High Value GIAC GSNA Pdf Exam Online

NEW QUESTION 1

You are the project manager of a Web development project. You want to get information about your competitors by hacking into their computers. You and the project team determine should the hacking attack not be performed anonymously, you will be traced. Hence, you hire a professional hacker to work on the project. This is an example of what type of risk response?

• A. Transference
• B. Mitigation
• C. Acceptance
• D. Avoidance

Answer: A

Explanation:

Whenever the risk is transferred to someone else, it is an example of transference risk response. Transference usually has a fee attached to the service provider that will own the risk event.

NEW QUESTION 2

Web applications are accessed by communicating over TCP ports via an IP address. Choose the two most common Web Application TCP ports and their respective protocol names. (Choose two)

• A. TCP Port 443 / S-HTTP or SSL
• B. TCP Port 80 / HTTPS or SSL
• C. TCP Port 443 / HTTPS or SSL
• D. TCP Port 80 / HTTP

Answer: CD

Explanation:
The two most common Web Application TCP ports are Port 443 and Port 80. HTTPS or SSL uses TCP port 443, whereas HTTP uses TCP Port 80. Answer B is incorrect. Port 80 is used for HTTP, not HTTPS. Answer A is incorrect. S-HTTP is not the protocol name for Port 443. HTTPS or SSL is the name used for Port 443 traffic.

NEW QUESTION 3

Mark works as a Web Designer for XYZ CORP. The company has a Windows-based network. Mark creates an HTML document that gives the following error on execution: "These hypertext system features are not supported by HTML". Which of the following can be the hypertext system features that are NOT supported by HTML? (Choose three)

• A. Source tracking
• B. Typed link
• C. Hyperlink
• D. Fat link

Answer: ABD

Explanation:

HTML lacks some of the features found in earlier hypertext systems, such as typed links, source tracking, fat links etc. Even some hypertext features that were in early versions of HTML have been ignored by most popular web browsers until recently, such as the link element and in- browser Web page editing. Sometimes Web services or browser manufacturers remedy these shortcomings. Answer C is incorrect. Hyperlink is supported by HTML as well as Hypertext.

NEW QUESTION 4

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?

• A. 802.11g
• B. 802.11n
• C. 802.11b
• D. 802.11a

Answer: ABCD

Explanation:

Kismet can sniff IEEE 802.11a, 802.11b, 802.11g, and 802.11n-based wireless network traffic.

NEW QUESTION 5

Martha works as a Web Developer for XYZ CORP. She is developing a Web site for the company. In the Web site, she uses multiple and overlapping style definitions to control the appearance of HTML elements. What is this technique known as?

• A. Style sheet
• B. Cascading Style Sheet
• C. Overlapping Style Sheet
• D. Core sheet

Answer: B

Explanation:

A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the appearance and presentation of their Web pages. It has codes that are interpreteA, Dpplied by the browser on to the Web pages and their elements. CSS files have .css extension. There are three types of Cascading Style Sheets: External Style Sheet Embedded Style Sheet Inline Style Sheet Answer A is incorrect. A style sheet is a set of additional tags used to describe the appearance of individual HTML tags. These tags can

NEW QUESTION 6

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the user login features on the systems with the shadow passwords. Which of the following Unix configuration files can you use to accomplish the task?

• A. /etc/logrotate.conf
• B. /etc/login.defs
• C. /etc/magic
• D. /etc/filesystems

Answer: B

Explanation:

In Unix, the /etc/login.defs file is used by system administrators to set the user login features on the systems with the shadow passwords. Answer A is incorrect. In Unix, the /etc/logrotate.conf file configures the logrotate program used for managing log files. Answer C is incorrect. In Unix, the /etc/magic file contains the descriptions of various file formats for the file command. Answer D is incorrect. In Unix, the /etc/filesystems file is used to set the filesystem probe order when filesystems are mounted with the auto option.

NEW QUESTION 7

Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. Peter specifies MARGINHEIGHT="0" and MARGINWIDTH="0" in one of the Web pages. How will this affect the Web page?

• A. It will create a borderless page structure when viewed in any browser.
• B. It will create a borderless page structure when viewed in Netscape Navigator.
• C. It will delete all the text from the margins.
• D. It will create a borderless page structure when viewed in Internet Explorer.

