GIAC GSLC Exam Practice Questions (P. 3)

You are the project manager for your organization and are trying to determine which vendor your organization will use. You have determined that any vendor that would like to bid on your project work will need to have a Microsoft Certified System Engineer on staff, have eight years of Cisco experience, and have at least two references from similar projects. What have you created in this scenario?

Which of the following tools is based on Linux and used to carry out the Penetration Testing?

SIMULATION -
Fill in the blank with the appropriate type of router.
A ______ router performs packet-filtering and is used as a firewall.

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He wants to test the response of a DDoS attack on the we-are-secure server. To accomplish this, he takes the following steps:
✑ Instead of directly attacking the target computer, he first identifies a less secure network named Infosecure that contains a network of 100 computers.
✑ He breaks this less secure network and takes control of all its computers. After completing this step, he installs a DDoS attack tool on each computer of the
Infosecure network.
✑ Finally, he uses all the computers of the less secure network to carry out the DDoS attack on the we-are-secure server.
Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?
Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes is NOT a part of the Project Procurement Management Knowledge Area?

You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network. You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?

Which of the following are countermeasures to prevent unauthorized database access attacks?
Each correct answer represents a complete solution. Choose all that apply.

Which interface does an IPS sensor use to communicate with a security appliance for management purposes?

An attacker makes an attempt against a Web server. The result is that the attack takes the form of URLs. These URLs search for a certain string that identifies an attack against the Web server. Which IDS/IPS detection method do the URLs use to detect and prevent an attack?