Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
GIAC
GIAC Certification
GCFW
GIAC Certified Firewall Analyst Questions and Answers

Pass the GIAC Certification GCFW Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam GCFW Premium Access

View all detail and faqs for the GCFW exam

Go to Exam

860 Students Passed

85% Average Score

97% Same Questions

Viewing page 5 out of 12 pages

Viewing questions 41-50 out of questions

Questions # 41:

Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?

Options:

Biometric device

Man trap

Host Intrusion Detection System (HIDS)

Network Intrusion Detection System (NIDS)

Answer

Questions # 42:

The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just packets addressed to it. Which of the following tools works by placing the host system network card into the promiscuous mode?

Options:

Snort

THC-Scan

NetStumbler

Sniffer

Answer

Questions # 43:

Which of the following fields is 13 bits long and specifies the offset of a particular fragment relative to the beginning of the original un-fragmented IP datagram?

Options:

Time to live

Protocol

Header checksum

Fragment offset

Answer

Questions # 44:

Which of the following tools uses PDA and barcode technologies in order to enable effective identification, control, and reporting of items in a site?

Options:

Smart card

Vulnerability scanner

Baseline audit

Biometric device

Answer

Questions # 45:

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?

Each correct answer represents a complete solution. Choose all that apply.

Options:

DES

IDEA

RC4

Blowfish

Answer

A, B, D

Questions # 46:

You run the tcpdump command line utility and get a report produced by tcpdump. What information does this report include?

Each correct answer represents a complete solution. Choose three.

Options:

Packets dropped by kernel

Packets discarded

Packets captured

Packets received by filter

Answer

A, C, D

Questions # 47:

Which of the following steps are generally followed in computer forensic examinations?

Each correct answer represents a complete solution. Choose three.

Options:

Authenticate

Acquire

Encrypt

Analyze

Answer

A, B, D

Questions # 48:

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. Choose all that apply.

Options:

Whisker

Fragroute

Nessus

Y.A.T.

Answer

A, C

Questions # 49:

Which of the following actions can be taken as the countermeasures against the ARP spoofing attack?

Each correct answer represents a complete solution. Choose all that apply.

Options:

Placing static ARP entries on servers and routers

Looking for large amount of ARP traffic on local subnets

Using Private VLANs

Using 8 digit passwords for authentication

Answer

A, B, C

Questions # 50:

An organization has a TCP/IP based network. It uses IPv6 addressing in its network. IPv6 tackles addressing and routing-table problems, and improves the protocol as well. Which of the following statements is true about IPv6?