GIAC GISP Questions And Answers, Most Popular GIAC GISP Exam With The Knowledge And Skills

GOOD NEWS: All the new GIAC GISP  exam questions and answers can get in VCE and PDF format for free on Flydumps.com With Flydumps GIAC GISP practice tests, you will pass the exam easily! Free download GIAC GISP exam questions vce player all the time.

QUESTION NO: 201
Which of the following types of computers is used for attracting potential intruders?
A. Honey pot
B. Bastion host
C. Data pot
D. Files pot
Answer: A

QUESTION NO: 202
You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?
A. Only users within the company.
B. Anyone can authenticate.
C. Only users with the correct WEP key.
D. Only the administrator.
Answer: C

QUESTION NO: 203
Which of the following terms is used for the process of securing a system or a device on a network infrastructure?
A. Sanitization
B. Cryptography

C. Hardening
D. Authentication
Answer: C

QUESTION NO: 204
Which of the following statements about Dynamic Host Configuration Protocol (DHCP) are true?
Each correct answer represents a complete solution. Choose two.
A. It is used to provide host name resolution in a TCP/IP-based network.
B. It is used to dynamically assign IP addresses to computers.
C. It reduces the complexity of managing network client IP address configuration.
D. It reduces the risk of a denial of service (DoS) attack.
Answer: B,C

QUESTION NO: 205
Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?
Each correct answer represents a complete solution. Choose two.
A. Data service
B. Account service
C. Ticket-granting service
D. Authentication service
Answer: C,D
QUESTION NO: 206
Which of the following is used for secure financial transactions over the Internet?
A. VPN

B. ATM
C. SSL
D. SET

Answer: D
QUESTION NO: 207
Which of the following encryption algorithms are based on stream ciphers?
Each correct answer represents a complete solution. Choose two.
A. RC4
B. FISH
C. Blowfish
D. Twofish
Answer: A,B
QUESTION NO: 208
Which of the following is the most secure policy for a firewall?
A. Passing all packets unless they are explicitly rejected.
B. Enabling all internal interfaces.
C. Blocking all packets unless they are explicitly permitted.
D. Disabling all external interfaces.
Answer: C

QUESTION NO: 209
Which of the following is an attack with IP fragments that cannot be reassembled?
A. Teardrop attack
B. Dictionary attack
C. Password guessing attack
D. Smurf attack
Answer: A QUESTION NO: 210

You work as a Web Developer for WebCrunch Inc. You create a web site that contains information about the company’s products and services. The web site is to be used by the company’s suppliers only. Which of the following options will you use to specify the nature of access to the web site?
A. Intranet
B. Internet and Intranet
C. Internet
D. Extranet
Answer: D
QUESTION NO: 211
Which of the following statements about buffer overflow are true?
Each correct answer represents a complete solution. Choose two.
A. It is a situation that occurs when a storage device runs out of space.
B. It can terminate an application.
C. It can improve application performance.
D. It is a situation that occurs when an application receives more data than it is configured to accept
Answer: B,D
QUESTION NO: 212
Which of the following ports is used by a BOOTP server?
A. UDP port 389
B. UDP port 67
C. TCP port 80
D. TCP port 110
Answer: B QUESTION NO: 213
Which of the following protocols uses TCP port 22 as the default port and operates at the application layer?
A. Secure Sockets Layer (SSL)
B. Secure Shell (SSH)
C. Post Office Protocol version 3 (POP3)
D. Trivial File Transfer Protocol (TFTP)
Answer: B
QUESTION NO: 214
Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?
A. ARP
B. TCP
C. ICMP
D. IGMP
Answer: D
QUESTION NO: 215
Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?
A. EAP
B. CHAP
C. MS-CHAP v2
D. PAP

Answer: A

QUESTION NO: 216

Which of the following performs packet screening for security on the basis of port numbers?
A. Switch
B. DNS
C. Hub
D. Firewall
Answer: D
QUESTION NO: 217
Which of the following are man-made threats that an organization faces?
Each correct answer represents a complete solution. Choose three.
A. Frauds
B. Strikes
C. Employee errors
D. Theft
Answer: A,C,D

QUESTION NO: 218
In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone’s DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?
Each correct answer represents a complete solution. Choose all that apply.
A. Dig
B. NSLookup
C. DSniff
D. Host

Answer: A,B,D

QUESTION NO: 219
Which of the following security models deal only with integrity?
Each correct answer represents a complete solution. Choose two.
A. Biba
B. Bell-LaPadula
C. Biba-Wilson
D. Clark-Wilson
Answer: A,D

