GSEC GIAC Exam Questions and Free Practice Test

Question 7

Which of the following Unix syslog message priorities is the MOST severe?

A. err

B. emerg

C. crit

D. alert

Correct Answer:B

Question 8

What database can provide contact information for Internet domains?

A. dig

B. who

C. who is

D. ns look up

Correct Answer:C

Question 9

What is the function of the TTL (Time to Live) field in IPv4 and the Hop Limit field in IPv6 In an IP Packet header?

A. These fields are decremented each time a packet is retransmitted to minimize the possibility of routing loop

B. These fields are initialized to an initial value to prevent packet fragmentation and fragmentation attack

C. These fields are recalculated based on the required time for a packet to arrive at its destinatio

D. These fields are incremented each time a packet is transmitted to indicate the number of routers that an IP packet has traverse

Correct Answer:A

Question 10

You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addition to the NOP commands, there appears to be a malicious payload. Of the following, which is the most appropriate preventative measure for this type of attack?

A. Limits on the number of failed logins

B. Boundary checks on program inputs

C. Controls against time of check/time of use attacks

D. Restrictions on file permissions

Correct Answer:C

Question 11

Which port category does the port 110 fall into?

A. Well known port

B. Dynamic port

C. Private port

D. Application port

Correct Answer:A

Question 12

Which of the following is a signature-based intrusion detection system (IDS) ?

A. RealSecure

B. Snort

C. StealthWatch

D. Tripwire

Correct Answer:B

START GSEC EXAM