Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GIAC Certification GISP Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GISP Premium Access

View all detail and faqs for the GISP exam

Go to Exam

772 Students Passed

96% Average Score

94% Same Questions
Viewing page 10 out of 14 pages
Viewing questions 136-150 out of questions
Questions # 136:

Which of the following are the responsibilities of a custodian with regard to data in an information classification program?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Running regular backups and routinely testing the validity of the backup data

B.

Performing data restoration from the backups when necessary

C.

Controlling access, adding and removing privileges for individual users

D.

Determining what level of classification the information requires

Questions # 137:

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the default port values of the services, which of the following services is running on UDP port 137?

Options:

A.

HTTPS

B.

HTTP

C.

TELNET

D.

NetBIOS

Questions # 138:

Which of the following concepts represent the three fundamental principles of information security?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Integrity

B.

Privacy

C.

Confidentiality

D.

Availability

Questions # 139:

Which of the following VPN protocols offer encryption?

Each correct answer represents a complete solution. Choose two.

Options:

A.

L2F

B.

PPTP

C.

L2TP

D.

IPSec

Questions # 140:

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

Options:

A.

Microsoft Point-to-Point Encryption (MPPE)

B.

Pretty Good Privacy (PGP)

C.

Data Encryption Standard (DES)

D.

IP Security (IPSec)

Questions # 141:

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

Options:

A.

Fragmentation overlap attack

B.

Evasion attack

C.

Fragmentation overwrite attack

D.

Insertion attack

Questions # 142:

What is the hash value length of the Secure Hash Algorithm (SHA-1)?

Options:

A.

164-bit

B.

320-bit

C.

128-bit

D.

160-bit

Questions # 143:

John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

Options:

A.

TCP SYN

B.

TCP SYN/ACK

C.

TCP FIN

D.

Xmas tree

Questions # 144:

Which of the following are types of social engineering attacks?

Each correct answer represents a complete solution. Choose two.

Options:

A.

An unauthorized person gains entrance to the building where the company's database server resides and accesses the server by pretending to be an employee.

B.

An unauthorized person inserts an intermediary software or program between two communicating hosts to listen to and modify the communication packets passing between the two hosts.

C.

An unauthorized person calls a user and pretends to be a system administrator in order to get the user's password.

D.

An unauthorized person modifies packet headers by using someone else's IP address to hide his identity.

Questions # 145:

Which of the following is the main reason for implementing CCTV as part of the physical arrangement?

Options:

A.

Authenticating users

B.

Securing data

C.

Increasing guard visibility

D.

Preventing criminal activities

Questions # 146:

Which of the following protects from electrical and magnetic induction that causes interference to the power voltage?

Options:

A.

Power regulator

B.

Shielded line

C.

Firewall

D.

Smoke detector

Questions # 147:

Which of the following statements about a smart card are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It is used to securely store public and private keys for log on , e-mail signing and encryption, and file encryption.

B.

It is a device that routes data packets between computers in different networks.

C.

It is a device that contains a microprocessor and permanent memory.

D.

It is a device that works as an interface between a computer and a network.

Questions # 148:

Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

Options:

A.

Port security

B.

Multi-Authentication

C.

Quality of Service (QoS)

D.

MAC Authentication Bypass

Questions # 149:

Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?

Options:

A.

Chain of custody

B.

Evidence access policy

C.

Chain of evidence

D.

Incident response policy

Questions # 150:

Which of the following are the goals of risk management?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Identifying the risk

B.

Assessing the impact of potential threats

C.

Finding an economic balance between the impact of the risk and the cost of the countermeasure

D.

Identifying the accused

Viewing page 10 out of 14 pages
Viewing questions 136-150 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA