GSNA GIAC Exam Questions and Free Practice Test

Question 85

- (Topic 3)
Brutus is a password cracking tool that can be used to crack the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File Transfer Protocol) SMB (Server Message Block) Telnet Which of the following attacks can be performed by Brutus for password cracking?

A. Man-in-the-middle attack

B. Hybrid attack

C. Replay attack

D. Brute force attack

E. Dictionary attack

Correct Answer:BDE

Brutus can be used to perform brute force attacks, dictionary attacks, or hybrid attacks.

Question 86

- (Topic 2)
Which of the following commands can you use to search a string 'pwd' in all text files without opening them? (Choose two)

A. vi

B. grep

C. sed

D. locate

Correct Answer:BC

sed and grep are the two commands that can be used to search a specified string in all text files without opening them. sed is a stream editor that is used to perform basic text transformations on an input stream (a file or input from a pipeline).

Question 87

- (Topic 2)
You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You have mplemented four VPN connections in the network. You use the Cisco IOS on the network. Which feature will you enable to maintain a separate routing and forwarding table for each VPN?

A. Intrusion Prevention System

B. VRF-aware firewall

C. Virtual Private Network

D. Stateful firewall

Correct Answer:B

In this scenario, the company's network has a vast majority of Cisco Systems routers and Cisco network switches. The security administrator of the company has implemented four VPN connections in the network and uses the Cisco IOS on the network. He needs to maintain a separate routing and forwarding table for each VPN in order to provide more secure communication. To accomplish this task, he should enable the VRF- aware firewall feature on the Cisco IOS routers.

Question 88

- (Topic 3)
Which of the following is the best way to authenticate users on the intranet?

A. By using Forms authentication.

B. By using Basic authentication.

C. By using clear text.

D. By using NT authentication.

Correct Answer:D

The best way to authenticate users on the intranet is by using NT authentication. Windows NT authentication works where the client and server computers are located in the same or trusted domains. Using NT authentication with an anonymous logon account is the best way to authenticate users on intranet because passwords are not transmitted over the network. User credentials are supplied automatically, if the user is logged on to a Windows machine. Answer B is incorrect. Basic authentication is used to authenticate users on the Internet. It is used by most of the browsers for authentication and connection. When using Basic authentication, the browser prompts the user for a username and password. This information is then transmitted across the Hypertext Transfer Protocol (HTTP). Answer A is incorrect. Forms authentication is used in an ASP environment to issue appropriate Membership server related cookies, to a user. Answer C is incorrect. Clear text is not an authentication method.

Question 89

- (Topic 3)
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the user login features on the systems with the shadow passwords. Which of the following Unix configuration files can you use to accomplish the task?

A. /etc/logrotate.conf

B. /etc/login.defs

C. /etc/magic

D. /etc/filesystems

Correct Answer:B

In Unix, the /etc/login.defs file is used by system administrators to set the user login features on the systems with the shadow passwords. Answer A is incorrect. In Unix, the /etc/logrotate.conf file configures the logrotate program used for managing log files. Answer C is incorrect. In Unix, the /etc/magic file contains the descriptions of various file formats for the file command. Answer D is incorrect. In Unix, the /etc/filesystems file is used to set the filesystem probe order when filesystems are mounted with the auto option.

Question 90

- (Topic 1)
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set some terminal characteristics and environment variables. Which of the following Unix configuration files can you use to accomplish the task?

A. /etc/sysconfig/routed

B. /proc/net

C. /etc/sysconfig/network-scripts/ifcfg-interface

D. /etc/sysconfig/init

Correct Answer:D

In Unix, the /etc/sysconfig/init file is used to set terminal characteristics and environment variables. Answer B is incorrect. In Unix, the /proc/net file contains status information about the network protocols. Answer C is incorrect. In Unix, the /etc/sysconfig/network-scripts/ifcfg-interface file is the configuration file used to define a network interface. Answer A is incorrect. In Unix, the /etc/sysconfig/routed file is used to set up the dynamic routing policies.

START GSNA EXAM