GIAC GSNA Exam Practice Questions (P. 5)
- Full Access (416 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #41
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a wireless sniffer to sniff the We-are-secure network.
Which of the following tools will he use to accomplish his task?
Which of the following tools will he use to accomplish his task?
- AWEPCrack
- BKismet
- CSnadboy's Revelation
- DNetStumbler
Correct Answer:
Answer: D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g
According to the scenario, John will use Kismet. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and802.11n traffic. Kismet can be used for the following tasks:
✑ To identify networks by passively collecting packets
✑ To detect standard named networks
✑ To detect masked networks
✑ To collect the presence of non-beaconing networks via data traffic standards. It detects wireless networks and marks their relative position with a GPS.
Answer: D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g
According to the scenario, John will use Kismet. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and802.11n traffic. Kismet can be used for the following tasks:
✑ To identify networks by passively collecting packets
✑ To detect standard named networks
✑ To detect masked networks
✑ To collect the presence of non-beaconing networks via data traffic standards. It detects wireless networks and marks their relative position with a GPS.
send
light_mode
delete
Question #42
You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem.
Which of the following utilities will you use to diagnose the problem?
Which of the following utilities will you use to diagnose the problem?
- APING
- BIPCONFIG
- CTRACERT
- DNSLOOKUP
Correct Answer:
Answer: A is incorrect. The ping command-line utility is used to test connectivity with a host on a TCP/IP-based network. This is achieved by sending out a series
NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems. It performs its function by sending queries to the DNS server and obtaining detailed responses at the command prompt. This information can be useful for diagnosing and resolving name resolution issues, verifying whether or not the resource records are added or updated correctly in a zone, and debugging other server-related problems. This tool is installed along with the TCP/IP protocol through the Control Panel. of packets to a specified destination host. On receiving the packets, the destination host responds with a series of replies. These replies can be used to determine whether or not the network is working properly.
Configuration Protocol (DHCP) allocated leases. It is also used to display, register, or flush Domain Name System (DNS) names.
Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.
Answer: A is incorrect. The ping command-line utility is used to test connectivity with a host on a TCP/IP-based network. This is achieved by sending out a series
NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems. It performs its function by sending queries to the DNS server and obtaining detailed responses at the command prompt. This information can be useful for diagnosing and resolving name resolution issues, verifying whether or not the resource records are added or updated correctly in a zone, and debugging other server-related problems. This tool is installed along with the TCP/IP protocol through the Control Panel. of packets to a specified destination host. On receiving the packets, the destination host responds with a series of replies. These replies can be used to determine whether or not the network is working properly.
Configuration Protocol (DHCP) allocated leases. It is also used to display, register, or flush Domain Name System (DNS) names.
Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.
send
light_mode
delete
Question #43
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking.
Which of the following tools will John use to accomplish the task?
Which of the following tools will John use to accomplish the task?
- AIPChains
- BTripwire
- CHunt
- DEthercap
Correct Answer:
Answer: D is incorrect. Ethercap is a network sniffer and packet generator. It may be an option, but John wants to do session hijacking as well. Hence, he will not
In such a scenario, John will use Hunt which is capable of performing both the hacking techniques, sniffing and session hijacking. use Ethercap.
Answer: D is incorrect. Ethercap is a network sniffer and packet generator. It may be an option, but John wants to do session hijacking as well. Hence, he will not
In such a scenario, John will use Hunt which is capable of performing both the hacking techniques, sniffing and session hijacking. use Ethercap.
send
light_mode
delete
Question #44
In which of the following CAATs (Computer Assisted Auditing Techniques) does an auditor perform tests on computer files and databases?
- AParallel Simulation
- BGeneralized Audit Software (GAS)
- CTest Data
- DCustom Audit Software (CAS)
Correct Answer:
B
CAATs (Computer Assisted Auditing Techniques) are used to test application controls as well as perform substantive tests on sample items. Following are the types of CAATs:
Generalized Audit Software (GAS): It allows the auditor to perform tests on computer files and databases.
