Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GISF - GIAC Information Security Fundamentals

GIAC GISF Premium Access     Download Demo    
Page: 3 / 10
Total 333 questions

The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for uCertify Software Systems Pvt. Ltd.?

(Click the Exhibit button on the toolbar to see the case study.)

A.

Providing secure communications between Washington and the headquarters office.

B.

Implementing Certificate services on Texas office.

C.

Preventing denial-of-service attacks.

D.

Ensuring secure authentication.

E.

Preventing unauthorized network access.

F.

Providing two-factor authentication.

G.

Protecting employee data on portable computers.

What are the benefits of using a proxy server on a network?

Each correct answer represents a complete solution. Choose all that apply.

A.

It enhances network security.

B.

It uses a single registered IP address for multiple connections to the Internet.

C.

It cuts down dial-up charges.

D.

It is used for automated assignment of IP addresses to a TCP/IP client in the domain.

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.

A.

Dictionary attack

B.

Rule based attack

C.

Brute Force attack

D.

Hybrid attack

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

A.

Availability

B.

Integrity

C.

Confidentiality

D.

Authenticity

Which of the following is used to determine whether or not a principal is allowed to perform a requested action?

A.

Authentication

B.

Security policy

C.

Authorization

D.

Principal

Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

A.

Preparation phase

B.

Eradication phase

C.

Differential phase

D.

Identification phase

Which of the following are used as primary technologies to create a layered defense for giving protection to a network?

Each correct answer represents a complete solution. Choose all that apply.

A.

Vulnerability

B.

Firewall

C.

Endpoint authentication

D.

IDS

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

A.

Web ripping

B.

Email spoofing

C.

Steganography

D.

Social engineering

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

Cookies folder

B.

Temporary Internet Folder

C.

Download folder

D.

History folder

Firekiller 2000 is an example of a __________.

A.

DoS attack Trojan

B.

Data sending Trojan

C.

Remote access Trojan

D.

Security software disabler Trojan