Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCFW - GIAC Certified Firewall Analyst

GIAC GCFW Premium Access     Download Demo    
Page: 11 / 12
Total 391 questions

Which of the following wireless security policies helps to prevent the wireless enabled laptops from peer-topeer attacks when the laptops are used in public access network?

A.

Use protocol analyzer

B.

Use firewall

C.

Use Port Address Translation

D.

Use security protocols

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

A.

Packet filtering

B.

Firewall

C.

Demilitarized zone (DMZ)

D.

Intrusion detection system (IDS)

Rick works as the Security Manager for TechPerfect Inc. He wants to continue the evaluation of rules according to the ordered list to identify matches even if a match is found. Which of the following rulebases will he use to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

IDP rulebase

B.

Backdoor rulebase

C.

Terminal rulebase

D.

Nonterminal rulebase

An organization has more than a couple of external business, and exchanges dynamic routing information with the external business partners. The organization wants to terminate all routing from a partner at an edge router, preferably receiving only summary routes from the partner. Which of the following will be used to change all partner addresses on traffic into a range of locally assigned addresses?

A.

Firewall

B.

IPsec

C.

ACL

D.

NAT

Choose the best explanation for the resulting error when entering the command below.

A.

The command is attempting to create a standard access list with extended access list param eters.

B.

The ACL commands should be entered from the (config-router) configuration mode.

C.

The wildcard mask is not provided for the source and destination addresses.

D.

The port number given does not correspond with the proper transport protocol.

John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?

A.

ARP spoofing

B.

DoS attack

C.

Rainbow attack

D.

Replay attack

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

A.

Netresident

B.

Snort

C.

Wireshark

D.

NetWitness

You are tasked with configuring your routers with a minimum security standard that includes the following:

l A local Username and Password configured on the router

l A strong privilege mode password

l Encryption of user passwords

l Configuring telnet and ssh to authenticate against the router user database

Choose the configuration that best meets these requirements.

A.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login

B.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

C.

RouterA(config)#service enable-password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login user

D.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable password n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

Secure Shell (SSH) is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Which of the following features are supported by Secure Shell?

Each correct answer represents a complete solution. Choose all that apply.

A.

SSH can transfer files using the associated HTTP or FTP protocols.

B.

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding TCP ports and X11 connections.

C.

SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.

D.

SSH uses the client-server model.

Which of the following is a version of netcat with integrated transport encryption capabilities?

A.

Encat

B.

Nikto

C.

Cryptcat

D.

Socat