Custom Audit Software (CAS): It is generally written by auditors for specific audit tasks. CAS is necessary when the organization's computer system is not compatible with the auditor's GAS or when the auditor wants to conduct some testing that may not be possible with the GAS.
Test Data: The auditor uses test data for testing the application controls in the client's computer programs. The auditor includes simulated valid and invalid test data, used to test the accuracy of the computer system's operations. This technique can be used to check data validation controls and error detection routines, processing logic controls, and arithmetic calculations, to name a few.
Parallel Simulation: The auditor must construct a computer simulation that mimics the client's production programs.
Integrated TestFacility: The auditor enters test data along with actual data in a normal application run.
B
CAATs (Computer Assisted Auditing Techniques) are used to test application controls as well as perform substantive tests on sample items. Following are the types of CAATs:
Generalized Audit Software (GAS): It allows the auditor to perform tests on computer files and databases.
Custom Audit Software (CAS): It is generally written by auditors for specific audit tasks. CAS is necessary when the organization's computer system is not compatible with the auditor's GAS or when the auditor wants to conduct some testing that may not be possible with the GAS.
Test Data: The auditor uses test data for testing the application controls in the client's computer programs. The auditor includes simulated valid and invalid test data, used to test the accuracy of the computer system's operations. This technique can be used to check data validation controls and error detection routines, processing logic controls, and arithmetic calculations, to name a few.
Parallel Simulation: The auditor must construct a computer simulation that mimics the client's production programs.
Integrated TestFacility: The auditor enters test data along with actual data in a normal application run.
send
light_mode
delete
Question #45
You are concerned about an attacker being able to get into your network. You want to make sure that you are informed of any network activity that is outside normal parameters.
What is the best way to do this?
What is the best way to do this?
- AUtilize protocol analyzers.
- BUser performance monitors.
- CImplement signature based antivirus.
- DImplement an anomaly based IDS.
Correct Answer:
Answer: C is incorrect. Antivirus software, while important, won't help detect the activities of intruders.
An anomaly based Intrusion Detection System will monitor the network for any activity that is outside normal parameters (i.e. an anomaly) and inform you of it.
Answer: C is incorrect. Antivirus software, while important, won't help detect the activities of intruders.
An anomaly based Intrusion Detection System will monitor the network for any activity that is outside normal parameters (i.e. an anomaly) and inform you of it.
send
light_mode
delete
Question #46
Which of the following is a technique for creating Internet maps? (Choose two)
- AAS PATH Inference
- BObject Relational Mapping
- CActive Probing
- DNetwork Quota
Correct Answer:
AC
There are two prominent techniques used today for creating Internet maps:
Active probing: It is the first works on the data plane of the Internet and is called active probing. It is used to infer Internet topology based on router adjacencies.
AS PATH Inference: It is the second works on the control plane and infers autonomous system connectivity based on BGP data.
AC
There are two prominent techniques used today for creating Internet maps:
Active probing: It is the first works on the data plane of the Internet and is called active probing. It is used to infer Internet topology based on router adjacencies.
AS PATH Inference: It is the second works on the control plane and infers autonomous system connectivity based on BGP data.
send
light_mode
delete
Question #47
Which of the following statements are true about data aggregation?
- AA common aggregation purpose is to get more information about particular groups based on specific variables.
- BData aggregation cannot be user-based.
- CData aggregation is any process in which information is gathered and expressed in a summary form.
- DOnline analytic processing (OLAP) is a simple type of data aggregation.
Correct Answer:
Answer: B is incorrect. Data aggregation can be user-based. Personal data aggregation services offer the user a single point for collection of their personal
Data aggregation is any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis. A common aggregation purpose is to get more information about particular groups based on specific variables such as age, profession, or income. The information about such groups can then be used for Web site personalization to choose content and advertising likely to appeal to an individual belonging to one or more groups for which data has been collected. For example, a site that sells music CDs might advertise certain CDs based on the age of the user and the data aggregate for their age group. Online analytic processing (OLAP) is a simple type of data aggregation in which the marketer uses an online reporting mechanism to process the information. information from other Web sites. The customer uses a single master personal identification number (PIN) to give them access to their various accounts (such as those for financial institutions, airlines, book and music clubs, and so on). Performing this type of data aggregation is sometimes referred to as "screen scraping."
