Cyber Monday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GSEC - GIAC Security Essentials

GIAC GSEC Premium Access     Download Demo    
Page: 2 / 12
Total 385 questions

What security practice is described by NIST as the application of science to the identification, collection, examination, and analysis of data while maintaining data integrity and chain of custody?

A.

Digital forensics

B.

Vulnerability Assessments

C.

Penetration Tests

D.

Incident Response

A security analyst has entered the following rule to detect malicious web traffic:

alert tcp any -> 192.168.1.0/24 SO (msg: Attempted SQL Injection!"; sld:20000O01;)

How can this rule be changed to reduce false positives?

A.

Change the rule to make it apply bi -directional to source and destination

B.

Add more detail in the rule to make it more specific to the attack pattern

C.

Add an additional rule to apply to destination port 443 as well as 80

D.

Make the IP range more general so that it applies to all webservers

Which of the following protocols implements VPN using IPSec?

A.

SLIP

B.

PPP

C.

L2TP

D.

PPTP

Which of the following is NOT a recommended best practice for securing Terminal Services and Remote Desktop?

A.

Require TLS authentication and data encryption whenever possible.

B.

Make sure to allow all TCP 3389 traffic through the external firewall.

C.

Group Policy should be used to lock down the virtual desktops of thin-client users.

D.

Consider using IPSec or a VPN in addition to the RDP encryption if you are concerned about future RDP vulnerabilities.

Which of the following statements best describes where a border router is normally placed?

A.

Between your firewall and your internal network

B.

Between your firewall and DNS server

C.

Between your ISP and DNS server

D.

Between your ISP and your external firewall

Which of the following is a type of countermeasure that can be deployed to ensure that a threat vector does not meet a vulnerability?

A.

Prevention controls

B.

Detection controls

C.

Monitoring controls

D.

Subversive controls

Which of the following is a name, symbol, or slogan with which a product is identified?

A.

Copyright

B.

Trademark

C.

Trade secret

D.

Patent

You work as a Network Administrator for NetTech Inc. To ensure the security of files, you encrypt data files using Encrypting File System (EFS).

You want to make a backup copy of the files and maintain security settings. You can backup the files either to a network share or a floppy disk. What will you do to accomplish this?

A.

Copy the files to a network share on an NTFS volume.

B.

Copy the files to a network share on a FAT32 volume.

C.

Place the files in an encrypted folder. Then, copy the folder to a floppy disk.

D.

Copy the files to a floppy disk that has been formatted using Windows 2000 Professional.

Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

A.

Hardening

B.

Authentication

C.

Cryptography

D.

Sanitization

Which of the following statements about Secure Sockets Layer (SSL) are true? Each correct answer represents a complete solution. Choose two.

A.

It provides communication privacy, authentication, and message integrity.

B.

It provides mail transfer service.

C.

It uses a combination of public key and symmetric encryption for security of data.

D.

It provides connectivity between Web browser and Web server.