GISF GIAC Exam Questions and Free Practice Test

Question 49

- (Topic 1)
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

A. NetBus

B. EliteWrap

C. Trojan Man

D. Tiny

Correct Answer:C

Question 50

- (Topic 1)
Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

A. Authentication

B. Confidentiality

C. Integrity

D. Non-repudiation

Correct Answer:B

Question 51

- (Topic 2)
Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following?
* 1. To account for all IT assets
* 2. To provide precise information support to other ITIL disciplines
* 3. To provide a solid base only for Incident and Problem Management
* 4. To verify configuration records and correct any exceptions

A. 2 and 4 only

B. 1, 3, and 4 only

C. 1, 2, and 4 only

D. 2, 3, and 4 only

Correct Answer:C

Question 52

- (Topic 2)
Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

A. Transposition cipher

B. Message Authentication Code

C. Stream cipher

D. Block cipher

Correct Answer:BCD

Question 53

- (Topic 2)
Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

A. Availability

B. Integrity

C. Confidentiality

D. Authenticity

Correct Answer:C

Question 54

- (Topic 1)
John works as a Network Administrator for Perfect Solutions Inc. The company has a
Linux-based network. The company is aware of various types of security attacks and wants to impede them. Hence, management has assigned John a project to port scan the company's Web Server. For this, he uses the nmap port scanner and issues the following command to perform idle port scanning:
nmap -PN -p- -sI IP_Address_of_Company_Server
He analyzes that the server's TCP ports 21, 25, 80, and 111 are open.
Which of the following security policies is the company using during this entire process to mitigate the risk of hacking attacks?

A. Audit policy

B. Antivirus policy

C. Non-disclosure agreement

D. Acceptable use policy

Correct Answer:A

START GISF EXAM