Answer: B is incorrect. Data aggregation can be user-based. Personal data aggregation services offer the user a single point for collection of their personal
Data aggregation is any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis. A common aggregation purpose is to get more information about particular groups based on specific variables such as age, profession, or income. The information about such groups can then be used for Web site personalization to choose content and advertising likely to appeal to an individual belonging to one or more groups for which data has been collected. For example, a site that sells music CDs might advertise certain CDs based on the age of the user and the data aggregate for their age group. Online analytic processing (OLAP) is a simple type of data aggregation in which the marketer uses an online reporting mechanism to process the information. information from other Web sites. The customer uses a single master personal identification number (PIN) to give them access to their various accounts (such as those for financial institutions, airlines, book and music clubs, and so on). Performing this type of data aggregation is sometimes referred to as "screen scraping."
send
light_mode
delete
Question #48
You have just installed a Windows 2003 server. What action should you take regarding the default shares?
- ADisable them only if this is a domain server.
- BDisable them.
- CMake them hidden shares.
- DLeave them, as they are needed for Windows Server operations.
Correct Answer:
Answer: A is incorrect. Whether this is a domain server, a DHCP server, a file server, or database server does not change the issue with shared drives/folders.
Default shares should be disabled, unless they are absolutely needed. They pose a significant security risk by providing a way for an intruder to enter your machine.
Answer: A is incorrect. Whether this is a domain server, a DHCP server, a file server, or database server does not change the issue with shared drives/folders.
Default shares should be disabled, unless they are absolutely needed. They pose a significant security risk by providing a way for an intruder to enter your machine.
send
light_mode
delete
Question #49
Which of the following controls define the direction and behavior required for technology to function properly?
- ADetailed IS controls
- BGeneral controls
- CApplication controls
- DPervasive IS controls
Correct Answer:
greater depth of control integration over a wide area of influence. Answer: B is incorrect. General controls are the parent class of controls that governs all areas of
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The pervasive control permeates the area by using a a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as:
The way system security parameters are set.
How input data is verified before being accepted into an application.
How to lock a user account after unsuccessful logon attempts.
How the department handles acquisitions, security, delivery, implementation, and support of IS services. the general controls, then the pervasive controls and detailed controls, before reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that each system meets the requirement.
greater depth of control integration over a wide area of influence. Answer: B is incorrect. General controls are the parent class of controls that governs all areas of
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The pervasive control permeates the area by using a a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as:
The way system security parameters are set.
How input data is verified before being accepted into an application.
How to lock a user account after unsuccessful logon attempts.
How the department handles acquisitions, security, delivery, implementation, and support of IS services. the general controls, then the pervasive controls and detailed controls, before reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that each system meets the requirement.
send
light_mode
delete
Question #50
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the list of the filesystems mounted automatically at startup by the mount -a command in the /etc/rc startup file.
Which of the following Unix configuration files can you use to accomplish the task?
Which of the following Unix configuration files can you use to accomplish the task?
- A/etc/named.conf
- B/etc/groups
- C/etc/mtab
- D/etc/fstab
Correct Answer:
Answer: C is incorrect. In Unix, the /etc/mtab file contains a list of the currently mounted file systems. This is set up by the boot scripts and updated by the mount
In Unix, the /etc/fstab file is used by system administrators to list the filesystems that are mounted automatically at startup by the mount a command (in /etc/rc or its equivalent startup file). command.
Answer: C is incorrect. In Unix, the /etc/mtab file contains a list of the currently mounted file systems. This is set up by the boot scripts and updated by the mount
In Unix, the /etc/fstab file is used by system administrators to list the filesystems that are mounted automatically at startup by the mount a command (in /etc/rc or its equivalent startup file). command.
send
light_mode
delete
All Pages