GIAC-GSEC

Which of the following are advantages of Network Intrusion Detection Systems (NIDS)? E. Inexpensive to manage

Which of the following protocols is used by a host that knows its own MAC (Media Access Control) address to query a server for its own IP address?

What is the motivation behind SYN/FIN scanning?

There is not universal agreement on the names of the layers in the TCP/IP networking model. Which of the following is one of the functions of the bottom layer which is sometimes called the Network Access or Link Layer?

Which of the following is a private, RFC 1918 compliant IP address that would be assigned to a DHCP scope on a private LAN?

When using Pretty Good Privacy (PGP) to digitally sign a message, the signature is created in a two-step process. First, the message to be signed is submitted toPGP's cryptographic hash algorithm. What is one of the hash algorithms used by PGP for this process?

You are the security director for an off-shore banking site. From a business perspective, what is a major factor to consider before running your new vulnerability scanner against the company's business systems?

Which of the following is a benefit to utilizing Cygwin for Windows?

What technical control provides the most critical layer of defense if an intruder is able to bypass all physical security controls and obtain tapes containing critical data? E. Corrective Controls

Two clients connecting from the same public IP address (for example - behind the same NAT firewall) can connect simultaneously to the same web server on theInternet, provided what condition is TRUE?

Which of the following is a standard Unix command that would most likely be used to copy raw file system data for later forensic analysis?

Which of the following is NOT a recommended best practice for securing Terminal Services and Remote Desktop?

When an IIS filename extension is mapped, what does this mean?

Which Linux file lists every process that starts at boot time?

Which of the following is TRUE regarding the ability of attackers to eavesdrop on wireless communications?

An employee is currently logged into the corporate web server, without permission. You log into the web server as 'admin" and look for the employee's username:"dmaul" using the "who" command. This is what you get back:

Which of the following statements about policy is FALSE?

How many bytes does it take to represent the hexadecimal value OxFEDCBA?

Which of the following choices accurately describes how PGP works when encrypting email?

With regard to defense-in-depth, which of the following statements about network design principles is correct?

Which of the following quantifies the effects of a potential disaster over a period of time?

Which of the following statements about Microsoft's VPN client software is FALSE?

Which common firewall feature can be utilized to generate a forensic trail of evidence and to identify attack trends against your network?

Which of the following systems acts as a NAT device when utilizing VMware in NAT mode?

Your organization is developing a network protection plan. No single aspect of your network seems more important than any other. You decide to avoid separating your network into segments or categorizing the systems on the network. Each device on the network is essentially protected in the same manner as all other devices.This style of defense-in-depth protection is best described as which of the following?

When a packet leaving the network undergoes Network Address Translation (NAT), which of the following is changed?

Which of the following elements is the most important requirement to ensuring the success of a business continuity plan? E. Training

Which of the following is a new Windows Server 2008 feature for the Remote Desktop Protocol (RDP)?

You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addition to the NOP commands, there appears to be a malicious payload. Of the following, which is the most appropriate preventative measure for this type of attack?

Validating which vulnerabilities in a network environment are able to be exploited by an attacker is called what?