GSLC - GIAC Security Leadership
Go back to GIAC
Which of the following attacks does Management Frame Protection help to mitigate? Each correct answer represents a complete solution. Choose two.
Which of the following statements are true about worms? Each correct answer represents a complete solution. Choose all that apply.
Worms can exist inside files such as Word or Excel documents.
Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Worms replicate themselves from one system to another without using a host file.
Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?
Electronic Communications Privacy Act of 1986
Tim is working as a project manager for the TCH project. The project is in the final stages and the closing processes are being performed. He has prepared the lessons learned document. This document will be the part of ____.
The company's organizational process assets
Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use the Steganographic file system method to encrypt and hide some secret information. Which of the following disk spaces will he use to store this secret information? Each correct answer represents a complete solution. Choose all that apply.
You are working in a functional organization and are managing the IHH Project. Your project will likely last for six months and has a budget constraint of $1,876,000. You'll be dealing with a functional manager to manage costs and resources in the project. Who will have authority over assigning the project team members to activities?
Which of the following attacks allows an attacker to recover the key in an RC4 encrypted stream from a large number of messages in that stream?
Which of the following contains information that is read by a Web application whenever a user visits a site?
Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus. A summary of the report is given below: This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs. The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME. Which of the following viruses has the symptoms as the one described above?
What are the steps related to the vulnerability management program? Each correct answer represents a complete solution. Choose all that apply.
Baseline the Environment
Maintain and Monitor
Which type of attack is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs?
Which of the following is a part of a company's network that lies in between the Internet and a private network?
Demilitarized Zone (DMZ)
Which of the following is used to allow or deny access to network resources?
In which of the following techniques does an attacker change the address of the phishing site in such a manner that it can bypass filters or other application defenses that have been put in place to block specific IP addresses?
Your project is to implement a new operating system for all of the workstations in your company's network. Every workstation must have the new operating system as part of an organization-wide mandate. Many users are not happy with this decision and are resisting the change. Some of the users are complaining that they do not want the operating system at all. What type of stakeholders are these users?
You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared Key authentication for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?
Against which of the following does SSH provide protection? Each correct answer represents a complete solution. Choose two.
Which of the following are the algorithms contained by the digital signature policy? Each correct answer represents a complete solution. Choose all that apply.
Which of the following processes is described in the statement below? "It is a process of developing an approximation of the costs of the resources needed to complete project activities."
Ned is the program manager for his organization and he's considering some new materials for his program. He and his team have never worked with these materials before and he wants to ask the vendor for some additional information, a demon, and even some samples. What type of a document should Ned send to the vendor?
You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1. Original cookie values: ItemID1=2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1=2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price. Which of the following hacking techniques is John performing?
Maria works as the Chief Security Officer for Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?
Which of the following options is an approach to restricting system access to authorized users?
You are the program manager for your organization. Management has asked that you determine when resources, such as leased equipment, are no longer needed so that you may release the resources to save time, money, and utilization of resources within your program. What program management process is management asking you to perform?
John works as an IT Technician for Inc. One morning, John receives an e-mail from the company's Manager asking him to provide his logon ID and password, but the company policy restricts users from disclosing their logon IDs and passwords. Which type of possible attack is this?
What does a firewall check to prevent certain ports and applications from getting the packets into an Enterprise?
The transport layer port numbers and the application layer headers
What is the major difference between a worm and a Trojan horse?
A worm is self replicating, while a Trojan horse is not.
You work as a Network Administrator in a company. The NIDS is implemented on the network. You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?
Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.
Brute force attack
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a wireless sniffer to sniff the We-are-secure network. Which of the following tools will he use to accomplish his task?
Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.
You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?
Which of the following are countermeasures to prevent unauthorized database access attacks? Each correct answer represents a complete solution. Choose all that apply.
Removing all stored procedures
Applying strong firewall rules
Mark works as a Network Administrator for BlueWell Inc. While surfing the Internet, he enters a URL http://www.ciw.com/web/learning in the Web browser. A Web page appears after entering the URL. Which of the following protocols can be used to resolve www.ciw.com into the correct IP address?
The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?
Building up an incident response kit
A project team member has just identified a new project risk. The risk event is determined to have significant impact but a low probability in the project. Should the risk event happen it'll cause the project to be delayed by three weeks, which will cause new risk in the project. What should the project manager do with the risk event?
Add the identified risk to the risk register.
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based network environment. The network contains a Cisco Catalyst router to connect the internal network to the Internet. You want to secure your network from various attacks such as virus, spam, spyware, phishing, etc. You want to secure the whole network through a separate hardware device. Which of the following will you use?
Which of the following tools can be used to perform polymorphic shell code attacks?
You and your project team have identified the project risks and now are analyzing the probability and impact of the risks. What type of analysis of the risks provides a quick and high-level review of each identified risk event?
Qualitative risk analysis
Which of the following security protocols can be used to support MS-CHAPv2 for wireless client authentication? Each correct answer represents a complete solution. Choose two.
You work as an Exchange Administrator for McRobert Inc. You are configuring a new Exchange 2000 Server computer and two storage groups, group A and group B, on your network. You have to configure the physical disks on the Exchange 2000 Server computer to provide better performance and availability. Which configuration will you use to achieve this?
Single drive ----- Transaction Log Files (group A) Single drive ----- Transaction Log Files (group B) RAID5 ----------- Information Store (group A) RAID5 ----------- Information Store (group B)
Which of the following malware spread through the Internet and caused a large DoS attack in 1988?
Maria works as a Risk Analysis Manager for Gentech Inc. She starts a new IT project. Which of the following phases of her project development process is most suitable for including risk analysis?
Which of the following are the limitations for the cross site request forgery (CSRF) attack? Each correct answer represents a complete solution. Choose all that apply.
The attacker must determine the right values for all the form inputs.
The attacker must target a site that doesn't check the referrer header.
Which of the following IEEE standards is defined to enhance security of Wireless LANs (WLANs) that follow the IEEE 802.11 standard?
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?
Malware installation from unknown Web sites
You are a project manager of a large construction project. Within the project you are working with several vendors to complete different phases of the construction. Your client has asked that you arrange for some of the materials a vendor is to install next week in the project to be changed. According to the change management plan what subsystem will need to manage this change request?
Which of the following statements are true about MS-CHAPv2? Each correct answer represents a complete solution. Choose all that apply.
It can be replaced with EAP-TLS as the authentication mechanism for PPTP.
It provides an authenticator-controlled password change mechanism.
It is subject to offline dictionary attacks.
You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer, Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string in the log file: (Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001) When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool is being used for the unauthorized access. Which of the following tools have you ascertained?