Pass the GIAC Management GSLC Questions and answers with ExamsMirror

You are the project manager of a Web development project. You want to get information about your competitors by hacking into their computers. You and the project team determine should the hacking attack not be performed anonymously, you will be traced. Hence, you hire a professional hacker to work on the project. This is an example of what type of risk response?

You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare-secure.com. You are working on the Windows Server 2003 operating system. You suspect that your friend has installed the keyghost keylogger onto your computer. Which of the following countermeasures would you employ in such a situation?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The company's network is connected to the Internet through a T1 line. The firewall is configured on the network for securing the internal network from the intruders on the Internet. You are designing a public key infrastructure (PKI) for the network. The network will use a root enterprise certificate authority (CA) and two subordinate CAs. The root CA will be used to issue certificates to the subordinate CAs, and the subordinate CAs will be used to issue certificates to the clients. The security policy of the company dictates that the security of high-level CAs should not be compromised. Which of the following steps will you take to implement the security policy of the company?

You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?

An attacker makes an attempt against a Web server. The result is that the attack takes the form of URLs. These URLs search for a certain string that identifies an attack against the Web server. Which IDS/IPS detection method do the URLs use to detect and prevent an attack?

You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

What does a firewall check to prevent certain ports and applications from getting the packets into an Enterprise?

You have detected what appears to be an unauthorized wireless access point on your network. However this access point has the same MAC address as one of your real access points and is broadcasting with a stronger signal. What is this called?

Which of the following tools can be used for stress testing of a Web server?

Each correct answer represents a complete solution. Choose two.

Which of the following is a virus that can redirect the disk head to read another sector instead of the one in which it resides?

Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker's intentions?

Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?

You are responsible for security on your network. One particular concern is the theft of sensitive data. You want to make sure that end users do not (purposefully or accidentally) take data off the premises. Which of the following should you be concerned about?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following can provide security against man-in-the-middle attack?

A user has opened a Web site that automatically starts downloading malicious code onto his computer. What should he do to prevent this?

Each correct answer represents a complete solution. Choose two.