GSEC GIAC Exam Questions and Free Practice Test

Question 55

Which of the following is a valid password for a system with the default "Password must meet complexity requirements" setting enabled as part of the GPO Password policy requirements?

A. The Cat Chased its Tail AII Night

B. disk ACCESS failed

C. SETI@HOME

D. SaNS2006

Correct Answer:D

Question 56

A new data center is being built where customer credit information will be processed and stored. Which of the following actions will help maintain the confidentiality of the data?

A. Environmental sensors in the server room

B. Access control system for physical building

C. Automated fire detection and control systems

D. Frequent off-site backup of critical databases

Correct Answer:B

Question 57

During a scheduled evacuation training session the following events took place in this order:
* 1. Evacuation process began by triggering the building fire alarm.
* 2a. The meeting point leader arrived first at the designated meeting point and immediately began making note of who was and was not accounted for.
* 2b. Stairwell and door monitors made it to their designated position to leave behind a box of flashlights and prop the stairway doors open with a garbage can so employees can find exits and dispose of food and beverages.
2c. Special needs assistants performed their assigned responsibility to help employees out that require special assistance.
* 3. The safety warden communicated with the meeting point leader via walkie talkie to collect a list of missing personnel and communicated this information back to the searchers.
* 4. Searchers began checking each room and placing stick-it notes on the bottom of searched doors to designate which areas were cleared.
* 5. All special need assistants and their designated wards exited the building.
* 6. Searchers complete their assigned search pattern and exit with the Stairwell/door monitors.
Given this sequence of events, which role is in violation of its expected evacuation tasks?

A. Safety warden

B. Stairwell and door monitors

C. Meeting point leader

D. Searchers

E. Special needs assistants

Correct Answer:B

Question 58

If a DNS client wants to look up the IP address for good.news.com and does not receive an authoritative reply from its local DNS server, which name server is most likely to provide an authoritative reply?

A. The news.com domain name server

B. The .com (top-level) domain name server

C. The .(root-level) domain name server

D. The .gov (top-level) domain name server

Correct Answer:A

Question 59

You have an automated system for patching the operating systems of all your computers. All patches are supposedly current. Yet your automated vulnerability scanner has just reported vulnerabilities that you believe have been patched. Which of the actions below should you take next?

A. Check some systems manuall

B. Rerun the system patching routine

C. Contact the incident response tea

D. Ignore the findings as false positive

Correct Answer:A

Question 60

Which of the following statements about policy is FALSE?

A. A well-written policy contains definitions relating to "what" to d

B. A well-written policy states the specifics of "how" to do somethin

C. Security policy establishes what must be done to protect information stored on computer

D. Policy protects people who are trying to do the right thin

Correct Answer:D

START GSEC EXAM