Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GISF - GIAC Information Security Fundamentals

GIAC GISF Premium Access     Download Demo    
Page: 8 / 10
Total 333 questions

You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:

The information has proved beneficial to another company.

The other company is located about 340 feet away from your office.

The other company is also using wireless network.

The bandwidth of your network has degraded to a great extent.

Which of the following methods of attack has been used?

A.

A piggybacking attack has been performed.

B.

The information is traced using Bluebugging.

C.

A DOS attack has been performed.

D.

A worm has exported the information.

Which of the following are the goals of the cryptographic systems?

Each correct answer represents a complete solution. Choose three.

A.

Availability

B.

Authentication

C.

Confidentiality

D.

Integrity

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

A.

Corrective controls

B.

Detective controls

C.

Safeguards

D.

Preventive controls

Kelly is the project manager of the NNQ Project for her company. This project will last for one year and has a budget of $350,000. Kelly is working with her project team and subject matter experts to begin the risk response planning process. When the project manager begins the plan risk response process, what two inputs will she need?

A.

Risk register and the results of risk analysis

B.

Risk register and the risk response plan

C.

Risk register and the risk management plan

D.

Risk register and power to assign risk responses

You work as the Senior Project manager in Dotcoiss Inc. Your company has started a software project using configuration management and has completed 70% of it. You need to ensure that the network infrastructure devices and networking standards used in this project are installed in accordance with the requirements of its detailed project design documentation. Which of the following procedures will you employ to accomplish the task?

A.

Physical configuration audit

B.

Configuration control

C.

Functional configuration audit

D.

Configuration identification

Which of the following provides a credential that can be used by all Kerberos-enabled servers and applications?

A.

Remote Authentication Dial In User Service (RADIUS)

B.

Internet service provider (ISP)

C.

Network Access Point (NAP)

D.

Key Distribution Center (KDC)

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

A.

Public key

B.

Digital certificates

C.

Twofish

D.

RSA

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

A.

IPChains

B.

OpenSSH

C.

Stunnel

D.

IPTables

Which of the following techniques allows an attacker to take network traffic coming towards a host at one port and redirect it from that host to another host?

A.

Blackbox testing

B.

Firewalking

C.

Brainstorming

D.

Port redirection

Which of the following protocols provides secured transaction of data between two computers?

A.

SSH

B.

FTP

C.

Telnet

D.

RSH