GIAC Security Leadership Certification (GSLC) v6.0 (GSLC)

Page:    1 / 38   
Total 572 questions

Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.

  • A. Internet bots
  • B. Spyware
  • C. Anti-virus software
  • D. Scripts


Answer : A,D

Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack.
Which of the following attacks best describes the attacker's intentions?

  • A. Land attack
  • B. Internal attack
  • C. DoS attack
  • D. Reconnaissance attack


Answer : C

Which of the following RAID levels will you use to implement a RAID system for providing fault tolerance to a database?

  • A. RAID 10
  • B. RAID 1
  • C. RAID 5
  • D. RAID 0


Answer : B

What is the term used to describe the cost of the solution after the solution has been implemented in production by a vendor?

  • A. Total cost of ownership
  • B. Total ownership costing
  • C. Sustainability fees
  • D. Lifecycle maintenance fees


Answer : A

Which of the following are the countermeasures against WEP cracking?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Changing keys often.
  • B. Using the longest key supported by hardware.
  • C. Using a 16 bit SSID.
  • D. Using a non-obvious key.


Answer : A,B,D

John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he noted down the passwords of the employees while they were typing them on their computer screens.
Which of the following social engineering attacks did he just perform?

  • A. Shoulder surfing
  • B. Important user posing
  • C. Dumpster diving
  • D. Authorization by third party


Answer : A

You are responsible for security at a company that specializes in e-commerce. You realize that given the high volume of Web traffic, there is a significant chance of someone being able to breach your perimeter. You want to make sure that should this occur, you can redirect the attacker away from sensitive data. How would you best accomplish this?

  • A. Implement a network based IDS.
  • B. Implement a passive IDS
  • C. Implement a stateful packet inspection firewall.
  • D. Implement a honey pot.


Answer : D

You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

  • A. Containment
  • B. Recovery
  • C. Identification
  • D. Eradication


Answer : D

Which of the following is a virus that can redirect the disk head to read another sector instead of the one in which it resides?

  • A. Multipartite virus
  • B. Macro virus
  • C. Stealth virus
  • D. Boot sector virus


Answer : C

Which of the following items are generally analyzed by Internet filters?
Each correct answer represents a complete solution. Choose three.

  • A. Content
  • B. Certificates
  • C. Uniform Resource Locators (URLs)
  • D. Network Topology


Answer : A,B,C

Which of the following is used to communicate with an authentication server commonly used in UNIX networks?

  • A. MS-CHAP
  • B. IPX/SPX
  • C. SMTP
  • D. TACACS


Answer : D

Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about
Gentech Inc. In which of the following steps of malicious hacking does dumpster diving come under?

  • A. Multi-factor authentication
  • B. Role-based access control
  • C. Mutual authentication
  • D. Reconnaissance


Answer : D

You have detected what appears to be an unauthorized wireless access point on your network. However this access point has the same MAC address as one of your real access points and is broadcasting with a stronger signal. What is this called?

  • A. Buesnarfing
  • B. DOS
  • C. The evil twin attack
  • D. WAP cloning


Answer : C

Victor wants to send an encrypted message to his friend. He is using certain steganography technique to accomplish this task. He takes a cover object and changes it accordingly to hide information. This secret information is recovered only when the algorithm compares the changed cover with the original cover. Which of the following
Steganography methods is Victor using to accomplish the task?

  • A. The distortion technique
  • B. The substitution technique
  • C. The cover generation technique
  • D. The spread spectrum technique


Answer : A

You are an Administrator for a network at an investment bank. You are concerned about individuals breeching your network and being able to steal data before you can detect their presence and shut down their access. Which of the following is the best way to address this issue?

  • A. Implement a strong password policy.
  • B. Implement a honey pot.
  • C. Implement a strong firewall.
  • D. Implement network based anti virus.


Answer : B

Page:    1 / 38   
Total 572 questions