The Up To The Minute Guide To GSNA Pdf

Act now and download your GIAC GSNA test today! Do not waste time for the worthless GIAC GSNA tutorials. Download Latest GIAC GIAC Systems and Network Auditor exam with real questions and answers and begin to learn GIAC GSNA with a classic professional.

Also have GSNA free dumps questions for you:

NEW QUESTION 1

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:
GSNA dumps exhibit
Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

  • A. A protocol rule that allows the use of HTTP has not been created.
  • B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
  • C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
  • D. A protocol rule that allows the use of HTTPS has not been created.

Answer: C

Explanation:

The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.

NEW QUESTION 2

Which of the following tools is used for port scanning?

  • A. L0phtcrack
  • B. NSLOOKUP
  • C. NETSH
  • D. Nmap

Answer: D

Explanation:

The nmap utility, also commonly known as port scanner, is used to view the open ports on a Linux computer. It is used by administrators to determine which services are available for external users. This utility helps administrators in deciding whether to disable the services that are not being used in order to minimize any security risk. Answer B is incorrect. NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems. It performs its function by sending queries to the DNS server and obtaining detailed responses at the command prompt. This information can be useful for diagnosing and resolving name resolution issues, verifying whether or not the resource records are added or updated correctly in a zone, and debugging other server-related problems. This tool is installed along with the TCP/IP protocol through the Control Panel. Answer C is incorrect. NETSH is a command line tool to configure TCP/IP settings such as the IP address, Subnet Mask, Default Gateway, DNS, WINS addresses, etc. Answer A is incorrect. L0phtcrack is a tool which identifies and remediate security vulnerabilities that result from the use of weak or easily guessed passwords. It recovers Windows and Unix account passwords to access user and administrator accounts.

NEW QUESTION 3

Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?

  • A. Gathering private and public IP addresses
  • B. Collecting employees information
  • C. Performing Neotracerouting
  • D. Banner grabbing

Answer: C

Explanation:

Using automated tools, such as NeoTraceroute, for mapping a network is a part of automated network mapping. part of manual network mapping. Network mapping is the process of providing a blueprint of the organization to a security testing team. There are two ways of performing network mapping: Manual Mapping: In manual mapping, a hacker gathers information to create a matrix that contains the domain name information, IP addresses of the network, DNS servers, employee information, company location, phone numbers, yearly earnings, recently acquired organizations, email addresses, publicly available IP address ranges, open ports, wireless access points, modem lines, and banner grabbing details. Automated Mapping: In automated mapping, a hacker uses any automated tool to gather information about the network. There are many tools for this purpose, such as NeoTrace, Visual traceroute, Cheops, Cheops-ng, etc. The only advantage of automated mapping is that it is very fast and hence it may generate erroneous results.

NEW QUESTION 4

You are responsible for a number of Windows Server 2003 DNS servers on a large
corporate network. You have decided to audit the DNS server logs. Which of the following are likely errors you could encounter in the log? (Choose two)

  • A. The DNS server could not create FTP socket for address [IP address of server].
  • B. The DNS server could not open socket for domain name [domain name of server].
  • C. The DNS server could not create a Transmission Control Protocol (TCP) socket.
  • D. The DNS server could not open socket for address [IP address of server].

Answer: CD

Explanation:

There are a number of errors one could find in a Windows Server 2003 DNS log. They are as follows: The DNS server could not create a Transmission Control Protocol. The DNS server could not open socket for address. The DNS server could not initialize the Remote Procedure Call (RPC) service. The DNS server could not bind the main datagram socket. The DNS Server service relies on Active Directory to store and retrieve information for Active Directory-integrated zones. And several active directory errors are possible. Answer A is incorrect. DNS Servers do not create FTP connections. Answer B is incorrect. A DNS server looks up a name to return an IP, it would not and cannot connect to a domain name, it must connect to an IP address.

NEW QUESTION 5

Which of the following commands is most useful for viewing large files?

  • A. cat
  • B. less
  • C. touch
  • D. cp

Answer: B

Explanation:

The less command is most useful for viewing large files. The less command displays the output of a file one page at a time. Viewing large files through cat may take more time to scroll pages, so it is better to use the less command to see the content of large files. Answer A is incorrect. The cat command is also used to view the content of a file, but it is most useful for viewing short files. Answer D is incorrect. The cp command is used to copy files and directories from one location to another. Answer C is incorrect. The touch command is not used to view the content of a file. It is used to create empty files or to update file timestamps.

NEW QUESTION 6

You work as a Software Developer for UcTech Inc. You want to ensure that a class is informed whenever an attribute is added, removed, or replaced in a session. Which of the following is the event that you will use to accomplish the task?

  • A. HttpSessionBindingEvent
  • B. HttpAttributeEvent
  • C. HttpSessionEvent
  • D. HttpSessionAttributeEvent

Answer: A

Explanation:

To be informed whenever an attribute is added, removed, or replaced in a session, a class must have a method with HttpSessionBindingEvent as its attribute. The HttpSessionBindingEvent class extends the HttpSessionEvent class. The HttpSessionBindingEvent class is used with the following listeners: HttpSessionBindingListener: It notifies the attribute when it is bound or unbound from a session. HttpSessionAttributeListener: It notifies the class when an attribute is bound, unbound, or replaced in a session. The session binds the object by a call to the HttpSession.setAttribute() method and unbinds the object by a call to the HttpSession.removeAttribute() method. Answer C is incorrect. The HttpSessionEvent is associated with the HttpSessionListener interface and HttpSessionActivationListener.

NEW QUESTION 7

The following output is generated by running the show ip route command: RouterA#show ip route < - - Output Omitted for brevity - -> Which next hop address will RouterA use in forwarding traffic to 10.10.100.0/24?

  • A. 192.168.10.0
  • B. 172.18.60.1
  • C. 172.18.50.1
  • D. 172.18.1.1

Answer: D

Explanation:

The routing table displays various RIP and Connected routes. There is no routing entry for 10.10.100.0/24, but there is a default route in the routing table using 172.18.1.1 as the next hop router. Given that 10.10.100.0/24 does not have a direct entry in the routing table, RouterA will forward traffic to the default route next hop address of 172.18.1.1. Answer A is incorrect. The address does not appear in the routing table as a next hop router, in addition to being an actual subnet number for 192.168.10.0/24. Answer C is incorrect. 172.18.50.1 is the next hop for reaching 192.168.11.0. Answer B is incorrect. 172.18.60.1 is the next hop for reaching 192.168.12.0.

NEW QUESTION 8

Which of the following commands can you use to search a string 'pwd' in all text files without opening them? (Choose two)

  • A. vi
  • B. grep
  • C. sed
  • D. locate

Answer: BC

Explanation:

sed and grep are the two commands that can be used to search a specified string in all text files without opening them. sed is a stream editor that is used to perform basic text transformations on an input stream (a file or input from a pipeline).

NEW QUESTION 9

Which of the following are the methods of the HttpSession interface? (Choose three)

  • A. setAttribute(String name, Object value)
  • B. getAttribute(String name)
  • C. getAttributeNames()
  • D. getSession(true)

Answer: ABC

Explanation:

The HttpSession interface methods are setAttribute(String name, Object value), getAttribute(String name), and getAttributeNames(). The getAttribute(String name) method of the HttpSession interface returns the value of the named attribute as an object. It returns a null value if no attribute with the given name exists.
The setAttribute(String name, Object value) method stores an attribute in the current session. The setAttribute(String name, Object value) method binds an object value to a session using the String name. If an object with the same name is already bound, it will be replaced. The getAttributeNames() method returns an Enumeration containing the names of the attributes available to the current request. It returns an empty Enumeration if the request has no attributes available to it. Answer D is incorrect. The getSession(true) method is a method of the HttpServletRequest interface. The getSession(true) method gets the current session associated with the client request. If the requested session does not exist, the getSession(true) method creates a new session object explicitly for the request and returns it to the client.

NEW QUESTION 10

Which of the following are the goals of risk management? (Choose three)

  • A. Identifying the risk
  • B. Assessing the impact of potential threats
  • C. Finding an economic balance between the impact of the risk and the cost of the countermeasure
  • D. Identifying the accused

Answer: ABC

Explanation:

There are three goals of risk management as follows: Identifying the risk Assessing the impact of potential threats Finding an economic balance between the impact of the risk and the cost of the countermeasure Answer D is incorrect. Identifying the accused does not come under the scope of risk management.

