Cyber Monday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GPPA - GIAC Certified Perimeter Protection Analyst

GIAC GPPA Premium Access     Download Demo    
Page: 3 / 9
Total 285 questions

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

A.

Intrusion detection system (IDS)

B.

Firewall

C.

Demilitarized zone (DMZ)

D.

Packet filtering

Jain works as a Security Manager for ABC Inc. The company has a Windows-based network.

Jain has been assigned a project to detect the services used by an attack to access the network. For this purpose, he is required to use the predefined service objects of the rulebase. This predefined service object defines the services used in the attack to access the network.

Which of the following objects will he create when he finds that the attack is not defined in the predefined service objects?

A.

Custom service objects

B.

Compound attack objects

C.

Signature attack objects

D.

Protocol anomaly attack objects

Which of the following steps are generally followed in computer forensic examinations?

Each correct answer represents a complete solution. (Choose three.)

A.

Analyze

B.

Acquire

C.

Authenticate

D.

Encrypt

In which of the following CAATs (Computer Assisted Auditing Techniques) does an auditor perform tests on computer files and databases?

A.

Parallel Simulation

B.

Custom Audit Software (CAS)

C.

Generalized Audit Software (GAS)

D.

Test Data

You work as a Network Administrator for ABC Inc. The company has a TCP/IP-based network. A Cisco switch is configured on the network. You change the original host name of the switch through the hostname command. The prompt displays the changed host name. After some time, power of the switch went off due to some reason. When power restored, you find that the prompt is displaying the old host name.

What is the most likely cause?

A.

The running-config file got corrupted.

B.

The changes were saved in running-config file.

C.

The startup-config file got corrupted.

D.

Host name cannot be changed permanently once switch is configured.

Which of the following IPv6 transition technologies is used by the DirectAccess if a user is in a remote location and a public IPv4 address, instead of public IPv6 address, has been assigned to the computer?

A.

6to4

B.

PortProxy

C.

Teredo

D.

ISATAP

Sam works as a Security Manager for ABC Inc. The company has a Windows-based network. Sam wants to prevent specific traffic from IDP processing in order to reduce false positives.

Which of the following rulebases will he use to accomplish the task?

A.

Network Honeypot rulebase

B.

Backdoor rulebase

C.

SYN Protector rulebase

D.

Exempt rulebase

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

A.

The Data-Link layer

B.

The Physical layer

C.

The Network layer

D.

The Presentation layer

Which of the following can be used to mitigate the evil twin phishing attack?

A.

Obiwan

B.

Magic Lantern

C.

SARA

D.

IPSec VPN

You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline.

This type of IDS is called __________.

A.

Signature Based

B.

Reactive IDS

C.

Anomaly Based

D.

Passive IDS