Pass the GIAC Certification GCFW Questions and answers with ExamsMirror

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint. Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

You work as a technician for Net Perfect Inc. You are troubleshooting a connectivity issue on a network. You are using the ping command to verify the connectivity between two hosts. You want ping to send larger sized packets than the usual 32-byte ones. Which of the following commands will you use?

You send and receive messages on Internet. A man-in-the-middle attack can be performed to capture and read your message. Which of the following Information assurance pillars ensures the security of your message or data against this type of attack?

Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN.

What steps can be used as a countermeasure of ARP spoofing?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. A Cisco switch is configured on the network. You change the original host name of the switch through the hostname command. The prompt displays the changed host name. After some time, power of the switch went off due to some reason. When power restored, you find that the prompt is displaying the old host name. What is the most likely cause?

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP network. You have been assigned a task to configure a stateful packet filtering firewall to secure the network of the company. You are encountering some problems while configuring the stateful packet filtering firewall. Which of the following can be the reasons for your problems?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following firewalls filters the traffic based on the header of the datagram?

Which of the following limits the number of packets seen by tcpdump?

Adam works as a professional Computer Hacking Forensic Investigator, a project has been assigned to him to investigate and examine files present on suspect's computer. Adam uses a tool with the help of which he can examine recovered deleted files, fragmented files, and other corrupted data. He can also examine the data, which was captured from the network, and access the physical RAM, and any processes running in virtual memory with the help of this tool. Which of the following tools is Adam using?

Which of the following are the countermeasures against a man-in-the-middle attack?

Each correct answer represents a complete solution. Choose all that apply.