Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC G2700 - GIAC Certified ISO-2700 Specialist Practice Test

GIAC G2700 Premium Access     Download Demo    
Page: 5 / 14
Total 453 questions

You work as a Security Administrator for uCertify Inc. You are working on the disaster recovery plan (DRP) for IT related infrastructure recovery / continuity. Which of the following should you include in your plan?

Each correct answer represents a complete solution. Choose all that apply.

A.

Resumption of hardware

B.

Resumption of data

C.

Resumption of sales

D.

Resumption of applications

John works as a Security Administrator for uCertify Inc. As per his past experience, he wants to make a policy stating that any hardware devices containing information about the organization should be destroyed properly before they are thrown. After applying this policy, John will be able to ensure that the information on the devices will not fall into the hands of unauthorized persons after properly discarding the devices. Which of the following types of policies is John going to create?

A.

Due Care

B.

Disposal and destruction

C.

Privacy

D.

Security

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

A.

RAID-10

B.

RAID-1

C.

RAID-5

D.

RAID-0

Drop the appropriate value to complete the formula.

A.

Which of the following activities are performed by the 'Do' cycle component of PDCA (plan-docheck- act)?

Each correct answer represents a complete solution. Choose all that apply.

A.

It manages resources that are required to achieve a goal.

B.

It determines controls and their objectives.

C.

It performs security awareness training.

D.

It detects and responds to incidents properly.

E.

It operates the selected controls.

Which of the following statements is true about residual risks?

A.

It is a weakness or lack of safeguard that can be exploited by a threat.

B.

It is the probabilistic risk after implementing all security measures.

C.

It can be considered as an indicator of threats coupled with vulnerability.

D.

It is the probabilistic risk before implementing all security measures.

Which of the following statements is true about exposure factor?

A.

It is defined as the cost related to a single realized risk against a particular asset.

B.

It is defined as the yearly cost of all instances of a particular threat against a particular ass et.

C.

It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year.

D.

It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk.

In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem.

A.

Impersonation attack

B.

Reverse social engineering attack

C.

Important user posing attack

D.

In person attack

You work as a Security Administrator for uCertify Inc. You have been assigned the task to apply a data availability solution based on a striped disk array without redundancy. Which of the following will you use to accomplish the task?

A.

RAID 5

B.

RAID 0

C.

RAID 1

D.

RAID 3/4

Which of the following tools can be used to detect steganography?

A.

Blindside

B.

Snow

C.

Dskprobe