QUESTION NO: 220
In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?
A. Fragmentation overlap attack
B. Evasion attack
C. Fragmentation overwrite attack
D. Insertion attack

Answer: D
QUESTION NO: 221
Which of the following services does Internet Information Server (IIS) provide along with HTTP?
Each correct answer represents a complete solution. Choose three.
A. SMTP
B. FTP C.PPTP D.NNTP
Answer: A,B,D QUESTION NO: 222

Which of the following are the responsibilities of a custodian with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose three.
A. Running regular backups and routinely testing the validity of the backup data
B. Performing data restoration from the backups when necessary
C. Controlling access, adding and removing privileges for individual users
D. Determining what level of classification the information requires
Answer: A,B,C
QUESTION NO: 223
Which of the following statements about Microsoft hotfix are true?
Each correct answer represents a complete solution. Choose two.
A. It is the term used by Microsoft for major service pack releases.
B. It is generally related to security problems.
C. It is a collection of files used by Microsoft for software updates released between major service pack releases.
D. It is generally related to the problems of a Web server’s performance.
Answer: B,C

QUESTION NO: 224
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the default port values of the services, which of the following services is running on UDP port 137?
A. HTTPS
B. HTTP
C. TELNET

D. NetBIOS
Answer: D
QUESTION NO: 225
Which of the following tools is used for breaking digital watermark?
A. TRACERT
B. Trin00
C. Fpipe
D. 2Mosaic
Answer: D
QUESTION NO: 226
Which of the following are used to suppress electrical and computer fires?
Each correct answer represents a complete solution. Choose two.
A. Halon
B. Soda acid
C. CO2
D. Water
Answer: A,C
QUESTION NO: 227
Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
A. Building Risk free systems
B. Assuring the integrity of organizational data
C. Risk control
D. Risk identification

Answer: C,D
QUESTION NO: 228
Which of the following records is the first entry in a DNS database file?
A. SRV
B. CNAME
C. MX
D. SOA
Answer: D
QUESTION NO: 229
Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?
A. Employees
B. Hackers
C. Visitors
D. Customers
Answer: A
QUESTION NO: 230
Which of the following types of coaxial cable is used for cable TV and cable modems?
A. RG-62
B. RG-59
C. RG-8
D. RG-58
Answer: B QUESTION NO: 231
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
A. Cryptanalysis
B. Kerberos
C. Cryptographer
D. Cryptography
Answer: A
QUESTION NO: 232
Which of the following is used by the Diffie-Hellman encryption algorithm?
A. Password
B. Access control entry
C. Key exchange
D. Access control list
Answer: C

QUESTION NO: 233
Which of the following provides secure online payment services?
A. CA
B. IEEE
C. ACH
D. ICSA
Answer: C
QUESTION NO: 234
John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide’s server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

A. TCP SYN
B. TCP SYN/ACK
C. TCP FIN
D. Xmas tree
Answer: A
QUESTION NO: 235
Which of the following statements about the Instant messaging programs are true?
Each correct answer represents a complete solution. Choose all that apply.
A. Most of the programs have no encryption facility.
B. They allow effective and efficient communication and immediate receipt of reply.
C. They provide secure password management.
D. They can bypass corporate firewalls.

Answer: A,B,D
QUESTION NO: 236
Which of the following tools is used to flood the local network with random MAC addresses?
A. NETSH
B. NMAP
C. Port scanner
D. Macof
Answer: D
QUESTION NO: 237
Mark works as a Webmaster for Infonet Inc. He sets up an e-commerce site. He wants to accept online payments through credit cards on this site. He wants the credit card numbers to be encrypted. What will Mark do to accomplish the task?

The Oracle 1Z0-051 study materials are followed at some levels to test the skills which are required for the information technology companies. The flydumps GIAC GISP test questions are must for you to get the GIAC GISP exam and it helps to become an expert database administrator. Flydumps GIAC GISP study materials are providing the ways for solving the troubleshooting problems in the operating systems. The GIAC GISP certification exam preparation will be helpful for you to solve the complex problems in the information technology companies. GIAC GISP study materials guide you to develop the projects or infrastructures. Flydumps GIAC GISP test questions provide the ways for planning, configuring and operational technologies that are suitable for the information technology sectors.

Welcome to download the newest Pass4itsure 1Z0-520 dumps: http://www.pass4itsure.com/1Z0-520.html

Leave a Reply

Your email address will not be published. Required fields are marked *