Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Pass the GIAC Certification GCFW Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GCFW Premium Access

View all detail and faqs for the GCFW exam

Go to Exam

521 Students Passed

92% Average Score

90% Same Questions
Viewing page 1 out of 12 pages
Viewing questions 1-10 out of questions
Questions # 1:

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP network. You have been assigned a task to configure a stateful packet filtering firewall to secure the network of the company. You are encountering some problems while configuring the stateful packet filtering firewall. Which of the following can be the reasons for your problems?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It contains additional overhead of maintaining a state table.

B.

It has to open up a large range of ports to allow communication.

C.

It is complex to configure.

D.

It has limited logging capabilities.

Questions # 2:

Which of the following statements about Access control list (ACL) is true?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Extended IP Access Control List permits or denies packets only from a specific source IP addresses.

B.

Standard IP Access Control List permits or denies packets only from specific source IP addr esses.

C.

Standard IP Access Control List can be used to permit or deny traffic from a specific source IP addresses or for a specific destination IP address, and port.

D.

Extended IP Access Control List permits or denies traffic from a specific source IP addresses or for a specific destination IP address, and port.

E.

Access control list filters packets or network traffic by controlling whether routed packets are forwarded or blocked at the router's interfaces.

Questions # 3:

Which of the following number ranges is used for the IPX Standard ACL?

Options:

A.

800-899

B.

1000-1099

C.

900-999

D.

1200-1299

Questions # 4:

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

Options:

A.

Netresident

B.

Snort

C.

Wireshark

D.

NetWitness

Questions # 5:

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

Options:

A.

Fragmentation overwrite attack

B.

Evasion attack

C.

Insertion attack

D.

Fragmentation overlap attack

Questions # 6:

Which of the following is a Windows-based tool used for packet analysis?

Options:

A.

WinPcap

B.

AirPcap

C.

Tcpdump

D.

WinDump

Questions # 7:

You are tasked with configuring your routers with a minimum security standard that includes the following:

l A local Username and Password configured on the router

l A strong privilege mode password

l Encryption of user passwords

l Configuring telnet and ssh to authenticate against the router user database

Choose the configuration that best meets these requirements.

Options:

A.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

B.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login

C.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable password n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

D.

RouterA(config)#service enable-password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login user

Questions # 8:

You work as a Network Administrator for SmartCert Inc. The company's network contains five Windows 2003 servers and ninety Windows XP Professional client computers. You want to view all the incoming requests to an Internet Information Services (IIS) server and allow only requests that comply with a rule set, created by you, to be processed. You also want to detect the intrusion attempts by recognizing the strange characters in a URL on a Web server. What will you do to accomplish the task?

Options:

A.

Configure a connection to the SQL database by using the RELOG command-line utility.

B.

Use the URLScan tool.

C.

Use the Remote Desktop Protocol (RDP).

D.

Use the HFNETCHK utility.

Questions # 9:

Which of the following TShark options is used to set capture buffer size in MB?

Options:

A.

-F

B.

-G

C.

-C

D.

-B

Questions # 10:

You work as a Network Security Administrator for NetPerfect Inc. The company has a Windowsbased network. You are incharge of the data and network security of the company. While performing a threat log analysis, you observe that one of the database administrators is pilfering confidential data. What type of threat is this?

Options:

A.

Zombie

B.

Internal threat

C.

External threat

D.

Malware

Viewing page 1 out of 12 pages
Viewing questions 1-10 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA