GSNA GIAC Exam Questions and Free Practice Test

Question 31

- (Topic 4)
Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A. Disaster recovery plan

B. Continuity of Operations Plan

C. Business continuity plan

D. Contingency plan

Correct Answer:D

A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans include specific strategies and actions to deal with specific variances to assumptions resulting in a particular problem, emergency, or state of affairs. They also include a monitoring process and triggers for initiating planned actions. Answer A is incorrect. Disaster recovery is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Answer C is incorrect. It deals with the plans and procedures that identify and prioritize the critical business functions that must be preserved. Answer B is incorrect. It includes the plans and procedures documented that ensure the continuity of critical operations during any period where normal operations are impossible.

Question 32

- (Topic 3)
Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

A. Multi-Authentication

B. Port security

C. MAC Authentication Bypass

D. Quality of Service (QoS)

Correct Answer:B
If a switch has the ability to enable port security, this will help to protect network from both the MAC Flood and MAC Spoofing attacks. Answer D is incorrect. Quality of Service (QoS) feature is useful for prioritizing VOIP traffic. Switches are offering the ability to assign a device a Quality of Service (QoS) value or a rate limiting value based on the RADIUS response. Answer A is incorrect. Multi-Authentication feature is used to allow multiple devices to use a single port. Answer C is incorrect. MAC Authentication Bypass feature is used to allow the RADIUS server to specify the default VLAN/ACL for every device that doesn't authenticate by 802.1X.

Question 33

- (Topic 4)
Which of the following commands can be used to format text files?

A. wc

B. ps

C. tail

D. pr

Correct Answer:D

The pr command is used to format text files according to the specified options. This command is usually used to paginate or columnate files for printing. Answer B is incorrect. The ps command reports the status of processes that are currently running on a Linux computer. Answer A is incorrect. The wc command is used to count the number of bytes, words, and lines in a given file or in the list of files. Answer C is incorrect. The tail command is used to display the last few lines of a text file or piped data.

Question 34

- (Topic 2)
Pingdom is a website monitoring service. Which of the following services are provided by Pingdom?

A. It creates complicated charts to spot trends and imprecisely pinpoint problems.

B. It works as an iPhone application to make sure that a website is reachable and responding properly at all times.

C. It is used to monitor sites and servers on the Internet.

D. It is used to track the uptime, downtime, and performance of websites.

Correct Answer:BCD
Pingdom is a website monitoring service that is used by administrators to monitor sites and servers on the Internet. It alerts the site owners if it detects a problem. Pingdom service is used to track the uptime, downtime, and overall performance of websites. Pingdom also works as an iPhone application to make sure that a website is reachable and responding properly at all times. If not so, it provides the administrator with the email and SMS alerts. It creates charts and tables that are easy to understand. These charts and tables enable an administrator to spot trends and accurately pinpoint problems. Answer A is incorrect. Pingdom creates charts that are easy to understand. These charts are used to spot trends and accurately pinpoint problems.

Question 35

- (Topic 2)
You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

A. Examining your antivirus logs

B. Examining your domain controller server logs

C. Examining your firewall logs

D. Examining your DNS Server logs

Correct Answer:C

Firewall logs will show all incoming and outgoing traffic. By examining those logs, you can do port scans and use other penetration testing tools that have been used on your firewall.

Question 36

- (Topic 2)
One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PD A. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

A. Spam

B. Blue snarfing

C. A virus

D. Blue jacking

Correct Answer:D

Blue jacking is the process of using another bluetooth device that is within range (about 30' or less) and sending unsolicited messages to the target. Answer B is incorrect. Blue snarfing is a process whereby the attacker actually takes control of the phone. Perhaps copying data or even making calls. Answer C is incorrect. A virus would not cause unsolicited messages. Adware might, but not a virus. Answer A is incorrect. Spam would not be limited to when the person was in a crowded area.

START GSNA EXAM