GISF GIAC Information Security Fundamentals Questions and Answers

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

Which of the following is a valid IP address for class B Networks?

You work as a Network Administrator for ABC Inc. The company has a secure wireless network.

However, in the last few days, an attack has been taking place over and over again. This attack is taking advantage of ICMP directed broadcast. To stop this attack, you need to disable ICMP directed broadcasts. Which of the following attacks is taking place?

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domainbased network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

You have an antivirus program for your network. It is dependent upon using lists of known viruses. What is this type of scan called?

You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:

The information has proved beneficial to another company.

The other company is located about 340 feet away from your office.

The other company is also using wireless network.

The bandwidth of your network has degraded to a great extent.

Which of the following methods of attack has been used?

Which of the following statements about Encapsulating Security Payload (ESP) are true?

Each correct answer represents a complete solution. Choose two.

How long are cookies in effect if no expiration date is set?

Which of the following tools are used to determine the hop counts of an IP packet?

Each correct answer represents a complete solution. Choose two.

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

Fred is the project manager for the TCC Company. His company has an internal policy that states each year they will provide free services to a nonprofit organization. Therefore, the company and its employees are not allowed to charge or receive money or gifts from the nonprofit organization they choose to provide free services. This year, the TCC Company offers to provide project management services to the children's hospital for a marketing campaign to raise money. Due to the TCC Company's project management services, the nonprofit agency exceeded previous years fund raising efforts. To show appreciation the nonprofit organization offered to reimburse the project manager for his travel expenses. Which of the following best describes how the project manager should handle the situation?

Which of the following logs contains events pertaining to security as defined in the Audit policy?

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following types of attack can guess a hashed password?

Which of the following is used in asymmetric encryption?

You are the project manager for BlueWell Inc. You are reviewing the risk register for your project. The risk register provides much information to you, the project manager and to the project team during the risk response planning. All of the following are included in the risk register except for which item?

You are concerned about outside attackers penetrating your network via your company Web server.

You wish to place your Web server between two firewalls

One firewall between the Web server and the outside world

The other between the Web server and your network

What is this called?

Jane works as a Consumer Support Technician for McRoberts Inc. The company provides troubleshooting support to users. A user named Peter installs Windows Vista on his computer. He connects his computer on the network. He wants to protect his computer from malicious software and prevent hackers from gaining access to his computer through the network. Which of the following actions will Jane assist Peter to perform to accomplish the task?

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

Which of the following is the maximum variable key length for the Blowfish encryption algorithm?

Web applications play a vital role in deploying different databases with user accessibility on the Internet. Which of the following allows an attacker to get unauthorized access to the database of a Web application by sending (attacking) user-supplied data to an interpreter as part of a command or query?

In packet filtering types of firewalls, which of the following specifies what traffic can and cannot traverse the firewall?

The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

Which of the following IDS/IPS detection methods do the URLs use to detect and prevent an attack?

Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

Which of the following statements about digital signature is true?

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

According to the case study, what protocol should be used to protect a customer's privacy and credit card information?

(Click the Exhibit button on the toolbar to see the case study.)

Bluetooth uses the _________ specification in the ________ band with FHSS technology.

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.

Which of the following will you use to accomplish this?

You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

Fill in the blank with the appropriate value. SHA-1 produces a ______-bit message digest.

You work as a Software Developer for uCertify Inc. You have developed a Data Access Logic (DAL) component that will be part of a distributed application. You are conducting integration testing with other components of the distributed application. Which of the following types of testing methods will you need to perform to identify potential security-related issues? Each correct answer represents a part of the solution. Choose two.

Which of the following authentication methods uses MD5 hash encoding while transferring credentials over a network?

Which of the following refers to the emulation of the identity of a network computer by an attacking computer?

Which of the following is most useful against DOS attacks?

You are the project manager of a new project to install new hardware for your organization's computer network. You have never worked with networking software or hardware before so you enroll in a class to learn more about the technology you'll be managing in your project. This is an example of which one of the following?

The Project Risk Management knowledge area focuses on which of the following processes?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following are some of the parts of a project plan?

Each correct answer represents a complete solution. Choose all that apply.

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

Which of the following statements are TRUE regarding asymmetric encryption and symmetric encryption? Each correct answer represents a complete solution. Choose all that apply.

Which of the following factors determine the strength of the encryption?

You are the project manager of a new project in your organization. You and the project team have identified the project risks, completed risk analysis, and are planning the most appropriate risk responses. Which of the following tools is most effective to choose the most appropriate risk response?

Which of the following provide data confidentiality services by encrypting the data sent between wireless systems?

Each correct answer represents a complete solution. Choose two.

You want to ensure that everyone who sends you an email should encrypt it. However you do not wish to exchange individual keys with all people who send you emails. In order to accomplish this goal which of the following should you choose?

Which of the following are core TCP/IP protocols that can be implemented with Windows NT to connect computers and internetworks?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following monitors program activities and modifies malicious activities on a system?

Which of the following types of authentications supported by OSPF?

Each correct answer represents a complete solution. Choose three.

Which of the following are the examples of administrative controls?

Each correct answer represents a complete solution. Choose all that apply.

Andrew works as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains five Windows 2008 member servers and 120 Windows XP Professional client computers. Andrew is concerned about the member servers that are not meeting the security requirements as mentioned in the security policy of the company. Andrew wants to compare the current security settings of the member servers with the security template that is configured according to the security policy of the company. Which of the following tools will Andrew use to accomplish this?

You work as a Software Developer for Mansoft Inc. You, together with a team, develop a distributed application that processes orders from multiple types of clients. The application uses SQL Server to store data for all orders. The application does not implement any custom performance counters. After the application is deployed to production, it must be monitored for performance spikes. What will you do to monitor performance spikes in the application in a deployment environment?

Each correct answer represents a part of the solution. Choose all that apply.

You work as a Network Administrator for Infosec Inc. You find that not only have security applications running on the server, including software firewalls, anti-virus programs, and anti-spyware programs been disabled, but anti-virus and anti-spyware definitions have also been deleted. You suspect that this situation has arisen due to malware infection. Which of the following types of malware is the most likely cause of the issue?

You work as the Network Administrator of TechJobs. You implement a security policy, to be in effect at all times, on the client computer in your network. While troubleshooting, assistant administrators often change security settings on the network. You want the security policy to be reapplied after changes have been made. How can you automate this task? (Click the Exhibit button on the toolbar to see the case study.)

Which of the following policies define how Identification and Authorization occur and determine access control, audits, and network connectivity?

What are packet sniffers?

You work as a Network Administrator for ABC Inc. The company uses a secure wireless network.

John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?

Which of the following protocols implements VPN using IPSec?

Which of the following are the levels of public or commercial data classification system?

Each correct answer represents a complete solution. Choose all that apply.

The executive team wants you to track labor costs for your project as well as progress on task completion and the resulting dates. What information must you update for tasks to provide this information?

You work as a Network Administrator for McRoberts Inc. You are required to upgrade a client computer on the company's network to Windows Vista Ultimate. During installation, the computer stops responding, and the screen does not change. What is the most likely cause?

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

You discover that someone has been logging onto your network after office hours. After investigating this you find the login belongs to someone who left the company 12 months ago. What would have been the best method to prevent this?

Which of the following statements are true about TCP/IP model?

Each correct answer represents a complete solution. Choose all that apply.

You are concerned about an attacker being able to get into your network. You want to make sure that you are informed of any network activity that is outside normal parameters. What is the best way to do this?

The IT Director of the company is very concerned about the security of the network. Which audit policy should he implement to detect possible intrusions into the network? (Click the Exhibit button on the toolbar to see the case study.)

You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of ____.

Which of the following are parts of applying professional knowledge? Each correct answer represents a complete solution. Choose all that apply.

You work in a company that accesses the Internet frequently. This makes the company's files susceptible to attacks from unauthorized access. You want to protect your company's network from external attacks. Which of the following options will help you in achieving your aim?

Which of the following protocols is used to prevent switching loops in networks with redundant switched paths?

Which of the following are the types of Intrusion detection system?

You are responsible for virus protection for a large college campus. You are very concerned that your antivirus solution must be able to capture the latest virus threats. What sort of virus protection should you implement?

What is VeriSign?

You are the Network Administrator for a bank. You discover that someone has logged in with a user account access, but then used various techniques to obtain access to other user accounts. What is this called?

Which of the following Windows Security Center features is implemented to give a logical layer protection between computers in a networked environment?

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?

Which of the following devices or hardware parts employs SMART model system as a monitoring system?

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

Which of the following are the benefits of information classification for an organization?

Which of the following statements about a brute force attack is true?

Peter, a malicious hacker, wants to perform an attack. He first compromises computers distributed across the internet and then installs specialized software on these computers. He then instructs the compromised hosts to execute the attack. Every host can then be used to launch its own attack on the target computers. Which of the following attacks is Peter performing?

You are the project manager for a software technology company. You and the project team have identified that the executive staff is not fully committed to the project. Which of the following best describes the risk?

You work as an Application Developer for uCertify Inc. The company uses Visual Studio .NET Framework 3.5 as its application development platform. You are working on a WCF service. You have decided to implement transport level security. Which of the following security protocols will you use?

You work as a Software Developer for uCertify Inc. The company has several branches worldwide. The company uses Visual Studio.NET 2005 as its application development platform. You have recently finished the development of an application using .NET Framework 2.0. The application can be used only for cryptography. Therefore, you have implemented the application on a computer. What will you call the computer that implemented cryptography?

You have purchased a wireless router for your home network. What will you do first to enhance the security?

You work as the Security Administrator for Prodotxiss Inc. You want to ensure the security of your Wi-Fi enterprise network against the wireless snooping attacks. Which of the following measures will you take over the site network devices of the network?

You work as the project manager for Bluewell Inc. Your project has several risks that will affect several stakeholder requirements. Which project management plan will define who will be available to share information on the project risks?

You are the Network Administrator for a software development company. Your company creates various utilities and tools. You have noticed that some of the files your company creates are getting deleted from systems. When one is deleted, it seems to be deleted from all the computers on your network. Where would you first look to try and diagnose this problem?

John is a merchant. He has set up a LAN in his office. Some important files are deleted as a result of virus attack. John wants to ensure that it does not happen again. What will he use to protect his data from virus?

Which of the following wireless security features provides the best wireless security mechanism?

The Intrusion Detection System (IDS) instructs the firewall to reject any request from a particular IP address if the network is repeatedly attacked from this address. What is this action known as?