt-get update command


Answer : D

Which of the following would be a valid reason to use a Windows workgroup?

  • A. Lower initial cost
  • B. Simplicity of single sign-on
  • C. Centralized control
  • D. Consistent permissions and rights


Answer : D

You are an Intrusion Detection Analyst and the system has alerted you to an Event of
Interest (EOI) that appears to be activity generated by a worm. You investigate and find that the network traffic was normal. How would this type of alert be categorized?

  • A. False Positive
  • B. True Negative
  • C. True Positive
  • D. False Negative


Answer : A

Which of the following heights of fence deters only casual trespassers?

  • A. 8 feet
  • B. 2 to 2.5 feet
  • C. 6 to 7 feet
  • D. 3 to 4 feet


Answer : D

John works as a Network Administrator for Perfect Solutions Inc. The company has a
Linux-based network. John is working as a root user on the Linux operating system. He wants to change the modified date and time of the file private.txt to 11 Nov 2009 02:59:58 am. Which of the following commands will John use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. rm private.txt #11 Nov 2009 02:59:58 am
  • B. touch -d "11 Nov 2009 02:59:58 am" private.txt
  • C. touch private.txt #11 Nov 2009 02:59:58 am
  • D. touch -t 200911110259.58 private.txt


Answer : B,D

What would the following IP tables command do?
IP tables -I INPUT -s 99.23.45.1/32 -j DROP

  • A. Drop all packets from the source address
  • B. Input all packers to the source address
  • C. Log all packets to or from the specified address
  • D. Drop all packets to the specified address


Answer : A

You work as a Network Administrator for Net World Inc. The company has a Linux-based network. For testing purposes, you have configured a default IP-table with several filtering rules. You want to reconfigure the table. For this, you decide to remove the rules from all the chains in the table. Which of the following commands will you use?

  • A. IPTABLES -D
  • B. IPTABLES -A
  • C. IPTABLES -h
  • D. IPTABLES -F


Answer : D

Which of the following are advantages of Network Intrusion Detection Systems (NIDS)?

  • A. Analysis of encrypted traffic
  • B. Provide insight into network traffic
  • C. Detection of network operations problems
  • D. Provide logs of network traffic that can be used as part of other security measures.
  • E. Inexpensive to manage
  • F. B, C, and D
  • G. A, C, and E
  • H. B, D, and E
  • I. A, B, and C


Answer : C

When Net Stumbler is initially launched, it sends wireless frames to which of the following addresses?

  • A. Broadcast address
  • B. Default gateway address
  • C. Subnet address
  • D. Network address


Answer : A

Which of the following are examples of Issue-Specific policies all organizations should address?

  • A. Perimeter filtering guides, break times for employees, desktop neatness and backup procedures.
  • B. Rogue wireless access points, auditing, break time for employees and organizational structure.
  • C. Audit logs, physical access, mission statements and network protocols used.
  • D. Backup requirements, employee monitoring, physical access and acceptable use.


Answer : D

You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addition to the NOP commands, there appears to be a malicious payload. Of the following, which is the most appropriate preventative measure for this type of attack?

  • A. Limits on the number of failed logins
  • B. Boundary checks on program inputs
  • C. Controls against time of check/time of use attacks
  • D. Restrictions on file permissions


Answer : C

Page:    1 / 19   
Total 279 questions