New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > GIAC > GIAC Certification > G2700

G2700 GIAC Certified ISO-2700 Specialist Practice Test Question and Answers

Question # 4

Which of the following laws or acts enforces the prohibition against cyber stalking?

A.

Malicious Communications Act (1998)

B.

Anti-Cyber-Stalking law (1999)

C.

Stalking Amendment Act (1999)

D.

Stalking by Electronic Communications Act (2001)

Full Access
Question # 5

As an attacker, you are sending very small sized packets with durations of 15 minutes per packet to the IIS Web server. Since an IIS session remains alive for a long time, the IDS may be tricked into accepting them as regular packet transformations. Which of the following types of attacking methods are you using?

A.

Session splicing

B.

Nonblind spoofing

C.

Session hijacking

D.

Security Logging

Full Access
Question # 6

Which of the following needs to be documented to preserve evidences for presentation in court?

A.

Account lockout policy

B.

Chain of custody

C.

Incident response policy

D.

Separation of duties

Full Access
Question # 7

Sam is the CEO of Gentech Inc. The company is located in New York. He has to start a new project in order to increase the overall revenue of the company. Sam has to develop an ISMS policy. In which of the following phases of the PDCA cycle will Sam accomplish the task?

A.

Do

B.

Plan

C.

Act

D.

Check

Full Access
Question # 8

Which of the following are the steps of the Do stage of the project?

Each correct answer represents a part of the solution. Choose all that apply.

A.

Operations and resources are managed.

B.

Training and awareness programs for affected staff are scheduled.

C.

The risk treatment plan is implemented and controls are planned.

D.

The options are identified and evaluated for the treatment of the risks.

Full Access
Question # 9

Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats?

A.

Risk acceptance

B.

Risk transference

C.

Risk avoidance

D.

Risk mitigation

Full Access
Question # 10

You work as a Security Administrator for uCertify Inc. You need to install a honeypot inside network firewalls to monitor and track hackers. What should you install on the system before deploying the honeypot?

Each correct answer represents a complete solution. Choose all that apply.

A.

Install the IAS server on the system to verify Internet related activities.

B.

Install the RADIUS server to check the authentication of the invader.

C.

Install the application that is designed to record the activities of the invader.

D.

Install the operating system without patches installed and use typical defaults and options.

Full Access
Question # 11

Sam works as a Project Manager for Blue Well Inc. He is working on a new project. He wants to access high level risks for the project. Which of the following steps should Sam take in order to accomplish the task?

A.

Developing risk management plan to identify risks based on documents

B.

Developing project charter and risk management plan to identify risks based on documents

C.

Developing project charter to identify risks based on documents

D.

Identifying and analyzing risk events using qualitative and quantitative techniques

Full Access
Question # 12

Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk?

A.

Risk avoidance

B.

Risk mitigation

C.

Risk transference

D.

Risk acceptance

Full Access
Question # 13

You work as the project manager for Bluewell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decide, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project, what is

likely to increase?

A.

Human resource needs

B.

Risks

C.

Costs

D.

Quality control concerns

Full Access
Question # 14

Which of the following are features of protocol and spectrum analyzers?

Each correct answer represents a complete solution. Choose all that apply.

A.

A protocol analyzer can be used to analyze network traffic to trace specific transactions.

B.

A protocol analyzer can identify physical layer errors in a network switch.

C.

A packet analyzer can be used to capture real-time packets and can monitor the network packets on the LAN and the Internet.

D.

A spectrum analyzer should have the sensitive measuring equipment capability for detecting waveform frequencies and can identify and locate the interfering transmitter.

Full Access
Question # 15

Which of the following types of cyberstalking damages the reputation of their victim and turns other people against them by setting up their own Websites, blogs, or user pages for this purpose?

A.

False accusation

B.

False victimization

C.

Encouraging others to harass the victim

D.

Attempts to gather information about the victim

Full Access
Question # 16

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset?

A.

Equipment

B.

Electricity

C.

Reputation of the company

D.

Personal data

Full Access
Question # 17

You work as a Network Security Administrator for uCertify Inc. You feel that someone has accessed your computer and used your e-mail account. To check whether there is any virus installed into your computer, you scan your computer but do not find any illegal software. Which of the following types of security attacks generally runs behind the scenes on your computer?

A.

Zero-day

B.

Rootkit

C.

Hybrid

D.