NEW QUESTION 11

You work as a Web Deployer for UcTech Inc. You write the <security constraint> element for an application in which you write the <auth-constraint> sub-element as follows: <auth- constraint> <role-name>*</role-name> </auth-constraint> Who will have access to the application?

  • A. Only the administrator
  • B. No user
  • C. All users
  • D. It depends on the application.

Answer: C

Explanation:

The <auth-constraint> element is a sub-element of the <security-constraint> element. It defines the roles that are allowed to access the Web resources specified by the
<web-resource-collection> sub-elements. The <auth-constraint> element is written in the deployment descriptor as follows: <security-constraint> <web-resource-collection> -----------
----- </web-resource-collection> <auth-constraint> <role-name>Administrator</role-name>
</auth-constraint> </security-constraint> Writing Administrator within the <role-name> element will allow only the administrator to have access to the resource defined within the
<web-resource-collection> element.

NEW QUESTION 12

You work as a Network Administrator for BetaTech Inc. You have been assigned the task of designing the firewall policy for the company. Which of the following statements is unacceptable in the 'acceptable use statement' portion of the firewall policy?

  • A. The computers and their applications should be used for organizational related activities only.
  • B. Computers may not be left unattended with a user account still logged on.
  • C. Applications other than those supplied or approved by the company can be installed on any computer.
  • D. The installed e-mail application can only be used as the authorized e-mail service.

Answer: C

Explanation:

Applications other than those supplied or approved by the company shall not be installed on any computer. Answer A, B, D are incorrect. All of these statements stand true in the 'acceptable use statement' portion of the firewall policy.

NEW QUESTION 13

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to allow direct access to the filesystems data structure. Which of the following Unix commands can you use to accomplish the task?

  • A. debugfs
  • B. dosfsck
  • C. du
  • D. df

Answer: A

Explanation:

In Unix, the debugfs command is used to allow direct access to the filesystems data structure. Answer D is incorrect. In Unix, the df command shows the disk free space on one or more filesystems. Answer B is incorrect. In Unix, the dosfsck command checks and repairs MS-Dos filesystems. Answer C is incorrect. In Unix, the du command shows how much disk space a directory and all its files contain.

NEW QUESTION 14

Which of the following is a wireless auditing tool that is used to pinpoint the actual physical location of wireless devices in the network?

  • A. KisMAC
  • B. Ekahau
  • C. Kismet
  • D. AirSnort

Answer: B

Explanation:

Ekahau is an easy-to-use powerful and comprehensive tool for network site surveys and optimization. It is an auditing tool that can be used to pinpoint the actual physical location of wireless devices in the network. This tool can be used to make a map of the office and then perform the survey of the office. In the process, if one finds an unknown node, ekahau can be used to locate that node. Answer D is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer C is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks: To identify networks by passively collecting packets To detect standard named networks To detect masked networks
To collect the presence of non-beaconing networks via data traffic Answer A is incorrect. KisMAC is a wireless network discovery tool for Mac OS X. It has a wide range of features, similar to those of Kismet, its Linux/BSD namesake and far exceeding those of NetStumbler, its closest equivalent on Windows. The program is geared toward network security professionals, and is not as novice-friendly as similar applications. KisMAC will scan for networks passively on supported cards - including Apple's AirPort, and AirPort Extreme, and many third-party cards, and actively on any card supported by Mac OS X itself. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws such as weak scheduling and badly generated keys is supported when a card capable of monitor mode is used, and packet reinjection can be done with a supported card. GPS mapping can be performed when an NMEA compatible GPS receiver is attached. Data can also be saved in pcap format and loaded into programs such as Wireshark.

NEW QUESTION 15

You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared Key authentication for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?

  • A. Install PEAP-MS-CHAP v2
  • B. Enable WEP
  • C. Install Service Pack 1
  • D. Install EAP-TLS.

Answer: B

Explanation:

Shared Key authentication requires the use of the Wired Equivalent Privacy (WEP) algorithm. If the WEP is not implemented, then the option for Shared Key authentication is not available. In order to accomplish the task, you will have to enable the WEP on all the laptops.

NEW QUESTION 16
......

100% Valid and Newest Version GSNA Questions & Answers shared by Certshared, Get Full Dumps HERE: https://www.certshared.com/exam/GSNA/ (New 368 Q&As)