How Many Questions Of GISF Test Preparation

Your success in GIAC GISF is our sole target and we develop all our GISF braindumps in a way that facilitates the attainment of this target. Not only is our GISF study material the best you can find, it is also the most detailed and the most updated. GISF Practice Exams for GIAC GISF are written to the highest standards of technical accuracy.

Also have GISF free dumps questions for you:


Which of the following categories of the network management model is used to detect and log network problems or device failures?

  • A. Fault Management
  • B. Configuration Management
  • C. Security Management
  • D. Performance Management

Answer: A


Which of the following statements are TRUE regarding asymmetric encryption and symmetric encryption? Each correct answer represents a complete solution. Choose all that apply.

  • A. Data Encryption Standard (DES) is a symmetric encryption key algorithm.
  • B. In symmetric encryption, the secret key is available only to the recipient of the message.
  • C. Symmetric encryption is commonly used when a message sender needs to encrypt a large amount of data.
  • D. Asymmetric encryption uses a public key and a private key pair for data encryption.

Answer: ACD


The Intrusion Detection System (IDS) instructs the firewall to reject any request from a particular IP address if the network is repeatedly attacked from this address. What is this action known as?

  • A. Sending deceptive e-mails
  • B. Sending notifications
  • C. Shunning
  • D. Logging
  • E. Spoofing
  • F. Network Configuration Changes

Answer: F


Which of the following protocols are used by Network Attached Storage (NAS)?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Apple Filing Protocol (AFP)
  • B. Server Message Block (SMB)
  • C. Network File System (NFS)
  • D. Distributed file system (Dfs)

Answer: ABC


Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

  • A. IPLog
  • B. Snort
  • C. Timbersee
  • D. Swatch

Answer: B


Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?

  • A. S/MIME
  • B. PGP
  • C. Asymmetric encryption
  • D. Symmetric encryption

Answer: D


Which of the following best describes the identification, analysis, and ranking of risks?

  • A. Design of experiments
  • B. Fast tracking
  • C. Fixed-price contracts
  • D. Plan Risk management

Answer: D


Maria works as a professional Ethical Hacker. She is assigned a project to test the security of She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

  • A. Smurf DoS attack
  • B. Teardrop attack
  • C. Fraggle DoS attack
  • D. Ping flood attack

Answer: C


John works as a professional Ethical Hacker. He has been assigned a project to test the security of On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a _____.

  • A. Social engineering
  • B. Smurf DoS
  • C. Brute force
  • D. Ping flood attack

Answer: A


Which of the following processes is accountable for monitoring an IT Service and detecting when the performance drops beneath adequate limits?

  • A. Service Asset and Configuration Management
  • B. Service Request Management
  • C. Event Management
  • D. Service Level Management

Answer: C


The SALES folder has a file named XFILE.DOC that contains critical information about your company. This folder resides on an NTFS volume. The company's Senior Sales Manager asks you to provide security for that file. You make a backup of that file and keep it in a locked cupboard, and then you deny access on the file for the Sales group. John, a member of the Sales group, accidentally deletes that file. You have verified that John is not a member of any other group.
Although you restore the file from backup, you are confused how John was able to delete the file despite having no access to that file.
What is the most likely cause?

  • A. The Sales group has the Full Control permission on the SALES folder.
  • B. The Deny Access permission does not work on files.
  • C. The Deny Access permission does not restrict the deletion of files.
  • D. John is a member of another group having the Full Control permission on that file.

Answer: A


Which of the following are used as primary technologies to create a layered defense for giving protection to a network?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Vulnerability
  • B. Firewall
  • C. Endpoint authentication
  • D. IDS

Answer: BCD


Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.

  • A. It is a digital representation of information that identifies users.
  • B. It uses asymmetric key pairs.
  • C. It provides security using data encryption and digital signature.
  • D. It uses symmetric key pairs.

Answer: BC


Which of the following attacks saturates network resources and disrupts services to a
specific computer?

  • A. Teardrop attack
  • B. Replay attack
  • C. Denial-of-Service (DoS) attack
  • D. Polymorphic shell code attack

Answer: C


You are the project manager for a software technology company. You and the project team have identified that the executive staff is not fully committed to the project. Which of the following best describes the risk?

  • A. Residual risks
  • B. Trend analysis
  • C. Schedule control
  • D. Organizational risks

Answer: D


Which of the following concepts represent the three fundamental principles of information security?
Each correct answer represents a complete solution. Choose three.

  • A. Privacy
  • B. Availability
  • C. Integrity
  • D. Confidentiality

Answer: BCD


Which of the following statements about a brute force attack is true?

  • A. It is a program that allows access to a computer without using security checks.
  • B. It is an attack in which someone accesses your e-mail server and sends misleading information to others.
  • C. It is a virus that attacks the hard drive of a computer.
  • D. It is a type of spoofing attack.
  • E. It is an attempt by an attacker to guess passwords until he succeeds.

Answer: E


P.S. Easily pass GISF Exam with 333 Q&As Dumps & pdf Version, Welcome to Download the Newest GISF Dumps: (333 New Questions)