Tested GIAC GCIA Training Materials Online

NEW QUESTION 1
Host-based IDS (HIDS) is an Intrusion Detection System that runs on the system to be monitored. HIDS monitors only the data that it is directed to, or originates from the system on which HIDS is installed. Besides monitoring network traffic for detecting attacks, it can also monitor other parameters of the system such as running processes, file system access and integrity, and user logins for identifying malicious activities. Which of the following tools are examples of HIDS?
Each correct answer represents a complete solution. Choose all that apply.

• A. HPing
• B. BlackIce Defender
• C. Tripwire
• D. Legion

Answer: BC

NEW QUESTION 2
Which of the following cryptographic methods are used in EnCase to ensure the integrity of the data, which is acquired for the investigation?
Each correct answer represents a complete solution. Choose two.

• A. CRC
• B. HAVAL
• C. Twofish
• D. MD5

Answer: AD

NEW QUESTION 3
What are the limitations of the POP3 protocol?
Each correct answer represents a complete solution. Choose three.

• A. E-mails can be retrieved only from the Inbox folder of a mailbo
• B. E-mails stored in any other folder are not accessibl
• C. It is only a retrieval protoco
• D. It is designed to work with other applications that provide the ability to send e-mail
• E. It does not support retrieval of encrypted e-mail
• F. It uses less memory spac

Answer: ABC

NEW QUESTION 4
Which of the following can be applied as countermeasures against DDoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Limiting the amount of network bandwidt
• B. Blocking IP addres
• C. Using LM hashes for password
• D. Using Intrusion detection system
• E. Using the network-ingress filterin

Answer: ABDE

NEW QUESTION 5
Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?
Each correct answer represents a complete solution. Choose three.

• A. These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized acces
• B. These are the threats that originate from within the organizatio
• C. These are the threats intended to flood a network with large volumes of access request
• D. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Interne

Answer: ACD

NEW QUESTION 6
What is the function of PING LOCALHOST command?

• A. It verifies that DNS is correctly set up to allow communication with a host, named LOCALHO S
• B. It verifies that TCP/IP is bound correctly to the network adapter by communicating with the domain controlle
• C. It verifies that TCP/IP is bound correctly to the network adapter by communicating with the successfully initialized IP addres
• D. It verifies that TCP/IP is bound correctly to the network adapter by communicating with the loopback address 127.0.0.1.

Answer: D

NEW QUESTION 7
Which of the following conclusions can be drawn from viewing the given output generated by the PING command-line utility?

• A. The network bandwidth is heavily utilize
• B. The IP address of the destination computer is not resolve
• C. There is no connectivity between the source and the destination compute
• D. The hub is not workin

Answer: C

NEW QUESTION 8
Which of the following Windows XP system files handles memory management, I/O operations, and interrupts?

• A. Ntoskrnl.exe
• B. Advapi32.dll
• C. Kernel32.dll
• D. Win32k.sys

Answer: C

NEW QUESTION 9
Which of the following log files are used to collect evidences before taking the bit-stream image of the BlackBerry?
Each correct answer represents a complete solution. Choose all that apply.

• A. user history
• B. Transmit/Receive
• C. Radio status
• D. Roam and Radio

Answer: BCD

NEW QUESTION 10
What is the name of the group of blocks which contains information used by the operating system in Linux system?

• A. logblock
• B. Bootblock
• C. Superblock
• D. Systemblock

Answer: C

NEW QUESTION 11
Which of the following switches is used with Pslist command on the command line to show the statistics for all active threads on the system, grouping these threads with their owning process?

• A. Pslist -x
• B. Pslist -m
• C. Pslist -t
• D. Pslist -d

Answer: D

NEW QUESTION 12
Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

• A. Swatch
• B. IPLog
• C. Timbersee
• D. Snort

Answer: D

NEW QUESTION 13
John enters a URL http://www.cisco.com/web/learning in the web browser. A web page appears after he enters the URL. Which of the following protocols is used to resolve www.cisco.com into the correct IP address?

• A. DNS
• B. SMTP
• C. DHCP
• D. ARP

Answer: A

NEW QUESTION 14
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008- based network. You have created a test domain for testing IPv6 addressing. Which of the following types of addresses are supported by IPv6?
Each correct answer represents a complete solution. Choose all that apply.

• A. Unicast
• B. Multicast
• C. Broadcast
• D. Anycast

Answer: ABD

NEW QUESTION 15
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?

• A. PsExec
• B. PsList
• C. Fpipe
• D. Cain

Answer: C

NEW QUESTION 16
Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?

• A. Propagating Cipher Block Chaining (PCBC) Mode
• B. Cipher Block Chaining (CBC) Mode
• C. Electronic Codebook (ECB) Mode
• D. Cipher Feedback (CFB) Mode

Answer: B

NEW QUESTION 17
Andrew works as a System Administrator for NetPerfect Inc. All client computers on the network run on Mac OS X. The Sales Manager of the company complains that his MacBook is not able to boot. Andrew wants to check the booting process. He suspects that an error persists in the bootloader of Mac OS X. Which of the following is the default bootloader on Mac OS X that he should use to resolve the issue?

• A. LILO
• B. BootX
• C. NT Loader
• D. GRUB

Answer: B

NEW QUESTION 18
Which of the following techniques is used to log network traffic?

• A. Cracking
• B. IP address spoofing
• C. Tunneling
• D. Sniffing

Answer: D

NEW QUESTION 19
Which of the following is an exact duplicate of computer's hard drive?

• A. system image
• B. bit-stream image
• C. data image
• D. drive image

Answer: B

NEW QUESTION 20
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to send malicious data packets in such a manner that one packet fragment overlaps data from a previous fragment so that he can perform IDS evasion on the We-are-secure server and execute malicious data. Which of the following tools can he use to accomplish the task?

• A. Hunt
• B. Alchemy Remote Executor
• C. Mendax
• D. Ettercap

Answer: C

NEW QUESTION 21
......