Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GIAC Certification GISP Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GISP Premium Access

View all detail and faqs for the GISP exam

Go to Exam

772 Students Passed

96% Average Score

94% Same Questions
Viewing page 11 out of 14 pages
Viewing questions 151-165 out of questions
Questions # 151:

Which of the following needs to be documented to preserve evidences for presentation in court?

Options:

A.

Incident response policy

B.

Separation of duties

C.

Chain of custody

D.

Account lockout policy

Questions # 152:

Which of the following protocols is used to provide security for wireless local area networks (WLANs)?

Options:

A.

WEP

B.

EAP

C.

NAT

D.

TLS

Questions # 153:

You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?

Options:

A.

Only users within the company.

B.

Anyone can authenticate.

C.

Only users with the correct WEP key.

D.

Only the administrator.

Questions # 154:

Which of the following are the goals of the cryptographic systems?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Availability

B.

Authentication

C.

Integrity

D.

Confidentiality

Questions # 155:

Which of the following ensures that a sender cannot deny sending a message?

Options:

A.

Authentication

B.

Snooping

C.

Spoofing

D.

Non repudiation

Questions # 156:

Which of the following are the primary components of a discretionary access control (DAC) model?

Each correct answer represents a complete solution. Choose two.

Options:

A.

User's group

B.

Access rights and permissions

C.

File and data ownership

D.

Smart card

Questions # 157:

Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS)?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Authentication

B.

Data encryption

C.

Authorization

D.

Accounting

Questions # 158:

Which of the following is the default port for TACACS?

Options:

A.

UDP port 49

B.

TCP port 443

C.

TCP port 25

D.

TCP port 80

Questions # 159:

Which of the following types of evidence is considered as the best evidence?

Options:

A.

A copy of the original document

B.

A computer-generated record

C.

Information gathered through the witness's senses

D.

The original document

Questions # 160:

Which of the following is an attack with IP fragments that cannot be reassembled?

Options:

A.

Teardrop attack

B.

Dictionary attack

C.

Password guessing attack

D.

Smurf attack

Questions # 161:

John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?

Options:

A.

Session splicing attack

B.

Evasion attack

C.

Insertion attack

D.

Polymorphic shell code attack

Questions # 162:

Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?

Options:

A.

Web caching

B.

Hacking

C.

Packet filtering

D.

Spoofing

Questions # 163:

Which of the following statements about DMZ is true?

Options:

A.

DMZ is a corporate network used as the Internet.

B.

DMZ is a firewall that lies in between two corporate networks.

C.

DMZ is a network that is not connected to the Internet.

D.

DMZ is a network that lies in between a corporate network and the Internet.

Questions # 164:

Which of the following refers to encrypted text?

Options:

A.

Plaintext

B.

Cookies

C.

Hypertext

D.

Ciphertext

Questions # 165:

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values:

ItemID1=2

ItemPrice1=900

ItemID2=1

ItemPrice2=200

Modified cookie values:

ItemID1=2

ItemPrice1=1

ItemID2=1

ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

Options:

A.

Cross site scripting

B.

Man-in-the-middle attack

C.

Cookie poisoning

D.

Computer-based social engineering

Viewing page 11 out of 14 pages
Viewing questions 151-165 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA