New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GSLC - GIAC Security Leadership Certification (GSLC)

GIAC GSLC Premium Access     Download Demo    
Page: 9 / 12
Total 567 questions

Which of the following uses a variable-length Initialization Vector (IV), where the encrypted data begins?

A.

DES-OFB

B.

DES-ECB

C.

DES-CBC

D.

DES-CFB

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?

Each correct answer represents a complete solution. Choose two.

A.

Secret

B.

Synchronous

C.

Asymmetric

D.

Symmetric

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?

Each correct answer represents a complete solution. Choose two.

A.

Attacker can use the Ping Flood DoS attack if WZC is used.

B.

Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.

C.

Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.

D.

It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.

Which type of DNS zone is a read-only copy of the primary DNS zone?

A.

Secondary DNS zone

B.

Primary DNS zone

C.

Stub DNS zone

D.

SOA DNS zone

Which of the following viruses replaces the boot sector data with its own malicious code?

A.

Chernobyl

B.

Explore.Zip

C.

MBR

D.

Nimda

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server.

Now, he suggests some countermeasures to avoid such brute force attacks on the We-are-secure server. Which of the following are countermeasures against a brute force attack?

Each correct answer represents a complete solution. Choose all that apply.

A.

The site should force its users to change their passwords from time to time.

B.

The site should use CAPTCHA after a specific number of failed login attempts.

C.

The site should increase the encryption key length of the password.

D.

The site should restrict the number of login attempts to only three times.

You are the Administrator of a Windows 2000 based network for Info Tech Inc. You install and configure Certificate Authorities (CAs) on the network. You are currently configuring the public key group policy for the domain.

You configure the group policy to specify automatic enrollment and renewal for certificates. But when you attempt to test this configuration, you find that the enrollment is not working properly.

What is the most likely cause?

A.

The group policy is not enabled for the domain.

B.

You failed to add the CA certificate to the trusted root certification authorities container.

C.

Certificate enrollment and renewal is not enabled for the group policy.

D.

An enterprise CA is not online.

Which of the following encrypts its code differently with each infection or generation of infections?

A.

Boot sector virus

B.

Stealth virus

C.

Polymorphic virus

D.

Macro virus

Which of the following terms refers to a prolonged loss of power?

A.

Spike

B.

Brownout

C.

Surge

D.

Blackout

You are the Network Administrator for a company that does a large amount of defense contract business.

A high level of security, particularly regarding sensitive documents, is required. Which of the following steps will you take to secure network printers?

Each correct answer represents a complete solution. Choose two.

A.

Remove the printers from the network and not allow remote printing.

B.

Ensure that the printers hard drive is scanned for spyware.

C.

Secure all remote administrative protocols such as telnet.

D.

Limit the size of print jobs on the printer.

E.

Do not allow duplicate print jobs.

What course of action can be taken by a party if the current negotiations fail and an agreement cannot be reached?

A.

BATNA

B.

Bias

C.

ZOPA

D.

PON

Which of the following would allow you to automatically close connections or restart a server or service when a DoS attack is detected?

A.

Active IDS

B.

Passive IDS

C.

Network-based IDS

D.

Signature-based IDS

In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?

A.

In person attack

B.

Third-party authorization attack

C.

Important user posing attack

D.

Impersonation attack

Which of the following processes is described in the statement below?

"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

A.

Identify Risks

B.

Perform Quantitative Risk Analysis

C.

Perform Qualitative Risk Analysis

D.

Monitor and Control Risks

Which of the following tools can be used to automate the MITM attack?

A.

Airjack

B.

Kismet

C.

IKECrack

D.

Hotspotter