What Exact GCIA Sample Question Is

Master the GCIA GIAC Certified Intrusion Analyst content and be ready for exam day success quickly with this Certleader GCIA real exam. We guarantee it!We make it a reality and give you real GCIA questions in our GIAC GCIA braindumps.Latest 100% VALID GIAC GCIA Exam Questions Dumps at below page. You can use our GIAC GCIA braindumps and pass your exam.

Also have GCIA free dumps questions for you:

NEW QUESTION 1
Adam works as a Computer Hacking Forensic Investigator in a law firm. He has been assigned with his first project. Adam collected all required evidences and clues. He is now required to write an investigative report to present before court for further prosecution of the case. He needs guidelines to write an investigative report for expressing an opinion. Which of the following are the guidelines to write an investigative report in an efficient way?
Each correct answer represents a complete solution. Choose all that apply.

  • A. All ideas present in the investigative report should flow logically from facts to conclusion
  • B. Opinion of a lay witness should be included in the investigative repor
  • C. The investigative report should be understandable by any reade
  • D. There should not be any assumptions made about any facts while writing the investigative repor

Answer: ACD

NEW QUESTION 2
You work as a Network Administrator for Tech Perfect Inc. Your company has a Windows 2000-based network. You want to verify the connectivity of a host in the network. Which of the following utilities will you use?

  • A. PING
  • B. TELNET
  • C. NETSTAT
  • D. TRACERT

Answer: A

NEW QUESTION 3
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

  • A. Enable verbose logging on the firewall
  • B. Install a network-based IDS
  • C. Install a DMZ firewall
  • D. Install a host-based IDS

Answer: B

NEW QUESTION 4
Which of the following tools is used to analyze the files produced by several popular packetcapture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

  • A. Fpipe
  • B. tcptraceroute
  • C. Sniffer
  • D. tcptrace

Answer: D

NEW QUESTION 5
Adam works as a professional Computer Hacking Forensic Investigator. He wants to investigate a suspicious email that is sent using a Microsoft Exchange server. Which of the following files will he review to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Checkpoint files
  • B. EDB and STM database files
  • C. Temporary files
  • D. cookie files

Answer: ABC

NEW QUESTION 6
At which layers of the OSI and TCP/IP models does IP addressing function?

  • A. OSI Layer 5 and TCP/IP Transport Layer
  • B. OSI Layer 2 and TCP/IP Network Layer
  • C. OSI Layer 4 and TCP/IP Application Layer
  • D. OSI Layer 3 and TCP/IP Internet Layer

Answer: D

NEW QUESTION 7
For a host to have successful Internet communication, which of the following network protocols are required? You should assume that the users will not manually configure the computer in anyway and that the measure of success will be whether the user can access Web sites after powering the computer and logging on.
Each correct answer represents a complete solution. Choose all that apply.

  • A. NTP
  • B. HTTP/HTTPS
  • C. DNS
  • D. DHCP

Answer: BCD

NEW QUESTION 8
Which of the following types of write blocker device uses one interface for one side and a different one for the other?

  • A. Pros
  • B. Tailgat
  • C. Indiff
  • D. Native

Answer: B

NEW QUESTION 9
Which of the following ICMPv6 neighbor discovery messages is sent by hosts to request an immediate router advertisement, instead of waiting for the next scheduled advertisement?

  • A. Neighbor Solicitation
  • B. Router Solicitation
  • C. Neighbor Advertisement
  • D. Router Advertisement

Answer: B

NEW QUESTION 10
Which of the following are default ports for the FTP service?
Each correct answer represents a complete solution. Choose two.

  • A. 80
  • B. 21
  • C. 20
  • D. 443

Answer: BC

NEW QUESTION 11
Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?

  • A. Production honeypot
  • B. Research honeypot
  • C. Honeynet
  • D. Honeyfarm

Answer: A

NEW QUESTION 12
Which of the following statements are true about routers?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Routers do not limit physical broadcast traffi
  • B. Routers organize addresses into classes, which are used to determine how to move packets from one network to anothe
  • C. Routers act as protocol translators and bind dissimilar network
  • D. Routers are responsible for making decisions about which of several paths network (or Internet) traffic will follo

Answer: BCD

NEW QUESTION 13
Which of the following statements are true about snort?
Each correct answer represents a complete solution. Choose all that apply.

  • A. It develops a new signature to find vulnerabilitie
  • B. It detects and alerts a computer user when it finds threats such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors and system vulnerabilities, and DDoS client
  • C. It encrypts the log file using the 256 bit AES encryption scheme algorith
  • D. It is used as a passive trap to record the presence of traffic that should not be found on a network, such as NFS or Napster connection

Answer: ABD

NEW QUESTION 14
Which of the following files in LILO booting process of Linux operating system stores the location of Kernel on the hard drive?

  • A. /boot/boot.b
  • B. /boot/map
  • C. /sbin/lilo
  • D. /etc/lilo.conf

Answer: B

NEW QUESTION 15
Which of the following IPv4 to IPv6 transition methods uses encapsulation of IPv6 packets to traverse IPv4 networks?

  • A. Dual-stack
  • B. Translation
  • C. Tunneling
  • D. Stack

Answer: C

NEW QUESTION 16
Which of the following command line tools are available in Helix Live acquisition tool on Windows?
Each correct answer represents a complete solution. Choose all that apply.

  • A. netstat
  • B. ipconfig
  • C. .cab extractors
  • D. whois

Answer: ABC

NEW QUESTION 17
Which of the following protocols is used by voice over IP (VoIP) applications?

  • A. UDP
  • B. TCP
  • C. ICMP
  • D. IPv6

Answer: A

NEW QUESTION 18
The Intrusion Detection System (IDS) instructs the firewall to reject any request from a particular IP address if the network is repeatedly attacked from this address. What is this action known as?

  • A. Spoofing
  • B. Sending deceptive e-mails
  • C. Network Configuration Changes
  • D. Shunning
  • E. Logging
  • F. Sending notifications

Answer: C

NEW QUESTION 19
Which of the following malicious programs changes its signature continuously to be invisible to IDS?

  • A. Boot sector virus
  • B. Trojan
  • C. Malware
  • D. Polymorphic virus

Answer: D

NEW QUESTION 20
Mark has been assigned a project to configure a wireless network for a company. The network should contain a Windows 2003 server and 30 Windows XP client computers. Mark has a single dedicated Internet connection that has to be shared among all the client computers and the server. The configuration needs to be done in a manner that the server should act as a proxy server for the client computers. Which of the following programs can Mark use to fulfill this requirement?

  • A. Microsoft Internet Security & Acceleration Server (ISA)
  • B. Wingate
  • C. Sniffer
  • D. SOCKS

Answer: B

NEW QUESTION 21
......

Thanks for reading the newest GCIA exam dumps! We recommend you to try the PREMIUM Allfreedumps.com GCIA dumps in VCE and PDF here: https://www.allfreedumps.com/GCIA-dumps.html (508 Q&As Dumps)