Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GISF - GIAC Information Security Fundamentals

GIAC GISF Premium Access     Download Demo    
Page: 1 / 10
Total 333 questions

Which of the following statements are true about security risks? Each correct answer represents a complete solution. Choose three.

A.

They are considered an indicator of threats coupled with vulnerability.

B.

They can be mitigated by reviewing and taking responsible actions based on possible risks.

C.

They can be removed completely by taking proper actions.

D.

They can be analyzed and measured by the risk analysis process.

John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

Samhain

B.

SARA

C.

Snort

D.

Tripwire

Which of the following is an examination of the controls within an Information technology (IT) infrastructure?

A.

Risk analysis

B.

ITIL

C.

ADP audit

D.

SMART

Which of the following refers to the ability to ensure that the data is not modified or tampered with?

A.

Availability

B.

Integrity

C.

Confidentiality

D.

Non-repudiation

Which of the following best describes the identification, analysis, and ranking of risks?

A.

Design of experiments

B.

Fast tracking

C.

Fixed-price contracts

D.

Plan Risk management

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:

Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'

This error message shows that the We-are-secure Website is vulnerable to __________.

A.

A buffer overflow

B.

An XSS attack

C.

A Denial-of-Service attack

D.

A SQL injection attack

You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

A.

Examining your firewall logs

B.

Examining your DNS Server logs

C.

Examining your domain controller server logs

D.

Examining your antivirus logs

You work as a Product manager for Marioiss Inc. You have been tasked to start a project for securing the network of your company. You want to employ configuration management to efficiently manage the procedures of the project. What will be the benefits of employing configuration management for completing this project?

Each correct answer represents a complete solution. Choose all that apply.

A.

It provides the risk analysis of project configurations.

B.

It provides object, orient, decide and act strategy.

C.

It provides the versions for network devices.

D.

It provides a live documentation of the project.

Which of the following refers to the process of verifying the identity of a person, network host, or system process?

A.

Hacking

B.

Authentication

C.

Packet filtering

D.

Auditing

Which of the following types of firewall functions at the Session layer of OSI model?

A.

Circuit-level firewall

B.

Application-level firewall

C.

Switch-level firewall

D.

Packet filtering firewall