Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCFW - GIAC Certified Firewall Analyst

GIAC GCFW Premium Access     Download Demo    
Page: 8 / 12
Total 391 questions

Passive OS fingerprinting (POSFP) is configured in an organization's network in order to improve the alert output by reporting some information. Which of the following information does it include?

Each correct answer represents a part of the solution. Choose all that apply.

A.

Source of the OS identification

B.

Relevancy to the victim in the alert

C.

Network security device

D.

Victim OS

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?

Each correct answer represents a complete solution. Choose all that apply.

A.

DES

B.

IDEA

C.

Blowfish

D.

RC4

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

A.

IPChains

B.

Stunnel

C.

IPTables

D.

OpenSSH

Which of the following responsibilities does not come under the audit process?

Each correct answer represents a complete solution. Choose all that apply.

A.

Reporting all facts and circumstances of the irregular and illegal acts.

B.

Reviewing the results of the audit procedures.

C.

Planning the IT audit engagement based on the assessed level of risk.

D.

Applying security policies.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to send malicious data packets in such a manner that one packet fragment overlaps data from a previous fragment so that he can perform IDS evasion on the We-are-secure server and execute malicious data. Which of the following tools can he use to accomplish the task?

A.

Hunt

B.

Ettercap

C.

Alchemy Remote Executor

D.

Mendax

Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

A.

Endian firewall

B.

Proxy-based firewall

C.

Stateful firewall

D.

Packet filter firewall

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).

What attack will his program expose the Web application to?

A.

Sequence++ attack

B.

SQL injection attack

C.

Cross Site Scripting attack

D.

Format string attack

Which of the following types of Intrusion Detection Systems consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications (binaries, password files, capability/acl databases) and other host activities and state?

A.

PIDS

B.

APIDS

C.

HIDS

D.

NIDS

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter?

A.

PIX firewall

B.

Virtual firewall

C.

Stateful packet filter firewall

D.

Stateless packet filter firewall

Fill in the blank with the appropriate tool name.

______________ is a network protocol analyzer tool that is used to capture packet data from an existing network or examine packet data from a pre-saved file.