Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test

GIAC GCIA Premium Access     Download Demo    
Page: 6 / 11
Total 508 questions

Which of the following is the primary TCP/IP protocol used to transfer text and binary files over the Internet?

A.

PPTP

B.

SNMP

C.

FTP

D.

SMTP

Which of the following tools is used to detect wireless LANs using the 802.11b, 802.11a, and 802.11g WLAN standards on the Windows platform?

A.

Cain

B.

AiroPeek

C.

NetStumbler

D.

Snort

Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?

Each correct answer represents a complete solution. Choose three.

A.

These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access.

B.

These are the threats that originate from within the organization.

C.

These are the threats intended to flood a network with large volumes of access requests.

D.

These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet.

Which of the following statements about a host-based intrusion prevention system (HIPS) are true?

Each correct answer represents a complete solution. Choose two.

A.

It can detect events scattered over the network.

B.

It can handle encrypted and unencrypted traffic equally.

C.

It cannot detect events scattered over the network.

D.

It is a technique that allows multiple computers to share one or more IP addresses.

Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

A.

Risk analysis

B.

Cryptography

C.

Firewall security

D.

OODA loop

Which of the following can be applied as countermeasures against DDoS attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Limiting the amount of network bandwidth.

B.

Blocking IP address.

C.

Using LM hashes for passwords.

D.

Using Intrusion detection systems.

E.

Using the network-ingress filtering.

Which of the following is the default port for File Transport Protocol (FTP)?

A.

21

B.

25

C.

23

D.

80

You work as a professional Computer Hacking Forensic Investigator. A project has been assigned to you to investigate the DoS attack on a computer network of SecureEnet Inc. Which of the following methods will you perform to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

Look for core files or crash dumps on the affected systems.

B.

Sniff network traffic to the failing machine.

C.

Seize all computers and transfer them to the Forensic lab.

D.

Look for unusual traffic on Internet connections and network segments.

Nathan works as a professional Ethical Hacker. He wants to see all open TCP/IP and UDP ports of his computer. Nathan uses the netstat command for this purpose but he is still unable to map open ports to the running process with PID, process name, and path. Which of the following commands will Nathan use to accomplish the task?

A.

ping

B.

Psloggedon

C.

Pslist

D.

fport

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

What is the IP address of the sender of this email?

A.

216.168.54.25

B.

141.1.1.1

C.

172.16.10.90

D.

209.191.91.180

Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist.

Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA, SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?

A.

ImageMASSter Solo-3

B.

ImageMASSter 4002i

C.

FireWire DriveDock

D.

Wipe MASSter

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

A.

TCP port 110

B.

TCP port 25

C.

TCP port 80

D.

UDP port 161

Which of the following utilities is used to verify the existence of a host in a network?

A.

IPCONFIG

B.

NETSTAT

C.

CHKDSK

D.

PING

With reference to the given case study, one of the security goals requires to configure a secure connection between the Boston distribution center and the headquarters. You want to implement IP filter to fulfill the security requirements. How should you implement IP filters at the headquarters?

(Click the Exhibit button on the toolbar to see the case study.)

A.

Add source filters for the headquarters for UDP port 80 and IP protocol 50.

Add destination filters for the Boston distribution center for UDP port 80 and IP protocol 50.

B.

Add source filters for the Boston distribution center for UDP port 80 and IP protocol 50.

Add destination filters for headquarters for UDP port 80 and IP protocol 50.

C.

Add source filters for the Boston distribution center for UDP port 1701 and IP protocol 50.

Add destination filters for the headquarters for UDP port 1701 and IP protocol 50.

D.

Add source filters for the headquarters for UDP port 1701 and IP protocol 50.

Add destination filters for the Boston distribution center for UDP port 1701 and IP protocol 50.

You work as a Network Administrator for Tech2tech Inc. You have configured a network-based IDS for your company.

You have physically installed sensors at all key positions throughout the network such that they all report to the command console.

What will be the key functions of the sensors in such a physical layout?

Each correct answer represents a complete solution. Choose all that apply.

A.

To collect data from operating system logs

B.

To notify the console with an alert if any intrusion is detected

C.

To analyze for known signatures

D.

To collect data from Web servers