Answer: B

Explanation:

The MARGINHEIGHT and MARGINWIDTH attributes are used in the <BODY> tag to adjust the top and left margins of a Web page to be displayed in Netscape Navigator. Specifying MARGINHEIGHT="0" and MARGINWIDTH="0" within the <BODY> tag will create a borderless page structure when viewed in Netscape Navigator. Answer D is incorrect. The TOPMARGIN and LEFTMARGIN attributes are used in the <BODY> tag to adjust the top and left margins of a Web page to be displayed in Internet Explorer. Specifying TOPMARGIN="0" and LEFTMARGIN="0" within the <BODY> tag will create a borderless page structure when viewed in Internet Explorer. Answer C is incorrect. These attributes are used to adjust margins and not to delete text from margins.

NEW QUESTION 8

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?

• A. WEP uses the RC4 encryption algorithm.
• B. The Initialization Vector (IV) field of WEP is only 24 bits long.
• C. It provides better security than the Wi-Fi Protected Access protocol.
• D. Automated tools such as AirSnort are available for discovering WEP keys.

Answer: ABD

Explanation:

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP uses the RC4 encryption algorithm. The main drawback of WEP is that its Initialization Vector (IV) field is only 24 bits long. Many automated tools such as AirSnort are available for discovering WEP keys. Answer C is incorrect. WPA stands for Wi-Fi Protected Access. It is a wireless security standard. It provides better security than WEP (Wired Equivalent Protection). Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows: WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit key. WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote Authentication Dial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network.

NEW QUESTION 9

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

• A. IPChains
• B. Tripwire
• C. Hunt
• D. Ethercap

Answer: C

Explanation:
In such a scenario, John will use Hunt which is capable of performing both the hacking techniques, sniffing and session hijacking. Answer D is incorrect. Ethercap is a network sniffer and packet generator. It may be an option, but John wants to do session hijacking as well. Hence, he will not use Ethercap. Answer A is incorrect. IPChains is a firewall. Answer B is incorrect. Tripwire is a file and directory integrity checker.

NEW QUESTION 10

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you take to accomplish the task?

• A. Implement the open system authentication for the wireless network.
• B. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
• C. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
• D. Implement the IEEE 802.1X authentication for the wireless network.
• E. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

Answer: BCD

Explanation:

In order to enable wireless networking, you have to install access points in various areas of your office building. These access points generate omni directional signals to broadcast network traffic. Unauthorized users can intercept these packets. Hence, security is the major concern for a wireless network. The two primary threats are unauthorized access and data interception. In order to accomplish the task, you will have to take the following steps: Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only. This will prevent the sales team members from communicating directly to one another. Implement the IEEE 802.1X authentication for the wireless network. This will allow only authenticated users to access the network data and resources. Configure the wireless network to use WEP encryption for data transmitted over a wireless network. This will encrypt the network data packets transmitted over wireless connections. Although WEP encryption does not prevent intruders from capturing the packets, it prevents them from reading the data inside.

NEW QUESTION 11

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory- based single forest single domain network. You have installed a Windows Server 2008 computer as the domain controller. The client computers of the company use the Windows XP Professional operating system. When a user logs on to a client computer, it gets authenticated by the domain controller. You want to audit the logon events that would be generated on the domain controller. Which of the following audit settings do you need to configure to accomplish the task?

• A. Audit account management
• B. Audit logon events
• C. Audit directory service access
• D. Audit account logon events

Answer: D

Explanation:

'Audit account logon events' is one of the nine audit settings that can be configured on a Windows computer. This performs auditing whenever a user logs on or off from a different computer in which the computer performing the auditing is used for validating the account, for example, when a user logs on to a Windows XP Professional computer, but gets authenticated by a domain controller. The event would be generated on the domain controller, as it is actually being used for validating the user. Answer A is incorrect. Audit account management is one of the nine audit settings that can be configured on a Windows computer. This option is enabled to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. These events include the following: Creating a user account Adding a user account to a group Renaming a user account Changing password for a user account This option is also used to audit the changes to the domain account of the domain controllers. Answer C is incorrect. The 'Audit directory service access' option is enabled to capture the events that are related to the users accessing the Active Directory object which has been configured to track user access through the System Access Control List (SACL) of the object. Answer B is incorrect. The 'Audit logon events' option is enabled to audit each event that is related to a user logging on to, logging off from, or making a network connection to the computer configured to audit logon events.

NEW QUESTION 12

Which of the following protocols is the mandatory part of the WPA2 standard in the wireless networking?

• A. CCMP
• B. ARP
• C. WEP
• D. TKIP

Answer: A

Explanation:

CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is an IEEE 802.11i encryption protocol created to replace both TKIP, the mandatory protocol in WPA, and WEP, the earlier, insecure protocol. CCMP is a mandatory part of the WPA2 standard, an optional part of the WPA standard, and a required option for Robust Security Network (RSN) Compliant networks. CCMP is also used in the ITU-T home and business networking standard. CCMP, part of the 802.11i standard, uses the Advanced Encryption Standard (AES) algorithm. Unlike in TKIP, key management and message integrity is handled by a single component built around AES using a 128-bit key, a 128-bit block, and 10 rounds of encoding per the FIPS 197 standard. Answer C is incorrect. Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security, which is equivalent to wired networks, for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP incorporates a checksum in each frame to provide protection against the attacks that attempt to reveal the key stream. Answer D is incorrect. TKIP (Temporal Key Integrity Protocol) is an encryption protocol defined in the IEEE 802.11i standard for wireless LANs (WLANs). It is designed to provide more secure encryption than the disreputably weak Wired Equivalent Privacy (WEP). TKIP is the encryption method used in Wi-Fi Protected Access (WPA), which replaced WEP in WLAN products. TKIP is a suite of algorithms to replace WEP without requiring the replacement of legacy WLAN equipment. TKIP uses the original WEP programming but wraps additional code at the beginning and end to encapsulate and modify it. Like WEP, TKIP uses the RC4 stream encryption algorithm as its basis. Answer B is incorrect. Address Resolution Protocol (ARP) is a network maintenance protocol of the TCP/IP protocol suite. It is responsible for the resolution of IP addresses to media access
control (MAC) addresses of a network interface card (NIC). The ARP cache is used to maintain a correlation between a MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions. ARP is limited to physical network systems that support broadcast packets.

NEW QUESTION 13

Which of the following are HTML tags, used to create a table?

• A. <TR>
• B. <TD>
• C. <TABLE SET>
• D. <SET TABLE>
• E. <TT>
• F. <TABLE>

Answer: ABF

Explanation:

In Hypertext Markup Language (HTML), a table is created using the
<TABLE>, <TR>, and <TD> tags. The <TABLE> tag designs the table layout, the <TR> tag is used to create a row, and the <TD> tag is used to create a column. For example, the following code generates a table with two rows and two columns:
<TABLE BORDER=1>
<TR> <TD>Cell 1</TD>
<TD>Cell 2</TD> </TR>
<TR> <TD>Cell 3</TD>
<TD>Cell 4</TD> </TR>
</TABLE>
Answer C, E, and D are incorrect. There are no HTML tags such as <TABLE SET>, <TT>, and <SET TABLE>.

NEW QUESTION 14

Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

• A. Multi-Authentication
• B. Port security
• C. MAC Authentication Bypass
• D. Quality of Service (QoS)

Answer: B

Explanation:
If a switch has the ability to enable port security, this will help to protect network from both the MAC Flood and MAC Spoofing attacks. Answer D is incorrect. Quality of Service (QoS) feature is useful for prioritizing VOIP traffic. Switches are offering the ability to assign a device a Quality of Service (QoS) value or a rate limiting value based on the RADIUS response. Answer A is incorrect. Multi-Authentication feature is used to allow multiple devices to use a single port. Answer C is incorrect. MAC Authentication Bypass feature is used to allow the RADIUS server to specify the default VLAN/ACL for every device that doesn't authenticate by 802.1X.

NEW QUESTION 15

Pingdom is a website monitoring service. Which of the following services are provided by Pingdom?

• A. It creates complicated charts to spot trends and imprecisely pinpoint problems.
• B. It works as an iPhone application to make sure that a website is reachable and responding properly at all times.
• C. It is used to monitor sites and servers on the Internet.
• D. It is used to track the uptime, downtime, and performance of websites.

Answer: BCD

Explanation:
Pingdom is a website monitoring service that is used by administrators to monitor sites and servers on the Internet. It alerts the site owners if it detects a problem. Pingdom service is used to track the uptime, downtime, and overall performance of websites. Pingdom also works as an iPhone application to make sure that a website is reachable and responding properly at all times. If not so, it provides the administrator with the email and SMS alerts. It creates charts and tables that are easy to understand. These charts and tables enable an administrator to spot trends and accurately pinpoint problems. Answer A is incorrect. Pingdom creates charts that are easy to understand. These charts are used to spot trends and accurately pinpoint problems.

NEW QUESTION 16
......