What Best Quality GSNA Dumps Is

NEW QUESTION 1

You work as a Network Administrator for XYZ CORP. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company's management has decided to provide laptops to its sales team members. These laptops are equipped with smart card readers. The laptops will be configured as wireless network clients. You are required to accomplish the following tasks: The wireless network communication should be secured. The laptop users should be able to use smart cards for getting authenticated. In order to accomplish the tasks, you take the following steps: Configure 802.1x and WEP for the wireless connections. Configure the PEAP-MS-CHAP v2 protocol for authentication. What will happen after you have taken these steps?

• A. Both tasks will be accomplished.
• B. The laptop users will be able to use smart cards for getting authenticated.
• C. The wireless network communication will be secured.
• D. None of the tasks will be accomplished.

Answer: C

Explanation:

As 802.1x and WEP are configured, this step will enable the secure wireless network communication. For authentication, you have configured the PEAP-MS-CHAP v2 protocol. This protocol can be used for authentication on wireless networks, but it cannot use a public key infrastructure (PKI). No certificate can be issued without a PKI. Smart cards cannot be used for authentication without certificates. Hence, the laptop users will not be able to use smart cards for getting authenticated.

NEW QUESTION 2

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?

• A. Vulnerabilities that allow a remote cracker to control sensitive data on a system
• B. Misconfiguration (e.
• C. open mail relay, missing patches, etc.)
• D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
• E. Vulnerabilities that help in Code injection attacks

Answer: ABC

Explanation:

Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example: Vulnerabilities that allow a remote cracker to control or access sensitive data on a system. Misconfiguration (e.g. open mail relay, missing patches, etc). Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack. Denials of service against the TCP/IP stack by using mangled packets. On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user. For Windows, Nessus 3 installs as an executable and has a self-contained scanning, reporting, and management system. Operations: In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap ) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction. Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also gives access to support and additional scripts (audit and compliance tests). Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML, and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners. If the user chooses to do so (by disabling the option 'safe checks'), some of Nessus's vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production. Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA's guide for hardening Windows servers. Answer D is incorrect. Nessus cannot be used to scan vulnerabilities that help in Code injection attacks.

NEW QUESTION 3

Which of the following statements about system hardening are true? (Choose two)

• A. It is used for securing the computer hardware.
• B. It can be achieved by installing service packs and security updates on a regular basis.
• C. It can be achieved by locking the computer room.
• D. It is used for securing an operating system.

Answer: BD

Explanation:

System hardening is a term used for securing an operating system. It can be achieved by installing the latest service packs, removing unused protocols and services, and limiting the number of users with administrative privileges.

NEW QUESTION 4

What are the purposes of audit records on an information system? (Choose two)

• A. Upgradation
• B. Backup
• C. Troubleshooting
• D. Investigation

Answer: CD

Explanation:

The following are the purposes of audit records on an information system: Troubleshooting Investigation An IT audit is the process of collecting and evaluating records of an organization's information systems, practices, and operations. The evaluation of records provides evidence to determine if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently enough to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. Audit records are also used to troubleshoot system issues. Answer A, B are incorrect. The audit records cannot be used for backup and upgradation purposes.

NEW QUESTION 5

You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. While auditing the company's network, you are facing problems in searching the faults and other entities that belong to it. Which of the following risks may occur due to the existence of these problems?

• A. Residual risk
• B. Inherent risk
• C. Secondary risk
• D. Detection risk

Answer: D

Explanation:

Detection risks are the risks that an auditor will not be able to find what they are looking to detect. Hence, it becomes tedious to report negative results when material conditions (faults) actually exist. Detection risk includes two types of risk: Sampling risk: This risk occurs when an auditor falsely accepts or erroneously rejects an audit sample. Nonsampling risk: This risk occurs when an auditor fails to detect a condition because of not applying the appropriate procedure or using procedures inconsistent with the audit objectives (detection faults). Answer A is incorrect. Residual risk is the risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures). The formula to calculate residual risk is (inherent risk) x (control risk) where inherent risk is (threats vulnerability). In the economic context, residual means "the quantity left over at the end of a process; a remainder". Answer B is incorrect. Inherent risk, in auditing, is the risk that the account or section being audited is materially misstated without considering internal controls due to error or fraud. The assessment of inherent risk depends on the professional judgment of the auditor, and it is done after assessing the business environment of the entity being audited. Answer C is incorrect. A secondary risk is a risk that arises as a straight consequence of implementing a risk response. The secondary risk is an outcome of dealing with the original risk. Secondary risks are not as rigorous or important as primary risks, but can turn out to be so if not estimated and planned properly.

NEW QUESTION 6

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?

• A. TIS authentication
• B. Kerberos authentication
• C. Rhosts (rsh-style) authentication
• D. Password-based authentication

Answer: ABC

Explanation:
The Rhosts (rsh-style), TIS, and Kerberos user authentication methods are supported by the SSH-1 protocol but not by SSH-2 protocol. Answer D is incorrect. Password-based authentication is supported by both the SSH-1 and SSH-2 protocols.

NEW QUESTION 7

Which of the following statements about URL rewriting are true?

• A. If cookies are supported by the browser, URL rewriting will return the URL unchanged.
• B. The request.encodeRedirectURL() method is used to add a session id info to the URL and send the request to another URL.
• C. The request.encodeURL() method is used to add a session id info to the URL.
• D. URL rewriting is used in cases where cookies are not supported by the browser.

Answer: AD

Explanation:

By default, session tracking uses cookies to associate a session identifier with a unique user. URL rewriting is used in cases where cookies are not supported by the browser.

NEW QUESTION 8

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

• A. WPA-EAP
• B. WEP
• C. WPA-PSK
• D. WPA2

Answer: D

Explanation:

WPA2 is an updated version of WPA. This standard is also known as IEEE 802.11i. WPA2 offers enhanced protection to wireless networks than WPA and WEP standards. It is also available as WPA2-PSK and WPA2-EAP for home and enterprise environment respectively. Answer B is incorrect. than WEP (Wired Equivalent Protection).
Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows: WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit key. WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote Authentication Dial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network.

NEW QUESTION 9

You are the Security Consultant and you frequently do vulnerability assessments on client computers. You want to have a standardized approach that would be applicable to all of your clients when doing a vulnerability assessment. What is the best way to do this?

• A. Utilize OVAL.
• B. Create your own standard and use it with all clients.
• C. Utilize each client's security policies when doing a vulnerability assessment for that client.
• D. Utilize the Microsoft security recommendations.

Answer: A

Explanation:

Open Vulnerability Assessment Language (OVAL) is a common language for security professionals to use when checking for the presence of vulnerabilities on computer systems. OVAL provides a baseline method for performing vulnerability assessments on local computer systems. Answer D is incorrect. While Microsoft security standards will be appropriate for many of your clients, they won't help clients using Linux, Macintosh, or Unix. They also won't give you insight into checking your firewalls or routers. Answer C is incorrect. This would not fulfill the requirement of having a standardized approach applicable to all clients. B is incorrect. This would not be the best way. You should use common industry standards, like OVAL.

NEW QUESTION 10

Mark works as a project engineer in Tech Perfect Inc. His office is configured with Windows XP-based computers. The computer that he uses is not configured with a default gateway. He is able to access the Internet, but is not able to use e-mail services via the Internet. However, he is able to access e-mail services via the intranet of the company. Which of the following could be the reason of not being able to access e-mail services via the Internet?

• A. Proxy server
• B. IP packet filter
• C. Router
• D. Protocols other than TCP/IP

Answer: A

Explanation:

A proxy server exists between a client's Web-browsing program and a real Internet server. The purpose of the proxy server is to enhance the performance of user requests and filter requests. A proxy server has a database called cache where the most frequently accessed Web pages are stored. The next time such pages are requested, the proxy server is able to suffice the request locally, thereby greatly reducing the access time. Only when a proxy server is unable to fulfill a request locally does it forward the request to a real Internet server. The proxy server can also be used for filtering user requests. This may be done in order to prevent the users from visiting non-genuine sites. Answer D is incorrect. Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of standard protocols that govern how data passes between networks. It can be used to provide communication between the basic operating systems on local and wide-area networks (WANs). TCP/IP is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet). It is considered the primary protocol of the Internet and the World Wide Web. Answer B is incorrect. IP packet filters allow or block packets from passing through specified ports. They can filter packets based on service type, port number, source computer name, or destination computer name. When packet filtering is enabled, all packets on the external interface are dropped unless they are explicitly allowed, either statically by IP packet filters or dynamically by access policy or publishing rules. Answer C is incorrect. A router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer. A router maintains a routing table of the available routes and their conditions. By using this information, along with distance and cost algorithms, the router determines the best path to be taken by the data packets to the destination computer. A router can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) model.

NEW QUESTION 11

You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

• A. Open up all the unused management ports.
• B. Set similar passwords for each management port.
• C. Set long session timeouts.
• D. Ignore usage of the default account settings.

Answer: D

Explanation:

A switch with a management port using a default user account permits an attacker to intrude inside by making connections using one or more of the well-known default user accounts (e.g., administrator, root, security). Therefore, the default account settings should not be used. Answer A is incorrect. The unused management ports on a switch should always be blocked to prevent port scanning attacks from the attackers. Answer B is incorrect. Setting similar passwords on all management ports increases the vulnerability of password cracking. The matching passwords on all ports can be used by the attacker to break into all ports once the password of one of the ports is known. Answer C is incorrect. Short timeout sessions should always be set to reduce the session period. If the connections to a management port on a switch do not have a timeout period set or have a large timeout period (greater than 9 minutes), then the connections will be more available for an attacker to hijack them.

NEW QUESTION 12

You work as a Software Developer for UcTech Inc. You build an online book shop, so that users can purchase books using their credit cards. You want to ensure that only the administrator can access the credit card information sent by users. Which security mechanism will you use to accomplish the task?

• A. Confidentiality
• B. Data integrity
• C. Authentication
• D. Authorization

Answer: A

Explanation:

Confidentiality is a mechanism that ensures that only the intendeA, Duthorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it. Answer D is incorrect. Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer C is incorrect. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer B is incorrect. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source.

NEW QUESTION 13

You work as a Network Administrator for Techpearl Inc. You are configuring the rules for the firewall of the company. You need to allow internal users to access secure external websites. Which of the following firewall rules will you use to accomplish the task?

• A. TCP 172.16.1.0/24 any any 80 HTTP permit
• B. TCP 172.16.1.0/24 any any 25 SMTP permit
• C. TCP 172.16.1.0/24 any any 80 HTTP deny
• D. TCP 172.16.1.0/24 any any 443 HTTPs permit

Answer: D

Explanation:

The TCP 172.16.1.0/24 any any 443 HTTPs permit rule is used to allow internal users to access secure external websites. Answer A is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP permit rule is used to allow internal users to access external websites (secure & unsecure both). Answer C is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP deny rule is used to deny internal users to access external websites. Answer B is incorrect. The TCP 172.16.1.0/24 any any 25 SMTP permit rule is used to allow internal mail servers to deliver mails to external mail servers.

NEW QUESTION 14

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to find out when a particular user was last logged in. To accomplish this, you need to analyze the log configuration files. Which of the following Unix log configuration files can you use to accomplish the task?

• A. /var/log/btmp
• B. /var/log/messages
• C. /var/log/lastlog
• D. /var/log/wtmp

Answer: C

Explanation:

In Unix, the /var/log/lastlog file is used by the finger to find when a user was last logged in. Answer D is incorrect. In Unix, the /var/log/wtmp file stores the binary info of users that have been logged on. Answer A is incorrect. In Unix, the /var/log/btmp file is used to store information about failed logins. Answer B is incorrect. In Unix, the /var/log/messages is the main system message log file.

NEW QUESTION 15

You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

• A. Examining your antivirus logs
• B. Examining your domain controller server logs
• C. Examining your firewall logs
• D. Examining your DNS Server logs

Answer: C

Explanation:

Firewall logs will show all incoming and outgoing traffic. By examining those logs, you can do port scans and use other penetration testing tools that have been used on your firewall.

NEW QUESTION 16
......