Replay

Full Access
Question # 18

Which of the following policies is a set of rules applied by the owner/manager of a network, Website or large computer system that restrict the ways in which the network site or system may be used?

A.

Default policy

B.

Certificate policy

C.

Informative policy

D.

Acceptable use policy

Full Access
Question # 19

Which of the following statements is true about annualized rate of occurrence?

A.

It is defined as the cost related to a single realized risk against a particular asset.

B.

It is defined as the yearly cost of all instances of a particular threat against a particular ass et.

C.

It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year.

D.

It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk.

Full Access
Question # 20

The Information Security Officer (ISO) of Blue Well Inc. wants to have a list of security measures put together. What should be done before security measures are selected by the Information Security Officer?

A.

Carry out a risk analysis.

B.

Formulate information security policy.

C.

Set up monitoring.

D.

Carry out an evaluation.

Full Access
Question # 21

You work as the Human Resource Manager for uCertify Inc. You need to recruit some candidates for the marketing department of the organization. Which of the following should be defined to the new employees of the organization before they have joined?

Each correct answer represents a complete solution. Choose all that apply.

A.

Marketing tips and tricks

B.

Organization's network topology

C.

Job roles

D.

Organization's security policy

Full Access
Question # 22

A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following are the parts of a project plan?

Each correct answer represents a complete solution. Choose all that apply.

A.

Risk identification

B.

Security Threat

C.

Project schedule

D.

Team members list

E.

Risk analysis

Full Access
Question # 23

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner?

Each correct answer represents a complete solution. Choose all that apply.

A.

The owner has property rights to the asset.

B.

The owner is allowed to delegate responsibility for maintaining the asset.

C.

The owner should have a document describing the security controls for the asset.

D.

The owner is allowed to delegate accountability of the asset.

Full Access
Question # 24

Fill in the blank with the appropriate term.

___________is the built-in file encryption tool for Windows file systems. It protects encrypted files from those who have physical possession of the computer where the encrypted files are stored.

Full Access
Question # 25

Which of the following is also known as the 'Code for Information Security'?

A.

ISO/IEC 20002 standard

B.

ISO/IEC 27001:2005 standard

C.

ISO/IEC 27002:2005 standard

D.

ISO/IEC 20000 standard

Full Access
Question # 26

Which of the following are the perspectives considered to ensure the confidentiality, integrity, and availability of an organization's assets, information, data, and IT services?

Each correct answer represents a complete solution. Choose all that apply.

A.

Procedural

B.

Technical

C.

Management

D.

Organizational

Full Access
Question # 27

Which of the following states that a user should never be given more privileges than are required to carry out a task?

A.

Principle of least privilege

B.

Role-based security

C.

Security through obscurity

D.

Segregation of duties

Full Access
Question # 28

Sam is the CEO of Gentech Inc. The company is located in New York. He has to start a new project in order to increase the overall revenue of the company. Sam has to develop an ISMS policy. In which of the following phases of the PDCA cycle will Sam accomplish the task?

A.

Plan

B.

Do

C.

Check

D.

Act

Full Access
Question # 29

Which of the following are the things included by sensitive system isolation?

Each correct answer represents a complete solution. Choose all that apply.

A.

Construction of appropriately isolated environments where technically and operationally feasible

B.

Inclusion of all documents technically stored in a virtual directory

C.

Explicit identification and acceptance of risks when shared facilities and/or resources must be used

D.

Explicit identification and documentation of sensitivity by each system/application controller (owner)

Full Access
Question # 30

Which of the following is the element used in the technology of encrypting and decrypting the text in cryptography?

A.

Cipher

B.

Key

C.

Plaintext

D.

Encryption

Full Access
Question # 31

Which of the following are the two methods that are commonly used for applying mandatory access control?

Each correct answer represents a complete solution. Choose all that apply.

A.

Lattice-based access control

B.

Attribute-based access control

C.

Rule-based access control

D.

Discretionary access control

Full Access
Question # 32

Which of the following are the various types of risk analysis?

Each correct answer represents a complete solution. Choose all that apply.

A.

Corrective

B.

Quantitative

C.

Repressive

D.

Qualitative

Full Access
Question # 33

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to make a document on the usage of information assets. Which of the following controls of the ISO standard deals with the documentation and implementation of rules for the acceptable use of information assets?

A.

Control A.7.2.1

B.

Control A.7.1.2

C.

Control A.7.1.3

D.

Control A.7.2

Full Access
Question # 34

Which of the following documents is developed along the risk management processes to monitor and control risks?

