GIAC GCFW - GIAC Certified Firewall Analyst

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.

A firewall has been configured on the network. You configure a filter on the router. You verify that SMTP operations have stopped after the recent configuration. Which of the following ports will you have to open on the router to resolve the issue?

Which of the following techniques is used to identify attacks originating from a botnet?

This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:

l It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.

l It is commonly used for the following purposes:

a. War driving

b. Detecting unauthorized access points

c. Detecting causes of interference on a WLAN

d. WEP ICV error tracking

e. Making Graphs and Alarms on 802.11 Data, including Signal Strength

This tool is known as __________.

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. You have searched all open ports of the we-are-secure server. Now, you want to perform the next information-gathering step, i.e., passive OS fingerprinting. Which of the following tools can you use to accomplish the task?

Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?

Which of the following terms is used to represent IPv6 addresses?

You work as a Firewall Analyst in the Tech Perfect Inc. The company has a Linux-based environment. You have installed and configured netfilter/iptables on all computer systems. What are the main features of netfilter/iptables?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

You work as a Security Administrator for Tech Perfect Inc. You have implemented and configured a web application security scanner in the company's network. It helps in the automated review of

the web applications with the defined purpose of discovering security vulnerabilities. In order to perform this task, the web application security scanner examines a number of vulnerabilities. What are these vulnerabilities?

Each correct answer represents a complete solution. Choose three.

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.

Which of the following attacks has been occurred on the wireless network of Adam?