Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GISF - GIAC Information Security Fundamentals

Page: 5 / 10
Total 333 questions

You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of ____.

A.

Bribery

B.

Irresponsible practice

C.

Illegal practice

D.

Conflict of interest

You work as an Application Developer for uCertify Inc. The company uses Visual Studio .NET Framework 3.5 as its application development platform. You are working on a WCF service. You have decided to implement transport level security. Which of the following security protocols will you use?

A.

Kerberos

B.

HTTPS

C.

RSA

D.

IPSEC

You are the project manager for a software technology company. You and the project team have identified that the executive staff is not fully committed to the project. Which of the following best describes the risk?

A.

Residual risks

B.

Trend analysis

C.

Schedule control

D.

Organizational risks

Which of the following protocols is used to prevent switching loops in networks with redundant switched paths?

A.

Cisco Discovery Protocol (CDP)

B.

Spanning Tree Protocol (STP)

C.

File Transfer Protocol (FTP)

D.

VLAN Trunking Protocol (VTP)

The IT Director of the company is very concerned about the security of the network. Which audit policy should he implement to detect possible intrusions into the network? (Click the Exhibit button on the toolbar to see the case study.)

A.

The success and failure auditing for policy change.

B.

The success and failure auditing for process tracking.

C.

The success and failure auditing for logon events.

D.

The success and failure auditing for privilege use.

John is a merchant. He has set up a LAN in his office. Some important files are deleted as a result of virus attack. John wants to ensure that it does not happen again. What will he use to protect his data from virus?

A.

Antivirus

B.

Backup

C.

Symmetric encryption

D.

Firewall

Which of the following types of attack can guess a hashed password?

A.

Teardrop attack

B.

Evasion attack

C.

Denial of Service attack

D.

Brute force attack

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

A.

Packet filtering

B.

Firewall

C.

Intrusion detection system (IDS)

D.

Demilitarized zone (DMZ)

Fred is the project manager for the TCC Company. His company has an internal policy that states each year they will provide free services to a nonprofit organization. Therefore, the company and its employees are not allowed to charge or receive money or gifts from the nonprofit organization they choose to provide free services. This year, the TCC Company offers to provide project management services to the children's hospital for a marketing campaign to raise money. Due to the TCC Company's project management services, the nonprofit agency exceeded previous years fund raising efforts. To show appreciation the nonprofit organization offered to reimburse the project manager for his travel expenses. Which of the following best describes how the project manager should handle the situation?

A.

Say thank you and let them pay for the travel, it is the least they can do.

B.

Tell the hospital no thank you and explain it is against company policy to accept payment for services provided to their pro bono customers.

C.

Say nothing as to not hurt the feelings of the children's hospital.

D.

Ask if the hospital could pay for some of the supplies too.

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

A.

Data encrypted with the secret key can only be decrypted by another secret key.

B.

The secret key can encrypt a message, and anyone with the public key can decrypt it.

C.

Data encrypted by the public key can only be decrypted by the secret key.

D.

The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithms.