Guide de formation plus récente de HP: GIAC

显示标签为“GIAC”的博文。显示所有博文

2014年8月14日星期四

GIAC GISP GCIA, de formation et d'essai

Pass4Test est un site professionnel qui répondre les demandes de beaucoup clients. Les candidats qui ont déjà passer leurs premiers test Certification IT ont devenus les suivis de Pass4Test. Grâce à la bonne qualité des documentations, Pass4Test peut aider tous candidats à réussir le test GIAC GISP.

Les experts de Pass4Test ont fait sortir un nouveau guide d'étude de Certification GIAC GCIA, avec ce guide d'étude, réussir ce test a devenu une chose pas difficile. Pass4Test vous permet à réussir 100% le test GIAC GCIA à la première fois. Les questions et réponses vont apparaître dans le test réel. Pass4Test peut vous donner une Q&A plus complète une fois que vous choisissez nous. D'ailleurs, la mise à jour gratuite pendant un an est aussi disponible pour vous.

Nous croyons que pas mal de candidats voient les autres site web qui offrent les ressources de Q&A GIAC GCIA. En fait, le Pass4Test est le seul site qui puisse offrir la Q&A recherchée par les experts réputés dans l'Industrie IT. Grâce à la Q&A de Pass4Test impressionée par la bonne qualité, vous pouvez réussir le test GIAC GCIA sans aucune doute.

Code d'Examen: GISP
Nom d'Examen: GIAC (GIAC Information Security Professional)
Questions et réponses: 659 Q&As

Code d'Examen: GCIA
Nom d'Examen: GIAC (GIAC Certified Intrusion Analyst)
Questions et réponses: 508 Q&As

Pas besoin de beaucoup d'argent et de temps, vous pouvez passer le test GIAC GCIA juste avec la Q&A de GIAC GCIA offerte par Pass4Test qui vous offre le test simulation bien proche de test réel.

Obtenez la Q&A de test GIAC GCIA de Pass4Test plus tôt, vous pouvez réussir le test Certification GIAC GCIA plus tôt.

Dans n'importe quelle industrie, tout le monde espère une meilleure occasion de se promouvoir, surtout dans l'industrie de IT. Les professionnelles dans l'industrie IT ont envie d'une plus grande space de se développer. Le Certificat GIAC GCIA peut réaliser ce rêve. Et Pass4Test peut vous aider à réussir le test GIAC GCIA.

Vous pouvez télécharger le démo gratuit pour prendre un essai. Vous aurez plus confiance sur Pass4Test. N'hésitez plus à choisir la Q&A GIAC GCIA comme votre guide d'étude.

GCIA Démo gratuit à télécharger: http://www.pass4test.fr/GCIA.html

NO.1 Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned
to him to investigate a multimedia enabled mobile phone, which is suspected to be used in a cyber crime.
Adam uses a tool, with the help of which he can recover deleted text messages, photos, and call logs of
the mobile phone. Which of the following tools is Adam using?
A. FAU
B. FTK Imager
C. Galleta
D. Device Seizure
Answer: D

certification GIAC   GCIA   GCIA examen   GCIA examen

NO.2 Which of the following tools are used to determine the hop counts of an IP packet?
Each correct answer represents a complete solution. Choose two.
A. TRACERT
B. Ping
C. IPCONFIG
D. Netstat
Answer: A,B

certification GIAC   GCIA   GCIA examen   certification GCIA   GCIA   certification GCIA

NO.3 Adam works as a Computer Hacking Forensic Investigator in a law firm. He has been assigned with
his first project. Adam collected all required evidences and clues. He is now required to write an
investigative report to present before court for further prosecution of the case. He needs guidelines to
write an investigative report for expressing an opinion. Which of the following are the guidelines to write
an investigative report in an efficient way?
Each correct answer represents a complete solution. Choose all that apply.
A. All ideas present in the investigative report should flow logically from facts to conclusions.
B. Opinion of a lay witness should be included in the investigative report.
C. The investigative report should be understandable by any reader.
D. There should not be any assumptions made about any facts while writing the investigative report.
Answer: A,C,D

certification GIAC   certification GCIA   certification GCIA

NO.4 Which of the following is the default port for Simple Network Management Protocol (SNMP)?
A. TCP port 110
B. TCP port 25
C. TCP port 80
D. UDP port 161
Answer: D

GIAC   GCIA examen   GCIA examen

NO.5 Which of the following proxy servers is also referred to as transparent proxies or forced proxies?
A. Tunneling proxy server
B. Reverse proxy server
C. Anonymous proxy server
D. Intercepting proxy server
Answer: D

GIAC   GCIA examen   certification GCIA   GCIA examen   GCIA

NO.6 This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a,
802.11b, and 802.11g standards. The main features of these tools are as follows: -It displays the signal
strength of a wireless network, MAC address, SSID, channel details, etc. -It is commonly used for the
following purposes:
A. War driving
B. Detecting unauthorized access points
C. Detecting causes of interference on a WLAN
D. WEP ICV error tracking
E. Making Graphs and Alarms on 802.11 Data, including Signal Strength
Answer: D

GIAC examen   GCIA examen   GCIA   GCIA examen   GCIA examen

NO.7 You work as a Network Administrator for Tech Perfect Inc. Your company has a Windows 2000based
network. You want to verify the connectivity of a host in the network. Which of the following utilities will you
use?
A. PING
B. TELNET
C. NETSTAT
D. TRACERT
Answer: A

GIAC examen   GCIA   certification GCIA   certification GCIA   GCIA examen

NO.8 Andrew works as a System Administrator for NetPerfect Inc. All client computers on the network run on
Mac OS X. The Sales Manager of the company complains that his MacBook is not able to boot. Andrew
wants to check the booting process. He suspects that an error persists in the bootloader of Mac OS X.
Which of the following is the default bootloader on Mac OS X that he should use to resolve the issue?
A. LILO
B. BootX
C. NT Loader
D. GRUB
Answer: B

GIAC   certification GCIA   GCIA examen   certification GCIA   GCIA   GCIA examen

2014年4月27日星期日

Le matériel de formation de l'examen de meilleur GIAC GCFA

Le Pass4Test est un site qui peut offrir les facilités aux candidats et aider les candidats à réaliser leurs rêve. Si vous êtes souci de votre test Certification, Pass4Test peut vous rendre heureux. La haute précision et la grande couverture de la Q&A de Pass4Test vous aidera pendant la préparation de test. Vous n'aurez aucune raison de regretter parce que Pass4Test réalisera votre rêve.

Dans cette Industrie IT intense, le succès de test GIAC GCFA peut augmenter le salaire. Les gens d'obtenir le Certificat GIAC GCFA peuvent gagner beaucoup plus que les gens sans Certificat GIAC GCFA. Le problème est comment on peut réussir le test plus facile?

Code d'Examen: GCFA
Nom d'Examen: GIAC (GIAC Certified Forensics Analyst)
Questions et réponses: 318 Q&As

Bien qu'Il y ait plein de talentueux dans cette société, il manque beaucoup de professionnels dans les domaine en cours de développement, l'Industrie IT est l'un de ces domaines. Donc le test GIAC GCFA est un bon l'examination de technique informatique. Pass4Test est un site d'offrir la formation particulière au test GIAC GCFA.

Pass4Test est un site à offrir particulièrement la Q&A GIAC GCFA, vous pouvez non seulement aprrendre plus de connaissances professionnelles, et encore obtenir le Passport de Certification GIAC GCFA, et trouver un meilleur travail plus tard. Les documentations offertes par Pass4Test sont tout étudiés par les experts de Pass4Test en profitant leurs connaissances et expériences, ces Q&As sont impresionnées par une bonne qualité. Il ne faut que choisir Pass4Test, vous pouvez non seulement passer le test GIAC GCFA et même se renforcer vos connaissances professionnelles IT.

Aujourd'hui, c'est une société pleine de gens talentueux, la meilleure façon de suivre et assurer la place dans votre carrière est de s'améliorer sans arrêt. Si vous n'augmentez pas dans votre carrière, vous êtes juste sous-développé parce que les autres sont meilleurs que vous. Pour éviter ce cas, vous devez vous former successivement.

Le test GIAC GCFA est le premier pas pour promouvoir dans l'Industrie IT, mais aussi la seule rue ramenée au pic de succès. Le test GIAC GCFA joue un rôle très important dans cette industrie. Et aussi, Pass4Test est un chaînon inevitable pour réussir le test sans aucune doute.

Pass4Test est un site web de vous offrir particulièrement les infos plus chaudes à propos de test Certification GIAC GCFA. Pour vous assurer à nous choisir, vous pouvez télécharger les Q&As partielles gratuites. Pass4Test vous promet un succès 100% du test GIAC GCFA.

GCFA Démo gratuit à télécharger: http://www.pass4test.fr/GCFA.html

NO.1 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning?
A. Solaris
B. Red Hat
C. Knoppix
D. Windows
Answer: D

certification GIAC   GCFA   GCFA   certification GCFA

NO.2 Fill in the blank with the appropriate name.
_____is a list, which specifies the order of volatility of data in a Windows based system.
A. RFC 3227
Answer: A

GIAC examen   GCFA   GCFA   GCFA   GCFA examen

NO.3 Adam works as a Security Administrator for Umbrella Inc. He is responsible for securing all 15 servers
of the company. To successfully accomplish the task, he enables the hardware and software firewalls and
disables all unnecessary services on all the servers. Sales manager of the company asks Adam to run
emulation software on one of the servers that requires the telnet service to function properly. Adam is
concerned about the security of the server, as telnet can be a very large security risk in an organization.
Adam decides to perform some footprinting, scanning, and penetration testing on the server to checkon
the server to check the security. Adam telnets into the server and writes the following command:
HEAD / HTTP/1.0
After pressing enter twice, Adam gets the following results:
Which of the following tasks has Adam just accomplished?
A. Poisoned the local DNS cache of the server.
B. Submitted a remote command to crash the server.
C. Grabbed the banner.
D. Downloaded a file to his local computer.
Answer: C

certification GIAC   GCFA   GCFA

NO.4 Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to
investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer
runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He
knows that in Windows operating system, the data is searched in pre-defined steps for proper and
efficient analysis. Which of the following is the correct order for searching data on a Windows based
system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces
B. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
D. Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces
Answer: D

GIAC   GCFA examen   GCFA examen

NO.5 Which of the following encryption methods uses AES technology?
A. Dynamic WEP
B. Static WEP
C. TKIP
D. CCMP
Answer: D

GIAC examen   GCFA examen   GCFA   GCFA

NO.6 Which of the following methods is used by forensic investigators to acquire an image over the network
in a secure manner?
A. DOS boot disk
B. Linux Live CD
C. Secure Authentication for EnCase (SAFE)
D. EnCase with a hardware write blocker
Answer: C

GIAC examen   GCFA   GCFA   GCFA examen   GCFA

NO.7 Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the
server of the marketing department has been affected by a malicious hacking attack. Supervisors are also
claiming that some sensitive data are also stolen. Adam immediately arrived to the server room of the
marketing department and identified the event as an incident. He isolated the infected network from the
remaining part of the network and started preparing to image the entire system. He captures volatile data,
such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?
A. Recovery
B. Eradication
C. Identification
D. Containment
Answer: D

certification GIAC   GCFA examen   GCFA   GCFA examen   GCFA examen

NO.8 Which of the following type of file systems is not supported by Linux kernel?
A. vFAT
B. NTFS
C. HFS
D. FAT32
Answer: D

GIAC examen   GCFA   certification GCFA   GCFA

NO.9 Mark works as a security manager for SofTech Inc. He is using a technique for monitoring what the
employees are doing with corporate resources. Which of the following techniques is being used by Mark
to gather evidence of an ongoing computer crime if a member of the staff is e-mailing company's secrets
to an opponent?
A. Electronic surveillance
B. Civil investigation
C. Physical surveillance
D. Criminal investigation
Answer: A

GIAC   GCFA   GCFA   GCFA   GCFA   GCFA examen

NO.10 You work as a Web developer for ABC Inc. You want to investigate the Cross-Site Scripting attack on
your company's Web site. Which of the following methods of investigation can you use to accomplish the
task?
Each correct answer represents a complete solution. Choose all that apply.
A. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL
to the company's site.
B. Look at the Web server's logs and normal traffic logging.
C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the
input page, which may give log of the malicious traffic and the IP address of the source.
D. Use a Web proxy to view the Web server transactions in real time and investigate any
communication with outside servers.
Answer: A,B,D

GIAC examen   certification GCFA   GCFA   GCFA   GCFA   GCFA

NO.11 Which of the following file systems provides file-level security?
A. CDFS
B. FAT
C. FAT32
D. NTFS
Answer: D

GIAC examen   GCFA   GCFA   GCFA   GCFA   certification GCFA

NO.12 You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to
investigate e-mail information of an employee of the company. The suspected employee is using an
online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will
you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. History folder
B. Temporary Internet Folder
C. Download folder
D. Cookies folder
Answer: A,B,D

GIAC examen   certification GCFA   GCFA

NO.13 A firewall is a combination of hardware and software, used to provide security to a network. It is used
to protect an internal network or intranet against unauthorized access from the Internet or other outside
networks. It restricts inbound and outbound access and can analyze all traffic between an internal
network and the Internet. Users can configure a firewall to pass or block packets from specific IP
addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
A. OpenSSH
B. IPTables
C. IPChains
D. Stunnel
Answer: B

GIAC   GCFA   GCFA   certification GCFA   GCFA

NO.14 You work as a Network Administrator for Perfect Solutions Inc. You install Windows 98 on a computer.
By default, which of the following folders does Windows 98 setup use to keep the registry tools?
A. $SYSTEMROOT$REGISTRY
B. $SYSTEMROOT$WINDOWS
C. $SYSTEMROOT$WINDOWSREGISTRY
D. $SYSTEMROOT$WINDOWSSYSTEM32
Answer: B

certification GIAC   GCFA examen   GCFA   GCFA

NO.15 John works as a professional Ethical Hacker. He has been assigned the project of testing the security of
www.we-are-secure.com. He receives the following e-mail:
The e-mail that John has received is an example of __________.
A. Virus hoaxes
B. Spambots
C. Social engineering attacks
D. Chain letters
Answer: D

GIAC examen   GCFA   GCFA examen   GCFA examen   GCFA examen

NO.16 Which of the following attacks saturates network resources and disrupts services to a specific
computer?
A. Teardrop attack
B. Polymorphic shell code attack
C. Denial-of-Service (DoS) attack
D. Replay attack
Answer: C

certification GIAC   GCFA examen   GCFA   certification GCFA

NO.17 The MBR of a hard disk is a collection of boot records that contain disk information such as disk
architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating
system files that are required to run a hard disk. In the context of the operating system,
MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.
A. Stealth
B. Boot sector
C. Multipartite
D. File
Answer: B,C

certification GIAC   certification GCFA   GCFA   GCFA   GCFA

NO.18 You want to upgrade a partition in your computer's hard disk drive from FAT to NTFS. Which of the
following DOS commands will you use to accomplish this?
A. FORMAT C: /s
B. CONVERT C: /fs:ntfs
C. SYS C:
D. FDISK /mbr
Answer: B

certification GIAC   GCFA   GCFA   GCFA examen   GCFA examen

NO.19 Which of the following tools can be used to perform tasks such as Windows password cracking,
Windows enumeration, and VoIP session sniffing?
A. John the Ripper
B. L0phtcrack
C. Obiwan
D. Cain
Answer: D

GIAC examen   GCFA   GCFA   GCFA   GCFA examen

NO.20 Which of the following is the correct order of loading system files into the main memory of the system,
when the computer is running on Microsoft's Windows XP operating system?
A. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
B. NTLDR, BOOT.ini, NTDETECT.com, HAL.dll, NTOSKRNL.exe
C. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
D. BOOT.ini, HAL.dll, NTDETECT.com, NTLDR, NTOSKRNL.exe
Answer: B

GIAC   certification GCFA   GCFA   GCFA

NO.21 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The network is configured on IP version 6 protocol. All the computers on the network are
connected to a switch device. One day, users complain that they are unable to connect to a file server.
You try to ping the client computers from the server, but the pinging fails. You try to ping the server's own
loopback address, but it fails to ping. You restart the server, but the problem persists.
What is the most likely cause?
A. The cable that connects the server to the switch is broken.
B. Automatic IP addressing is not working.
C. The switch device is not working.
D. The server is configured with unspecified IP address.
E. The server's NIC is not working.
Answer: E

GIAC examen   GCFA   GCFA examen   certification GCFA

NO.22 Adam works as a Computer Hacking Forensic Investigator for a garment company in the United States.
A project has been assigned to him to investigate a case of a disloyal employee who is suspected of
stealing design of the garments, which belongs to the company and selling those garments of the same
design under different brand name. Adam investigated that the company does not have any policy related
to the copy of design of the garments. He also investigated that the trademark under which the employee
is selling the garments is almost identical to the original trademark of the company. On the grounds of
which of the following laws can the employee be prosecuted.?
A. Trademark law
B. Cyber law
C. Copyright law
D. Espionage law
Answer: A

certification GIAC   GCFA   GCFA examen   GCFA

NO.23 Which of the following Acts enacted in United States allows the FBI to issue National Security Letters
(NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?
A. Wiretap Act
B. Computer Fraud and Abuse Act
C. Economic Espionage Act of 1996
D. Electronic Communications Privacy Act of 1986
Answer: D

GIAC   GCFA   GCFA   GCFA   GCFA examen

NO.24 Which of the following modules of OS X kernel (XNU) provides the primary system program interface?
A. BSD
B. LIBKERN
C. I/O Toolkit
D. Mach
Answer: A

GIAC examen   GCFA   GCFA   certification GCFA   GCFA

NO.25 Which of the following is the first computer virus that was used to infect the boot sector of storage
media formatted with the DOS File Allocation Table (FAT) file system?
A. Melissa
B. Tequila
C. Brain
D. I love you
Answer: C

GIAC examen   GCFA examen   GCFA examen   GCFA   GCFA

NO.26 Which of the following is the process of overwriting all addressable locations on a disk?
A. Drive wiping
B. Spoofing
C. Sanitization
D. Authentication
Answer: A

GIAC   certification GCFA   GCFA examen   GCFA   certification GCFA   GCFA examen

NO.27 You work as a Network Administrator for Blue Bell Inc. You want to install Windows XP
Professional on your computer, which already has Windows Me installed. You want to configure your
computer to dual boot between Windows Me and Windows XP Professional. You have a single 40GB
hard disk.
Which of the following file systems will you choose to dual-boot between the two operating
systems?
A. NTFS
B. FAT32
C. CDFS
D. FAT
Answer: B

GIAC examen   certification GCFA   certification GCFA   GCFA   GCFA

NO.28 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. Bluesnarfing
C. PDA Hijacking
D. Privilege Escalation
Answer: B

GIAC examen   GCFA   certification GCFA

NO.29 You company suspects an employee of sending unauthorized emails to competitors. These emails are
alleged to contain confidential company data. Which of the following is the most important step for you to
take in preserving the chain of custody?
A. Preserve the email server including all logs.
B. Make copies of that employee's email.
C. Seize the employee's PC.
D. Place spyware on the employee's PC to confirm these activities.
Answer: A

GIAC examen   GCFA examen   GCFA   GCFA   GCFA examen   GCFA

NO.30 Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of
Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and
database files from the computer. After performing these malicious tasks, Adam finally runs the following
command on the Linux command box before disconnecting. for (( i =
0;i<11;i++ )); do
dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
A. Making a bit stream copy of the entire hard disk for later download.
B. Deleting all log files present on the system.
C. Wiping the contents of the hard disk with zeros.
D. Infecting the hard disk with polymorphic virus strings.
Answer: C

GIAC examen   GCFA   GCFA   GCFA   certification GCFA

Si vous êtes intéressé par l'outil formation GIAC GCFA étudié par Pass4Test, vous pouvez télécharger tout d'abord le démo. Le service de la mise à jour gratuite pendant un an est aussi offert pour vous.

GIAC GSEC, de formation et d'essai

Peut-être vous voyez les guides d'études similaires pour le test GIAC GSEC, mais nous avons la confiance que vous allez nous choisir finalement grâce à notre gravité d'état dans cette industrie et notre profession. Pass4Test se contribue à amérioler votre carrière. Vous saurez que vous êtes bien préparé à passer le test GIAC GSEC lorsque vous choisissez la Q&A de Pass4Test. De plus, un an de service gratuit en ligne après vendre est aussi disponible pour vous.

Pas besoin de beaucoup d'argent et de temps, vous pouvez passer le test GIAC GSEC juste avec la Q&A de GIAC GSEC offerte par Pass4Test qui vous offre le test simulation bien proche de test réel.

Pass4Test est un site particulier d'offrir la formation à propos de test Certification IT. C'est un bon choix pour vous aider à réussir le test GIAC GSEC. Pass4Test offre toutes les informations et les documentations plus nouvelles qui peut vous donner plus de chances à réussir le test.

Certification GIAC GSEC est un des tests plus importants dans le système de Certification GIAC. Les experts de Pass4Test profitent leurs expériences et connaissances professionnelles à rechercher les guides d'étude à aider les candidats du test GIAC GSEC à réussir le test. Les Q&As offertes par Pass4Test vous assurent 100% à passer le test. D'ailleurs, la mise à jour pendant un an est gratuite.

Code d'Examen: GSEC
Nom d'Examen: GIAC (GIAC Security Essentials Certification)
Questions et réponses: 280 Q&As

GSEC Démo gratuit à télécharger: http://www.pass4test.fr/GSEC.html

NO.1 Which of the following statements regarding Secure Sockets Layer (SSL) are true? Each correct
answer represents a complete solution. Choose all that apply.
A. SSL provides message integrity to prevent alteration to the message.
B. During SSL session, information is encrypted to prevent unauthorized disclosure.
C. SSL can process credit cards.
D. SSL can support 128-bit encryption.
Answer: A,B,D

GIAC   GSEC examen   GSEC examen   GSEC

NO.2 What is the maximum cable segment length supported by a 10BaseT network?
A. 100 meters
B. 300 meters
C. 250 meters
D. 500 meters
E. 150 meters
Answer: A

GIAC   GSEC   GSEC examen   GSEC examen

NO.3 Which of the following protocols multicasts messages and information among all member devices in
an IP multicast group?
A. IGMP
B. TCP
C. ARP
D. ICMP
Answer: A

certification GIAC   GSEC examen   GSEC examen   GSEC examen

NO.4 Which of the following statements about service pack are true? Each correct answer represents a
complete solution. Choose two.
A. It is a collection of Fixes and Patches in a single product.
B. It is a medium by which product updates are distributed.
C. It is a term generally related to security problems in a software.
D. It is a term used for securing an operating system.
Answer: A,B

GIAC   GSEC   GSEC examen

NO.5 Which of the following is used to implement a procedure to control inbound and outbound traffic on a
network?
A. Cookies
B. Sam Spade
C. NIDS
D. ACL
Answer: D

GIAC examen   GSEC   GSEC   certification GSEC   GSEC

NO.6 Which of the following ports is the default port for IMAP4 protocol?
A. TCP port 443
B. TCP port 143
C. TCP port 25
D. TCP port 80
Answer: B

GIAC   GSEC examen   GSEC examen   certification GSEC   GSEC examen   GSEC

NO.7 Which of the following terms is synonymous with the willful destruction of another person's property?
A. Spoofing
B. Hacking
C. Phishing
D. Vandalism
Answer: D

GIAC examen   GSEC examen   GSEC   GSEC examen   certification GSEC

NO.8 You have been hired by the company to upgrade its existing Windows NT 4.0 network to a Windows
2000 based network. In the past, the company's support group has faced difficult time because users
changed the configuration of their workstations. Which of the following features of the Active Directory
would best justify the move to the Windows 2000 network.?
A. Dynamic domain name system (DDNS)
B. Organizational unit (OU)
C. Dynamic host configuration protocol (DHCP)
D. Group policy object (GPO)
Answer: D

certification GIAC   certification GSEC   GSEC

NO.9 Which of the following enables an inventor to legally enforce his right to exclude others from using his
invention?
A. Patent
B. Artistic license
C. Phishing
D. Spam
Answer: A

GIAC   GSEC   GSEC examen

NO.10 Which of the following statements about the availability concept of Information security management is
true?
A. It ensures reliable and timely access to resources.
B. It determines actions and behaviors of a single individual within a system.
C. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
D. It ensures that modifications are not made to data by unauthorized personnel or processes.
Answer: A

GIAC   certification GSEC   GSEC

NO.11 Which of the following terms refers to manual assignment of IP addresses to computers and devices?
A. Static IP addressing
B. Spoofing
C. APIPA
D. Dynamic IP addressing
Answer: A

GIAC examen   GSEC   GSEC   certification GSEC

NO.12 Which of the following statements are true about satellite broadband Internet access? Each correct
answer represents a complete solution. Choose two.
A. It is among the least expensive way of gaining broadband Internet access.
B. It is among the most expensive way of gaining broadband Internet access.
C. This type of internet access has low latency compared to other broadband services.
D. This type of internet access has high latency compared to other broadband services.
Answer: B, D

GIAC   certification GSEC   GSEC examen   certification GSEC   GSEC   GSEC examen

NO.13 Which of the following frequencies are used by wireless standard 802.11n to operate? Each correct
answer represents a complete solution. Choose two.
A. 1 Ghz
B. 2 Ghz
C. 2.4 Ghz
D. 5 Ghz
Answer: C, D

GIAC   certification GSEC   certification GSEC   GSEC   GSEC

NO.14 You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network.
You have configured a VPN server for remote users to connect to the company's network. Which of the
following encryption types will Linux use?
A. MSCHAP
B. RC2
C. 3DES
D. CHAP
Answer: C

GIAC examen   GSEC   GSEC examen   GSEC

NO.15 John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based
network. John is working as a root user on the Linux operating system. He executes the following
command in the terminal:
echo $USER, $UID
Which of the following will be displayed as the correct output of the above command?
A. root, 500
B. root, 0
C. John, 502
D. John, 0
Answer: B

certification GIAC   certification GSEC   GSEC examen   GSEC

NO.16 Which of the following terms describes software technologies that improve portability, manageability
and compatibility of applications by encapsulating them from the underlying operating system on which
they are executed?
A. Application virtualization
B. Encapsulation
C. System hardening
D. Failover
Answer: A

GIAC   GSEC   GSEC

NO.17 Rick works as a Network Administrator. He is configuring the systems for maximum security. Before
using the security template, he wants to edit it to change some of the security settings that are not
required for now. Which of the following tools will he choose, to edit the security template?
A. Group Policy MMC snap-in
B. Security Configuration and Analysis MMC snap-in
C. Security Templates MMC snap-in
D. SECEDIT utility
Answer: C

certification GIAC   GSEC examen   GSEC   GSEC examen

NO.18 You have a customer who wants to put wireless internet in his remote cabin. The cabin is many miles
from any other building with internet connectivity or access points. What should you recommend?
A. DSL
B. FIOS connection
C. Satellite internet
D. Microwave connection
Answer: C

GIAC   GSEC examen   GSEC examen   certification GSEC   certification GSEC

NO.19 You work as a Network Administrator for McRoberts Inc. The company has a Linux-based network. You
have created a script named lf.cgi. You want to provide the following permissions on it:
rwsr-sr-- Which of the following commands will you execute?
A. chmod 2754
B. chmod 6754
C. chmod 7754
D. chmod 4754
Answer: B

GIAC   GSEC examen   GSEC   GSEC   certification GSEC   GSEC

NO.20 You work as a Network Administrator for Perfect World Inc. You are configuring a network that will
include 1000BaseT network interface cards in servers and client computers. What is the maximum
segment length that a 1000BaseT network supports?
A. 100 meters
B. 480 meters
C. 1000 meters
D. 10 meters
Answer: A

GIAC examen   GSEC   GSEC   GSEC

NO.21 Which of the following records is the first entry in a DNS database file?
A. SOA
B. SRV
C. CNAME
D. MX
Answer: A

GIAC examen   GSEC   certification GSEC   certification GSEC   GSEC examen   GSEC

NO.22 Which of the following devices connects two segments of the same local area network (LAN) but keeps
traffic separate on the two segments?
A. Hub
B. Modem
C. Bridge
D. Switch
Answer: C

certification GIAC   GSEC   GSEC   GSEC examen   GSEC

NO.23 Which of the following is not an encryption technology?
A. Blowfish
B. KILL
C. 3DES
D. MD5
Answer: B

GIAC   certification GSEC   GSEC   GSEC examen

NO.24 You work as a Linux Technician for Tech Perfect Inc. You want to protect your server from intruders
who exploit services that are started with TCP Wrappers. Which of the following files will help you protect
the server?
Each correct answer represents a part of the solution. Choose two.
A. httpd.conf
B. lilo.conf
C. hosts.deny
D. hosts.allow
Answer: C, D

GIAC examen   GSEC examen   GSEC

NO.25 Which of the following is NOT the feature of SELinux in the Red Hat enterprise Linux?
A. SELinux does not provide Kernel-level security.
B. All process and files have a context.
C. SELinux implements Mandatory Access Control (MAC) security in Red Hat Enterprise Linux.
D. SELinux applies to all users, including root.
Answer: A

certification GIAC   GSEC examen   certification GSEC   GSEC

NO.26 The /cat/etc/passwd file on a client computer contains the following entry: Martha:x:::::bin/false
Which of the following is true for Martha?
A. Martha's password is x.
B. Martha has full access on the computer.
C. Martha has limited access on the computer.
D. Martha has been denied access on the computer.
Answer: D

GIAC   GSEC examen   GSEC   GSEC   certification GSEC

NO.27 Which of the following is a security threat if included in the search path of a computer?
A. /usr
B. /sbin
C. .
D. /usr/bin
Answer: C

GIAC   GSEC examen   GSEC   GSEC examen

NO.28 You want to temporarily change your primary group to another group of which you are a member. In
this process, a new shell will be created, and when you exit the shell, your previous group will be
reinstated. Which of the following commands will you use to accomplish this task?
A. newgrp
B. chgrp
C. chown
D. chmod
Answer: A

GIAC   GSEC   GSEC   certification GSEC

NO.29 Which of the following directories contains the log files in Linux?
A. /log
B. /root
C. /var/log
D. /etc
Answer: C

GIAC   GSEC   GSEC   GSEC examen

NO.30 Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain-
based network. The company has two offices in different cities. The offices are connected through the
Internet. Both offices have a Windows 2003 server named SERV1 and SERV2 respectively. Mark is
required to create a secure connection between both offices. He configures a VPN connection between
the offices using the two servers. He uses L2TP for VPN and also configures an IPSec tunnel. Which of
the following will he achieve with this configuration?
Each correct answer represents a part of the solution. Choose two.
A. Encryption for the local files stored on the two servers
B. Highest possible encryption for traffic between the offices
C. Mutual authentication between the two servers
D. Extra bandwidth on the Internet connection
Answer: B, C

GIAC   GSEC   GSEC   GSEC   GSEC   GSEC

Beaucoup de travailleurs dans l'Industrie IT peut obenir un meilleur travail et améliorer son niveau de vie à travers le Certificat GIAC GSEC. Mais la majorité des candidats dépensent beaucoup de temps et d'argent pour préparer le test, ça ne coûte pas dans cette société que le temps est tellement précieux. Pass4Test peut vous aider à économiser le temps et l'effort pendant le cours de la préparation du test GIAC GSEC. Choisir le produit de Pass4Test particulier pour le test Certification GIAC GSEC vous permet à réussir 100% le test. Votre argent sera tout rendu si malheureusement vous ne passez pas le test.

G2700 dernières questions d'examen certification GIAC et réponses publiés

Pass4Test a de formations plus nouvelles pour le test GIAC G2700. Les experts dans l'industrie IT de Pass4Test profitant leurs expériences et connaissances professionnelles à lancer les Q&As plus chaudes pour faciliter la préparation du test GIAC G2700 à tous les candidats qui nous choisissent. L'importance de Certification GIAC G2700 est de plus en plus claire, c'est aussi pourquoi il y a de plus en plus de gens qui ont envie de participer ce test. Parmi tous ces candidats, pas mal de gens ont réussi grâce à Pass4Test. Ces feedbacks peuvent bien prouver nos produits essentiels pour votre réussite de test Certification.

Beaucoup de travailleurs dans l'Industrie IT peut obenir un meilleur travail et améliorer son niveau de vie à travers le Certificat GIAC G2700. Mais la majorité des candidats dépensent beaucoup de temps et d'argent pour préparer le test, ça ne coûte pas dans cette société que le temps est tellement précieux. Pass4Test peut vous aider à économiser le temps et l'effort pendant le cours de la préparation du test GIAC G2700. Choisir le produit de Pass4Test particulier pour le test Certification GIAC G2700 vous permet à réussir 100% le test. Votre argent sera tout rendu si malheureusement vous ne passez pas le test.

Pour l'instant, vous pouvez télécharger le démo gratuit de Q&A GIAC G2700 dans Pass4Test pour se former avant le test GIAC G2700.

G2700 est un test de GIAC Certification, donc réussir G2700 est le premier pas à mettre le pied sur la Certifiction GIAC. Ça peut expliquer certiainement pourquoi le test GIAC G2700 devient de plus en plus chaud, et il y a de plus en plus de gens qui veulent participer le test G2700. Au contraire, il n'y a que pas beaucoup de gens qui pourrait réussir ce test. Dans ce cas, si vous vous réfléchissez étudier avec une bonne Q&A?

Code d'Examen: G2700
Nom d'Examen: GIAC (GIAC Certified ISO-2700 Specialist Practice Test)
Questions et réponses: 453 Q&As

Pass4Test est un fournisseur de formation pour une courte terme, et Pass4Test peut vous assurer le succès de test GIAC G2700. Si malheureusement, vous échouez le test, votre argent sera tout rendu. Vous pouvez télécharger le démo gratuit avant de choisir Pass4Test. Au moment là, vous serez confiant sur Pass4Test.

La Q&A GIAC G2700 est étudiée par les experts de Pass4Test qui font tous effort en profitant leurs connaissances professionnelles. La Q&A de Pass4Test est ciblée aux candidats de test IT Certification. Vous voyez peut-être les Q&As similaires dansn les autres site web, mais il n'y a que Pass4Test d'avoir le guide d'étude plus complet. C'est le meilleur choix à s'assurer le succès de test Certification GIAC G2700.

G2700 Démo gratuit à télécharger: http://www.pass4test.fr/G2700.html

NO.1 Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some
confidential information is being leaked out by an employee of the company. Rick suspects that someone
is sending the information through email. He checks the emails sent by some employees to other
networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files
that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography
technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.
A. Linguistic steganography
B. Text Semagrams
C. Technical steganography
D. Perceptual masking
Answer: A,B

GIAC   G2700   G2700   G2700

NO.2 CORRECT TEXT
Fill in the blank with the appropriate term.
________ is a powerful and low-interaction open source honeypot.
Answer: Honeyd

certification GIAC   certification G2700   certification G2700   G2700   G2700   certification G2700

NO.3 You work as a Network Administrator for uCertify Inc. The organization has constructed a cafeteria for
their employees and you are responsible to select the access control method for the cafeteria.
There are a few conditions for giving access to the employees, which are as follows:
1. Top level management can get access any time.
2. Staff members can get access during the specified hours.
3. Guests can get access only in working hours.
Which of the following access control methods is suitable to accomplish the task?
A. Discretionary access control
B. Lattice-based access control
C. Attribute-based access control
D. Rule-based access control
Answer: D

certification GIAC   certification G2700   G2700 examen   G2700 examen

NO.4 Which of the following statements are true about security risks?
Each correct answer represents a complete solution. Choose three.
A. These are considered as an indicator of threats coupled with vulnerability.
B. These can be removed completely by taking proper actions.
C. These can be mitigated by reviewing and taking responsible actions based on possible risks.
D. These can be analyzed and measured by the risk analysis process.
Answer: A,C,D

certification GIAC   G2700   G2700   certification G2700   G2700

NO.5 You work as an Information Security Manager for uCertify Inc. You are working on the
documentation of control A.10.1.1. What is the purpose of control A.10.1.1.?
A. It is concerned with the documentation of the human resource security to make recruitments clear to
the organization.
B. It is concerned with the documentation of the supply chain management.
C. It is concerned with the documentation of operating procedures to ensure the correct and secure use of
information processing facilities.
D. It is concerned with the documentation of the disaster recovery management to ensure proper backup
technologies.
Answer: C

GIAC   G2700   G2700

NO.6 Which of the following are the basics of Business Continuity Management?
Each correct answer represents a complete solution. Choose all that apply.
A. Implementation of a risk assessment technique to identify the causes and consequences of failures
B. Regular checking of business continuity plans
C. Identification of authentication techniques according to the requirements
D. Identification of human resources according to the requirements
Answer: A,B,D

certification GIAC   G2700 examen   certification G2700

NO.7 Which of the following should be considered while calculating the costs of the outage?
Each correct answer represents a complete solution. Choose all that apply.
A. Sales aspect of the business
B. Cost of low productivity
C. Innovations in electronic funds transfer
D. Cost of lost income from missed sales
Answer: B,D

GIAC examen   certification G2700   G2700 examen   G2700   G2700 examen

NO.8 Mark works as a Network Security Administrator for uCertify Inc. An employee of the organization
comes to Mark and tells him that a few months ago, the employee had filled an online bank form due to
some account related work. Today, when again visiting the site, the employee finds that some of his
personal information is still being displayed in the webpage. Which of the following types of cookies
should be disabled by Mark to resolve the issue?
A. Session
B. Temporary
C. Secure
D. Persistent
Answer: D

GIAC   G2700   G2700 examen   G2700

NO.9 Which of the following phases of the PDCA model is the monitoring and controlling phase of the
Information Security Management System (ISMS)?
A. Check
B. Plan
C. Do
D. Act
Answer: A

GIAC   certification G2700   G2700 examen   G2700   G2700 examen

NO.10 A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following
are the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.
A. Risk identification
B. Security Threat
C. Project schedule
D. Team members list
E. Risk analysis
Answer: A,C,D,E

certification GIAC   certification G2700   G2700

NO.11 You work as the Human Resource Manager for uCertify Inc. You need to recruit some candidates for
the marketing department of the organization. Which of the following should be defined to the new
employees of the organization before they have joined?
Each correct answer represents a complete solution. Choose all that apply.
A. Marketing tips and tricks
B. Organization's network topology
C. Job roles
D. Organization's security policy
Answer: C,D

certification GIAC   G2700 examen   G2700   G2700

NO.12 Which of the following is the designing phase of the ISMS?
A. Check
B. Plan
C. Act
D. Do
Answer: B

GIAC   G2700 examen   G2700 examen

NO.13 Which of the following controls are administrative in nature?
A. Directive controls
B. Recovery controls
C. Preventive controls
D. Detective controls
Answer: A

GIAC   certification G2700   G2700

NO.14 Which of the following is a Restrict Anonymous registry value that allows users with explicit
anonymous permissions?
A. 2
B. 3
C. 1
D. 0
Answer: A

GIAC examen   certification G2700   G2700   certification G2700   G2700

NO.15 You work as an Information Security Officer for uCertify Inc. You need to create an asset management
plan differentiating fixed assets from inventory items. How will you differentiate assets from inventory
items?
A. Inventory items are sold.
B. Assets are temporary usually.
C. Inventory items are permanent.
D. Assets cannot be used.
Answer: A

GIAC   G2700 examen   G2700   G2700 examen

NO.16 CORRECT TEXT
Fill in the blank with an appropriate phrase.
_________accord describes the minimum regulatory capital to be allocated by each bank based on its
risk profile of assets.
Answer: Basel ll

GIAC   G2700   certification G2700   G2700

NO.17 You work as a Security Administrator for uCertify Inc. You have been assigned the task to verify the
identity of the employees recruited in your organization. Which of the following components of security
deals with an employee's verification in the organization?
A. Network Security
B. Physical security
C. Access security
D. Human resource security
Answer: D

GIAC   G2700   certification G2700

NO.18 Mark works as a Network Security Administrator for uCertify Inc. He has been assigned the task of
installing a MySQL server. Mark wants to monitor only the data that is directed to or originating from the
server and he also wants to monitor running processes, file system access and integrity, and user logins
for identifying malicious activities. Which of the following intrusion detection techniques will Mark use to
accomplish the task?
A. Network-based IDS
B. Signature-based IDS
C. Anomaly-based IDS
D. Host-based IDS
Answer: D

GIAC examen   certification G2700   certification G2700   certification G2700   certification G2700

NO.19 You work as an Information Security Manager for uCertify Inc. You are working on communication and
organization management. You need to create the documentation on change management.
Which of the following are the main objectives of change management?
Each correct answer represents a complete solution. Choose all that apply.
A. Minimal disruption of services
B. Reduction of inventory in accordance with revenue
C. Economic utilization of resources involved in the change
D. Reduction in back-out activities
Answer: A,C,D

certification GIAC   certification G2700   G2700   certification G2700   G2700   certification G2700

NO.20 Which of the following are the uses of cryptography as defined in a policy document?
Each correct answer represents a complete solution. Choose all that apply.
A. Backup
B. Control of keys
C. Applications supporting cryptography
D. Recovery
Answer: A,B,C

GIAC examen   G2700   certification G2700

NO.21 Mark works as a System Administrator for uCertify Inc. He is responsible for securing the network of
the organization. He is configuring some of the advanced features of the Windows firewall so that he can
block the client machine from responding to pings. Which of the following advanced setting types should
Mark change for accomplishing the task?
A. ICMP
B. SNMP
C. UDP
D. SMTP
Answer: A

GIAC   G2700 examen   G2700   G2700

NO.22 Which of the following are the exceptions of the Data Protection Act?
Each correct answer represents a complete solution. Choose all that apply.
A. Section 36 - Domestic purposes
B. Section 28 - National security
C. Section 55 - Unlawful obtaining of personal data
D. Section 29 - Crime and taxation
Answer: A,B,D

GIAC examen   G2700 examen   G2700

NO.23 Which of the following is used for secure financial transactions over the Internet?
A. ATM
B. VPN
C. SSL
D. SET
Answer: D

GIAC   certification G2700   certification G2700   certification G2700   G2700

NO.24 You work as an Information Security Manager for uCertify Inc. You need to make the
documentation on change management. What are the advantages of change management?
Each correct answer represents a complete solution. Choose all that apply.
A. Improved productivity of users due to more stable and better IT services
B. Improved IT personnel productivity, since there is a reduced number of urgent changes and a back-out
of erroneous changes
C. Improved adverse impact of changes on the quality of IT services
D. Increased ability to absorb frequent changes without making an unstable IT environment
Answer: A,B,D

GIAC examen   G2700   G2700   certification G2700

NO.25 The disciplined and structured process, that integrates information security and risk management
activities into the System Development Life Cycle, is provided by the risk management framework.
Choose the appropriate RMF steps.
A.
Answer: A

GIAC   certification G2700   G2700   G2700   certification G2700

NO.26 Qualitative risk analysis includes judgment, intuition, and experience. Which of the following methods
are used to perform qualitative risk analysis?
Each correct answer represents a complete solution. Choose all that apply.
A. Egress filtering
B. Checklists
C. Delphi technique
D. Brainstorming
Answer: B,C,D

GIAC examen   G2700   G2700 examen

NO.27 Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the
following formulas best describes the Single Loss Expectancy (SLE)?
A. SLE = Asset Value (AV) * Exposure Factor (EF)
B. SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
C. SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
D. SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)
Answer: A

GIAC   G2700   G2700

NO.28 Mark works as an Office Assistant for uCertify Inc. He is responsible for managing office documents.
Today, after opening a word document, Mark noticed that the other opened documents are closed
suddenly. After reopening those documents, Mark found some modifications in the documents. He
contacted his Security Administrator and came to know that there is a virus program installed in the
operating system. Which of the following types of virus has attacked the operating system?
A. Data file
B. Macro
C. Polymorphic
D. Boot sector
Answer: A

GIAC   G2700   G2700 examen   G2700   G2700

NO.29 Which of the following is a fast-emerging global sector that advises individuals and corporations on
how to apply the highest ethical standards to every aspect of their business?
A. Service Capacity Management (SCM)
B. Business Capacity Management (BCM)
C. Resource Capacity Management (RCM)
D. Integrity Management Consulting
Answer: D

GIAC   G2700   G2700 examen

NO.30 Which of the following administrative policy controls is usually associated with government
classifications of materials and the clearances of individuals to access those materials?
A. Separation of Duties
B. Due Care
C. Acceptable Use
D. Need to Know
Answer: D

GIAC examen   G2700 examen   G2700   G2700 examen

Dans cette société bien intense, c'est avantage si quelque'un a une technique particulère, donc c'est pourquoi beaucoup de gens ont envie de dépnenser les efforts et le temps à préparer le test GIAC G2700, mais ils ne peuvaient pas réussir finalement. C'est juste parce que ils ont pas bien choisi une bonne formation. L'outil de formation lancé par les experts de Pass4Test vous permet à passer le test GIAC G2700 coûtant un peu d'argent.

2014年1月29日星期三

GIAC GCFA, de formation et d'essai

Vous avez aussi la possibilité à réussir le test GIAC GCFA. Pass4Test offre la service de la mise à jour gratuite pendant un an. Si vous échouez le test, votre argent sera tout rendu. Maintenant, vous pouvez télécharger la partie gratuite prendre examinser la qualité des produits de Pass4Test.

Vous pouvez comparer un peu les Q&As dans les autres sites web que lesquelles de Pass4Test, c'est pas difficile à trouver que la Q&A GIAC GCFA est plus complète. Vous pouvez télécharger le démo gratuit à prendre un essai de la qualité de Pass4Test. La raison de la grande couverture des questions et la haute qualité des réponses vient de l'expérience riche et la connaissances professionnelles des experts de Pass4Test. La nouvelle Q&A de GIAC GCFA lancée par l'équipe de Pass4Test sont bien populaire par les candidats.

Pass4Test est un seul site de provider le guide d'étude GIAC GCFA de qualité. Peut-être que vous voyiez aussi les Q&A GIAC GCFA dans autres sites, mais vous allez découvrir laquelle est plus complète. En fait, Pass4Test est aussi une resource de Q&A pour les autres site web.

Code d'Examen: GCFA
Nom d'Examen: GIAC (GIAC Certified Forensics Analyst)
Questions et réponses: 318 Q&As

La population de la Certification GIAC GCFA est très claire dans l'Industrie IT. Pass4Test se contribue à vous aider à réussir le test, de plus, un an de la mise à jour gratuite pendant est gratuite pour vous. Pass4Test sera le catalyseur de la réalisation de votre rêve. Pour le succès demain, Pass4Test est votre von choix. Vous serez le prochain talent de l'Indutrie IT sous l'aide de Pass4Test.

La Q&A de Pass4Test vise au test Certificat GIAC GCFA. L'outil de formation GIAC GCFA offert par Pass4Test comprend les exercices de pratique et le test simulation. Vous pouvez trouver les autres sites de provider la Q&A, en fait vous allez découvrir que c'est l'outil de formation de Pass4Test qui offre les documentaions plus compètes et avec une meilleure qualité.

Si vous travaillez quand même très dur et dépensez beaucoup de temps pour préparer le test GIAC GCFA, mais ne se savez pas du tout c'est où le raccourci pour passer le test certification, Pass4Test peut vous donner une solution efficace. Vous vous sentirez magiquement jouer un effet multiplicateur.

GCFA Démo gratuit à télécharger: http://www.pass4test.fr/GCFA.html

NO.1 Fill in the blank with the appropriate name.
_____is a list, which specifies the order of volatility of data in a Windows based system.
A. RFC 3227
Answer: A

GIAC examen   GCFA   certification GCFA   GCFA examen

NO.2 You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to
investigate e-mail information of an employee of the company. The suspected employee is using an
online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will
you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. History folder
B. Temporary Internet Folder
C. Download folder
D. Cookies folder
Answer: A,B,D

certification GIAC   GCFA   certification GCFA   GCFA   certification GCFA

NO.3 Which of the following methods is used by forensic investigators to acquire an image over the network
in a secure manner?
A. DOS boot disk
B. Linux Live CD
C. Secure Authentication for EnCase (SAFE)
D. EnCase with a hardware write blocker
Answer: C

GIAC   GCFA   GCFA   certification GCFA   GCFA

NO.4 You work as a Web developer for ABC Inc. You want to investigate the Cross-Site Scripting attack on
your company's Web site. Which of the following methods of investigation can you use to accomplish the
task?
Each correct answer represents a complete solution. Choose all that apply.
A. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL
to the company's site.
B. Look at the Web server's logs and normal traffic logging.
C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the
input page, which may give log of the malicious traffic and the IP address of the source.
D. Use a Web proxy to view the Web server transactions in real time and investigate any
communication with outside servers.
Answer: A,B,D

GIAC   GCFA   GCFA   certification GCFA   certification GCFA

NO.5 Which of the following is the correct order of loading system files into the main memory of the system,
when the computer is running on Microsoft's Windows XP operating system?
A. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
B. NTLDR, BOOT.ini, NTDETECT.com, HAL.dll, NTOSKRNL.exe
C. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
D. BOOT.ini, HAL.dll, NTDETECT.com, NTLDR, NTOSKRNL.exe
Answer: B

GIAC examen   GCFA   GCFA examen   GCFA

NO.6 Which of the following tools can be used to perform tasks such as Windows password cracking,
Windows enumeration, and VoIP session sniffing?
A. John the Ripper
B. L0phtcrack
C. Obiwan
D. Cain
Answer: D

GIAC   GCFA examen   GCFA

NO.7 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. Bluesnarfing
C. PDA Hijacking
D. Privilege Escalation
Answer: B

certification GIAC   GCFA   GCFA examen   GCFA

NO.8 A firewall is a combination of hardware and software, used to provide security to a network. It is used
to protect an internal network or intranet against unauthorized access from the Internet or other outside
networks. It restricts inbound and outbound access and can analyze all traffic between an internal
network and the Internet. Users can configure a firewall to pass or block packets from specific IP
addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
A. OpenSSH
B. IPTables
C. IPChains
D. Stunnel
Answer: B

GIAC   GCFA   GCFA

NO.9 Mark works as a security manager for SofTech Inc. He is using a technique for monitoring what the
employees are doing with corporate resources. Which of the following techniques is being used by Mark
to gather evidence of an ongoing computer crime if a member of the staff is e-mailing company's secrets
to an opponent?
A. Electronic surveillance
B. Civil investigation
C. Physical surveillance
D. Criminal investigation
Answer: A

GIAC   GCFA examen   GCFA examen

NO.10 Adam works as a Security Administrator for Umbrella Inc. He is responsible for securing all 15 servers
of the company. To successfully accomplish the task, he enables the hardware and software firewalls and
disables all unnecessary services on all the servers. Sales manager of the company asks Adam to run
emulation software on one of the servers that requires the telnet service to function properly. Adam is
concerned about the security of the server, as telnet can be a very large security risk in an organization.
Adam decides to perform some footprinting, scanning, and penetration testing on the server to checkon
the server to check the security. Adam telnets into the server and writes the following command:
HEAD / HTTP/1.0
After pressing enter twice, Adam gets the following results:
Which of the following tasks has Adam just accomplished?
A. Poisoned the local DNS cache of the server.
B. Submitted a remote command to crash the server.
C. Grabbed the banner.
D. Downloaded a file to his local computer.
Answer: C

GIAC examen   GCFA   GCFA   GCFA

NO.11 Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of
Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and
database files from the computer. After performing these malicious tasks, Adam finally runs the following
command on the Linux command box before disconnecting. for (( i =
0;i<11;i++ )); do
dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
A. Making a bit stream copy of the entire hard disk for later download.
B. Deleting all log files present on the system.
C. Wiping the contents of the hard disk with zeros.
D. Infecting the hard disk with polymorphic virus strings.
Answer: C

certification GIAC   GCFA examen   GCFA   GCFA   GCFA

NO.12 Which of the following Acts enacted in United States allows the FBI to issue National Security Letters
(NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?
A. Wiretap Act
B. Computer Fraud and Abuse Act
C. Economic Espionage Act of 1996
D. Electronic Communications Privacy Act of 1986
Answer: D

certification GIAC   GCFA   GCFA   certification GCFA   GCFA examen

NO.13 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The network is configured on IP version 6 protocol. All the computers on the network are
connected to a switch device. One day, users complain that they are unable to connect to a file server.
You try to ping the client computers from the server, but the pinging fails. You try to ping the server's own
loopback address, but it fails to ping. You restart the server, but the problem persists.
What is the most likely cause?
A. The cable that connects the server to the switch is broken.
B. Automatic IP addressing is not working.
C. The switch device is not working.
D. The server is configured with unspecified IP address.
E. The server's NIC is not working.
Answer: E

GIAC   certification GCFA   GCFA examen   GCFA

NO.14 You company suspects an employee of sending unauthorized emails to competitors. These emails are
alleged to contain confidential company data. Which of the following is the most important step for you to
take in preserving the chain of custody?
A. Preserve the email server including all logs.
B. Make copies of that employee's email.
C. Seize the employee's PC.
D. Place spyware on the employee's PC to confirm these activities.
Answer: A

GIAC   certification GCFA   GCFA examen   GCFA

NO.15 John works as a professional Ethical Hacker. He has been assigned the project of testing the security of
www.we-are-secure.com. He receives the following e-mail:
The e-mail that John has received is an example of __________.
A. Virus hoaxes
B. Spambots
C. Social engineering attacks
D. Chain letters
Answer: D

GIAC   certification GCFA   GCFA

NO.16 Which of the following encryption methods uses AES technology?
A. Dynamic WEP
B. Static WEP
C. TKIP
D. CCMP
Answer: D

GIAC examen   certification GCFA   GCFA examen   GCFA   certification GCFA

NO.17 Adam works as a Computer Hacking Forensic Investigator for a garment company in the United States.
A project has been assigned to him to investigate a case of a disloyal employee who is suspected of
stealing design of the garments, which belongs to the company and selling those garments of the same
design under different brand name. Adam investigated that the company does not have any policy related
to the copy of design of the garments. He also investigated that the trademark under which the employee
is selling the garments is almost identical to the original trademark of the company. On the grounds of
which of the following laws can the employee be prosecuted.?
A. Trademark law
B. Cyber law
C. Copyright law
D. Espionage law
Answer: A

certification GIAC   certification GCFA   GCFA

NO.18 Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the
server of the marketing department has been affected by a malicious hacking attack. Supervisors are also
claiming that some sensitive data are also stolen. Adam immediately arrived to the server room of the
marketing department and identified the event as an incident. He isolated the infected network from the
remaining part of the network and started preparing to image the entire system. He captures volatile data,
such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?
A. Recovery
B. Eradication
C. Identification
D. Containment
Answer: D

GIAC   GCFA   GCFA examen   GCFA examen

NO.19 You want to upgrade a partition in your computer's hard disk drive from FAT to NTFS. Which of the
following DOS commands will you use to accomplish this?
A. FORMAT C: /s
B. CONVERT C: /fs:ntfs
C. SYS C:
D. FDISK /mbr
Answer: B

GIAC   certification GCFA   certification GCFA

NO.20 The MBR of a hard disk is a collection of boot records that contain disk information such as disk
architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating
system files that are required to run a hard disk. In the context of the operating system,
MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.
A. Stealth
B. Boot sector
C. Multipartite
D. File
Answer: B,C

GIAC   certification GCFA   GCFA examen   certification GCFA

NO.21 Which of the following type of file systems is not supported by Linux kernel?
A. vFAT
B. NTFS
C. HFS
D. FAT32
Answer: D

GIAC   certification GCFA   GCFA examen

NO.22 Which of the following is the process of overwriting all addressable locations on a disk?
A. Drive wiping
B. Spoofing
C. Sanitization
D. Authentication
Answer: A

certification GIAC   GCFA   GCFA   GCFA

NO.23 You work as a Network Administrator for Blue Bell Inc. You want to install Windows XP
Professional on your computer, which already has Windows Me installed. You want to configure your
computer to dual boot between Windows Me and Windows XP Professional. You have a single 40GB
hard disk.
Which of the following file systems will you choose to dual-boot between the two operating
systems?
A. NTFS
B. FAT32
C. CDFS
D. FAT
Answer: B

certification GIAC   certification GCFA   certification GCFA   certification GCFA   GCFA

NO.24 Which of the following modules of OS X kernel (XNU) provides the primary system program interface?
A. BSD
B. LIBKERN
C. I/O Toolkit
D. Mach
Answer: A

GIAC   GCFA examen   GCFA

NO.25 Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to
investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer
runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He
knows that in Windows operating system, the data is searched in pre-defined steps for proper and
efficient analysis. Which of the following is the correct order for searching data on a Windows based
system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces
B. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
D. Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces
Answer: D

GIAC examen   GCFA   certification GCFA   certification GCFA   GCFA examen

NO.26 Which of the following file systems provides file-level security?
A. CDFS
B. FAT
C. FAT32
D. NTFS
Answer: D

certification GIAC   GCFA   GCFA   GCFA examen   GCFA

NO.27 Which of the following attacks saturates network resources and disrupts services to a specific
computer?
A. Teardrop attack
B. Polymorphic shell code attack
C. Denial-of-Service (DoS) attack
D. Replay attack
Answer: C

GIAC examen   GCFA   GCFA   GCFA examen   GCFA

NO.28 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning?
A. Solaris
B. Red Hat
C. Knoppix
D. Windows
Answer: D

certification GIAC   GCFA   GCFA   GCFA

NO.29 You work as a Network Administrator for Perfect Solutions Inc. You install Windows 98 on a computer.
By default, which of the following folders does Windows 98 setup use to keep the registry tools?
A. $SYSTEMROOT$REGISTRY
B. $SYSTEMROOT$WINDOWS
C. $SYSTEMROOT$WINDOWSREGISTRY
D. $SYSTEMROOT$WINDOWSSYSTEM32
Answer: B

GIAC   GCFA   GCFA

NO.30 Which of the following is the first computer virus that was used to infect the boot sector of storage
media formatted with the DOS File Allocation Table (FAT) file system?
A. Melissa
B. Tequila
C. Brain
D. I love you
Answer: C

GIAC   GCFA   certification GCFA   GCFA examen   GCFA examen

Vous allez choisir Pass4Test après essayer une partie de Q&A GIAC GCFA (gratuit à télécharger). Le guide d'étude produit par Pass4Test est une assurance 100% à vous aider à réussir le test Certification GIAC GCFA.

Pass4Test offre de GIAC GSLC matériaux d'essai

Les experts de Pass4Test profitent de leurs expériences et connaissances à augmenter successivement la qualité des docmentations pour répondre une grande demande des candidats, juste pour que les candidats soient permis à réussir le test GIAC GSLC par une seule fois. Vous allez avoir les infos plus proches de test réel à travers d'acheter le produti de Pass4Test. Notre confiance sont venue de la grande couverture et la haute précision de nos Q&As. 100% précision des réponses vous donnent une confiance 100%. Vous n'auriez pas aucun soucis avant de participer le test.

Être un travailleur IT, est-ce que vous vous souciez encore pour passer le test Certificat IT? Le test examiner les techniques et connaissances professionnelles, donc c'est pas facile à réussir. Pour les candidats qui participent le test à la première fois, une bonne formation est très importante. Pass4Test offre les outils de formation particulier au test et bien proche de test réel, n'hésitez plus d'ajouter la Q&A au panier.

Pass4Test possède une grande équipe composée des experts IT qui travaillent dur avec leurs riches expériences et connaissances pour produire un bon outil de formation. Selon les anciens test, le test simulation de Pass4Test est bien lié avec le test réel. Pass4Test peut vous assurer à réussir le test. Maintenant vous ajoutez votre outil de formation au panier, et votre rêve réalisera bien tôt.

Un bon choix de l'outil à se former est le point essentiel à passer le test GIAC GSLC, et les documentations à propos de rechercher le test GIAC GSLC est toujours une part plus importante pendant la préparation de test Certification. Les Q&As offertes par les experts de Pass4Test sont presque même que les tests réels. Pass4Test est un site web particulièrement en apportant les facilités aux gens qui veulent passer le test Certification.

Code d'Examen: GSLC
Nom d'Examen: GIAC (GIAC Security Leadership Certification (GSLC))
Questions et réponses: 567 Q&As

Si vous êtes intéressé par l'outil formation GIAC GSLC étudié par Pass4Test, vous pouvez télécharger tout d'abord le démo. Le service de la mise à jour gratuite pendant un an est aussi offert pour vous.

GSLC Démo gratuit à télécharger: http://www.pass4test.fr/GSLC.html

NO.1 You are responsible for security at a company that uses a lot of Web applications. You are most
concerned about flaws in those applications allowing some attacker to get into your network. What
method would be best for finding such flaws?
A. Automated penetration testing
B. Code review
C. Manual penetration testing
D. Vulnerability scanning
Answer: D

GIAC examen   GSLC examen   GSLC

NO.2 The promiscuous mode is a configuration of a network card that makes the card pass all traffic it
receives to the central processing unit rather than just packets addressed to it. Which of the following
tools works by placing the host system network card into the promiscuous mode?
A. Sniffer
B. THC-Scan
C. NetStumbler
D. Snort
Answer: A

certification GIAC   GSLC   GSLC   GSLC examen   certification GSLC

NO.3 You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008
Active Directory-based single domain single forest network. The functional level of the forest is Windows
Server 2008. The company's headquarters is located at Los Angeles. A branch office of the company is
located at Denver. You are about to send a message to Rick who is a Network Administrator at Denver.
You want to ensure that the message cannot be read by anyone but the recipient. Which of the following
keys will you use to encrypt the message?
A. Your public key
B. The recipient's private key
C. The recipient's public key
D. Your private key
Answer: C

GIAC   GSLC   GSLC

NO.4 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The domain functional level is set to Windows Server 2003. You have configured an
Active Directory-integrated DNS zone on the network. A new security policy dictates that each incoming
DNS query should be recorded. Which of the following steps will you take to implement the new security
policy?
A. Create a GPO.
Configure Audit Object Access.
Attach the GPO to the domain.
B. Do nothing, each incoming DNS queries is recorded by default in DNS.LOG file.
C. Enable debug logging on the DNS server.
D. Create a new OU.
Move the DNS server account to the OU.
Create a GPO.
Configure Audit Logon events.
Attach the GPO to the OU.
Answer: C

GIAC examen   GSLC examen   GSLC examen   GSLC

NO.5 You work as a Network Administrator for Perfect Solutions Inc. The company has a Windows Active
Directory-based single domain single forest network. The company's network is connected to the Internet
through a T1 line. The firewall is configured on the network for securing the internal network from the
intruders on the Internet. The functional level of the forest is Windows Server 2003. You are designing a
public key infrastructure (PKI) for the network. The security policy of the company states that all users
should use smart cards for authentication. Select and place the type of certificate authority (CA) that is
required to be configured on the network to implement the security policy of the company.
A.
Answer: A

GIAC   certification GSLC   certification GSLC   certification GSLC

NO.6 Which of the following tools is based on Linux and used to carry out the Penetration Testing?
A. JPlag
B. BackTrack
C. Vedit
D. Ettercap
Answer: B

certification GIAC   GSLC   GSLC

NO.7 Which of the following options is an approach to restricting system access to authorized users?
A. MIC
B. MAC
C. RBAC
D. DAC
Answer: C

GIAC   certification GSLC   GSLC   GSLC examen

NO.8 Which of the following encryption algorithms is applied in the PGP encryption system?
A. TDE
B. Triple DES
C. Blowfish
D. IDEA
Answer: D

GIAC   GSLC examen   GSLC   GSLC examen

NO.9 John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he
noted down the passwords of the employees while they were typing them on their computer screens.
Which of the following social engineering attacks did he just perform?
A. Shoulder surfing
B. Important user posing
C. Dumpster diving
D. Authorization by third party
Answer: A

certification GIAC   certification GSLC   GSLC   certification GSLC

NO.10 Which system is designed to analyze, detect, and report on security-related events.?
A. HIPS
B. NIPS
C. NIDS
D. HIDS
Answer: B

GIAC   GSLC   GSLC examen   GSLC   GSLC examen

NO.11 Which of the following viruses is designed to prevent antivirus researchers from examining its code by
using various methods that make tracing and disassembling difficult?
A. Armored virus
B. Stealth virus
C. Multipartite virus
D. Polymorphic virus
Answer: A

GIAC   GSLC   GSLC examen   certification GSLC

NO.12 Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.
A. Security policy
B. Auditing
C. Security awareness training
D. Data Backup
Answer: A, C

GIAC examen   certification GSLC   certification GSLC   GSLC   GSLC

NO.13 Which of the following protocols is used as a transport protocol for Internet dial-up connections?
A. SMTP
B. SNMP
C. DHCP
D. PPP
Answer: D

GIAC examen   GSLC   GSLC examen   GSLC examen

NO.14 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate.
You are configuring a public key interface (PKI) to support domain users and computers. All users will use
smart cards for logon. You have configured a global group named SCIssuer that will issue smart cards for
all domain users. A file server named SecServer is configured on the network. The certificate-based
IPSec encryption is required for all communications to and from the SecServer server. A VPN server is
configured on the network to enable sales managers to connect to the network remotely using their
laptops which run Windows Vista Ultimate. The L2TP connection is required for the VPN server. Place the
users, computers, and groups to the certificate templates that are required for implementing the PKI
infrastructure.
A.
Answer: A

GIAC   GSLC   GSLC   GSLC

NO.15 Which of the following is used to describe the type of FTP access in which a user does not have
permissions to list the contents of directories, but can access the contents if he knows the path and file
name?
A. Secure FTP
B. Blind FTP
C. Passive FTP
D. Hidden FTP
Answer: B

GIAC   GSLC examen   GSLC   GSLC examen   certification GSLC

NO.16 Drop the appropriate value to complete the formula.
A.
Answer: A

GIAC   GSLC examen   GSLC examen   GSLC   GSLC examen   GSLC examen

NO.17 Drag and Drop the layers of TCP/IP model according to their level of data encapsulation.
A.
Answer: A

GIAC   GSLC   certification GSLC   GSLC   GSLC

NO.18 Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active
Directory domain-based network. The domain contains one hundred Windows XP Professional client
computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired
Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client
computers must be able to automatically connect to the wireless LAN. However, the unauthorized
computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants
to configure all the wireless access points and client computers to act in accordance with the company's
security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.
A. Configure the authentication type for the wireless LAN to Open system.
B. Install a firewall software on each wireless access point.
C. Configure the authentication type for the wireless LAN to Shared Key.
D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
E. Broadcast SSID to connect to the access point (AP).
F. On each client computer, add the SSID for the wireless LAN as the preferred network.
Answer: C, D. F

NO.19 A wireless network uses multiple modulation schemes to make the signal strong so that it can travel far.
These modulation schemes work with a certain IEEE standard. Choose and drop the correct standards in
the right pane according to the modulation scheme.
A.
Answer: A

GIAC   GSLC examen   GSLC   GSLC

NO.20 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate. You configure a public key infrastructure (PKI) on
the network. You configure a root CA and a subordinate CA on the network. For security reasons, you
want to take the root CA offline. You are required to configure the CA servers to support for certificate
revocation.
Choose the steps you will take to accomplish the task.
A.
Answer: A

GIAC examen   GSLC   GSLC   GSLC examen   GSLC

NO.21 Fill in the blank with the appropriate type of router.
A ______ router performs packet-filtering and is used as a firewall.
A. screening
Answer: A

GIAC examen   GSLC   certification GSLC   GSLC   GSLC   certification GSLC

NO.22 You are the project manager for your organization and are trying to determine which vendor your
organization will use. You have determined that any vendor that would like to bid on your project work will
need to have a Microsoft Certified System Engineer on staff, have eight years of Cisco experience, and
have at least two references from similar projects. What have you created in this scenario?
A. Screening system for the vendors
B. Weighting system for the vendors
C. Preferred vendors list
D. Bidders conference
Answer: A

GIAC   GSLC examen   certification GSLC   GSLC examen   GSLC examen   GSLC examen

NO.23 Which of the following provides security by implementing authentication and encryption on Wireless
LAN (WLAN)?
A. WEP
B. WAP
C. L2TP
D. IPSec
Answer: A

certification GIAC   GSLC examen   GSLC

NO.24 Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for
Internet Access. He wants to fulfill the following goals:
No external traffic should be allowed into the network.
Administrators should be able to restrict the websites which can be accessed by the internal
users.
Which of the following technologies should he use to accomplish the above goals? (Click the Exhibit
button on the toolbar to see the case study.)
A. Internet Connection Sharing (ICS)
B. Network Address Translator (NAT)
C. Firewall
D. Proxy Server
E. Routing and Remote Access Service (RRAS)
Answer: D

GIAC examen   certification GSLC   GSLC examen   GSLC   GSLC

NO.25 You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008
domain-based network. The network has three Windows Server 2008 member servers and 150 Windows
Vista client computers. According to the company's security policy, you want to apply a firewall profile to
the network.Choose the firewall profiles supported by Windows Server 2008 and Windows Vista.
A.
Answer: A

GIAC   certification GSLC   GSLC examen   GSLC   GSLC

NO.26 Fill in the blank with the appropriate word.
A_______ is a computer system on the Internet that is expressly set up to attract and trap people who
attempt to penetrate other people's computer systems.
A. honeypot
Answer: A

GIAC   certification GSLC   GSLC   GSLC

NO.27 Which of the following are the goals of risk management?
Each correct answer represents a complete solution. Choose three.
A. Identifying the risk
B. Finding an economic balance between the impact of the risk and the cost of the countermeasure
C. Identifying the accused
D. Assessing the impact of potential threats
Answer: A, B, D

GIAC   GSLC   GSLC   GSLC   GSLC examen

NO.28 Which of the following programs can collect various types of personal information, such as Internet
surfing habits, and Web sites that the user has visited?
A. Spyware
B. Honeypot
C. Worm
D. Malware
Answer: A

certification GIAC   GSLC   GSLC   GSLC   certification GSLC

NO.29 Janet is the project manager of the NHQ Project for her company. Janet is nearly done leading the
project and there have been no cost or schedule overruns in the development of the new software for her
company. The project team has been completing their work on time and there is still $75,000 left in the
project budget. Janet decides to have the project team implement some extra features to the project
scope to use all of the $75,000 in the budget even though the customer didn't specifically ask for the
added features. This scenario is an example of which one of the following?
A. Scope creep
B. Gold plating
C. Change management
D. Value added change
Answer: B

GIAC   certification GSLC   certification GSLC   certification GSLC

NO.30 Which of the following applications would be considered a data warehousing application?
A. Golf score tracking
B. Badge reader
C. Fraud detection
D. eCommerce site
Answer: C

GIAC   GSLC   GSLC   GSLC   GSLC

Le test GIAC GSLC peut bien examnier les connaissances et techniques professionnelles. Pass4Test est votre raccourci amené au succès de test GIAC GSLC. Chez Pass4Test, vous n'avez pas besoin de dépenser trop de temps et d'argent juste pour préparer le test GIAC GSLC. Travaillez avec l'outil formation de Pass4Test visé au test, il ne vous demande que 20 heures à préparer.

订阅：博文 (Atom)