Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GIAC Certification GISP Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GISP Premium Access

View all detail and faqs for the GISP exam

Go to Exam

772 Students Passed

96% Average Score

94% Same Questions
Viewing page 2 out of 14 pages
Viewing questions 16-30 out of questions
Questions # 16:

Which of the following is NOT a countermeasure against a spoofing attack?

Options:

A.

Patching operating system

B.

Installing Anti-virus software

C.

Patching application

D.

Employing IDS

Questions # 17:

Which of the following is not a major concern in traditional business transactions as compare to online transactions?

Options:

A.

Bookkeeping

B.

Security

C.

Product Quality

D.

Customer Support

Questions # 18:

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this?

Each correct answer represents a part of the solution. Choose three.

Options:

A.

Configure the authentication type for the wireless LAN to Open system.

B.

Broadcast SSID to connect to the access point (AP).

C.

Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

D.

Install a firewall software on each wireless access point.

E.

On each client computer, add the SSID for the wireless LAN as the preferred network.

F.

Configure the authentication type for the wireless LAN to Shared Key.

Questions # 19:

Which of the following are examples of passive attacks?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Shoulder surfing

B.

Dumpster diving

C.

Placing a backdoor

D.

Eavesdropping

Questions # 20:

You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

NT authentication should be required for all customers before they provide their credit card numbers.

B.

Strong encryption software should be used to store credit card information.

C.

The NTFS file system should be implemented on a client computer.

D.

Limited and authorized access should be allowed on the stored credit card information.

Questions # 21:

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

Options:

A.

Fraggle

B.

Ping of death

C.

Jolt

D.

Teardrop

Questions # 22:

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:

•Network diagrams of the we-are-secure infrastructure

•Source code of the security tools

•IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?

Options:

A.

Graybox

B.

Whitebox

C.

Blackbox

D.

Alpha testing

Questions # 23:

Which of the following ports is used by the control connection on the FTP server?

Options:

A.

TCP port 23

B.

TCP port 21

C.

TCP port 53

D.

TCP port 443

Questions # 24:

Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?

Options:

A.

TCP port 110

B.

UDP port 161

C.

UDP port 1701

D.

TCP port 443

Questions # 25:

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Options:

A.

Visitors

B.

Customers

C.

Employees

D.

Hackers

Questions # 26:

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

Options:

A.

Network-based

B.

File-based

C.

Signature-based

D.

Anomaly-based

Questions # 27:

Which of the following statements about smurf is true?

Options:

A.

It is a UDP attack that involves spoofing and flooding.

B.

It is an ICMP attack that involves spoofing and flooding.

C.

It is a denial of service (DoS) attack that leaves TCP ports open.

D.

It is an attack with IP fragments that cannot be reassembled.

Questions # 28:

Which of the following types of virus is capable of changing its signature to avoid detection?

Options:

A.

Macro virus

B.

Polymorphic virus

C.

Stealth virus

D.

Boot sector virus

Questions # 29:

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the _____ layer of the OSI model.

Options:

A.

transport

Questions # 30:

Which of the following technologies are forms of single sign-on (SSO)?

Each correct answer represents a complete solution. Choose three.

Options:

A.

CoSign

B.

SESAME

C.

Kerberos

D.

RADIUS

Viewing page 2 out of 14 pages
Viewing questions 16-30 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA