Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GSLC - GIAC Security Leadership Certification (GSLC)

GIAC GSLC Premium Access     Download Demo    
Page: 11 / 12
Total 567 questions

You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

A.

Mail bombing

B.

Distributed denial of service (DDOS) attack

C.

Brute force attack

D.

Malware installation from unknown Web sites

Which of the following uses public key cryptography to encrypt the contents of files?

A.

NTFS

B.

DFS

C.

RFS

D.

EFS

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you take to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

Implement the IEEE 802.1X authentication for the wireless network.

B.

Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.

C.

Implement the open system authentication for the wireless network.

D.

Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

E.

Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

A.

Configuration Identification

B.

Configuration Item Costing

C.

Configuration Status Accounting

D.

Configuration Verification and Auditing

The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

A.

Building up an incident response kit

B.

Setting up the initial position after an incident

C.

Working with QA to validate security of the enterprise

D.

Organizing a solution to remove an incident

Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

A.

Corroborating

B.

Direct

C.

Circumstantial

D.

Incontrovertible

Jacob is worried about sniffing attacks and wants to protect his SMTP transmissions from this attack. What can he do to accomplish this?

A.

Use an SSL certificate.

B.

Use EFS.

C.

Use a proxy server.

D.

Use a firewall.

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

A.

Intrusion detection system (IDS)

B.

Firewall

C.

Demilitarized zone (DMZ)

D.

Packet filtering

Which of the following viruses infects multiple targets?

A.

Macro virus

B.

Multipartite virus

C.

Polymorphic virus

D.

Stealth virus

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the following is the required information that you will need to configure the client computer?

Each correct answer represents a part of the solution. Choose two.

A.

WEP key

B.

IP address of the router

C.

MAC address of the router

D.

SSID of the WLAN

Which of the following sections come under the ISO/IEC 27002 standard?

A.

Financial assessment

B.

Security policy

C.

Risk assessment

D.

Asset management

Which of the following statements about front door attack is true?

A.

In this type of attack, the hacker sends more traffic to a network address than the buffer can handle.

B.

This type of attack uses a dictionary of common words to find out the password of a user.

C.

This type of attack is used to sniff passwords or information from a legitimate transaction to be used for the hacker's advantage.

D.

In this type of attack, the hacker has all the correct information to get into a system and does not have to perform any additional task to get that information.

John works as an IT Technician for PassGuide Inc. One morning, John receives an e-mail from the company's Manager asking him to provide his logon ID and password, but the company policy restricts users from disclosing their logon IDs and passwords. Which type of possible attack is this?

A.

Social engineering

B.

Replay attack

C.

Trojan horse

D.

DoS

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

A.

Electronic Communications Privacy Act of 1986

B.

Wiretap Act

C.

Computer Fraud and Abuse Act

D.

Economic Espionage Act of 1996

You work as a project manager for BlueWell Inc. You are working with your team members on the risk responses in the project. Which risk response will likely cause a project to use the procurement processes?

A.

Mitigation

B.

Acceptance

C.

Exploiting

D.

Sharing