A.

Fault tree

B.

Risk mitigation

C.

Decision tree

D.

Risk register

Full Access
Question # 35

Which of the following is used to govern the disclosure of financial and accounting information?

A.

Gramm-Leach-Bliley Act

B.

Privacy act of 1974

C.

Sarbanes-Oxley

D.

Health Insurance Portability and Accountability Act

Full Access
Question # 36

You work as a Security Administrator for uCertify Inc. You have been assigned the task to improve the security of the organization. For accomplishing the task, you need to improve the layers of physical security. Which of the following are the layers of physical security?

Each correct answer represents a complete solution. Choose all that apply.

A.

Video monitoring

B.

Immigration system

C.

Intrusion detection

D.

Environmental design

E.

Personnel Identification

Full Access
Question # 37

Which of the following defines the amount of data loss a business can endure?

A.

RTO

B.

RTA

C.

BCP

D.

RPO

Full Access
Question # 38

You work as an Information Security Manager for uCertify Inc. You are working on an asset management plan. Which of the following controls of the ISO 27000 standard deals with asset management?

A.

Control A.1

B.

Control A.8

C.

Control A.2

D.

Control A.7

Full Access
Question # 39

You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following is the governing principle behind ISMS?

A.

An organization should implement and maintain IDS to manage risks to the network.

B.

An organization should design, implement, and maintain a coherent set of policies, processes, and systems to manage risks to its information assets.

C.

An organization should design, implement, and maintain a coherent set of policies to ensure proper marketing of products.

D.

An organization should apply encryption to its information assets.

Full Access
Question # 40

Which of the following phases of the PDCA model is the controlling and maintaining phase of the Information Security Management System (ISMS)?

A.

Check

B.

Act

C.

Do

D.

Plan

Full Access
Question # 41

Mark works as a Data Center Manager for TechNet Inc. A few days ago, he published a blog about himself during his working hours. However, as per the organization's policy, any member of the organization cannot use any resources of the organization for his personal use. Since Mark has violated the policy, he should go to an internal committee and be informed of his rights in the matter. Which of the following practices is being implemented?

A.

Due process

B.

Integrity Management Consulting

C.

Due diligence

D.

Due care

Full Access
Question # 42

An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition?

A.

Sharpen

B.

Rotate

C.

Blur

D.

Soften

Full Access
Question # 43

Which of the following statements MOST closely depicts the difference between qualitative risk analysis and quantitative risk analysis?

A.

A quantitative RA does not use the hard costs of losses and a qualitative RA does.

B.

A quantitative RA cannot use a number of calculations.

C.

A qualitative RA uses a number of complex calculations.

D.

Lesser amount of guesswork is used in a quantitative RA.

Full Access
Question # 44

Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

A.

SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)

B.

SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)

C.

SLE = Asset Value (AV) * Exposure Factor (EF)

D.

SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence

Full Access
Question # 45

Which of the following are the valid reasons for the occurrence of Drive-by download?

Each correct answer represents a complete solution. Choose all that apply.

A.

Clicking on a deceptive pop-up window

B.

Updating windows files automatically

C.

Visiting a website

D.

Viewing an e-mail message

Full Access
Question # 46

You work as an Information Security Manager for uCertify Inc. You need to make the documentation on change management. What are the advantages of change management?

Each correct answer represents a complete solution. Choose all that apply.

A.

Improved adverse impact of changes on the quality of IT services

B.

Improved IT personnel productivity, since there is a reduced number of urgent changes and a back-out of erroneous changes

C.

Improved productivity of users due to more stable and better IT services

D.

Increased ability to absorb frequent changes without making an unstable IT environment

Full Access
Question # 47

Which of the following policies defines the goals and elements of an organization's computer systems?

A.

Public

B.

Corporate

C.

Human resource

D.

Computer security

Full Access
Question # 48

Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk?

A.

Risk transference

B.

Risk acceptance

C.

Risk avoidance

D.

Risk mitigation

Full Access
Question # 49

Which of the following can be protected by the RAID implementation?

A.

Disk failure

B.

Switch failure

C.

Host failure

D.

Network failure

Full Access
Question # 50

Mark works as a Network Security Administrator for uCertify Inc. He wants to implement a firewall technique over the network to inspect each packet passing through the network and to accept or reject it, based on user-defined rules. Which of the following types of firewall techniques is implemented by Mark to accomplish the task?

A.

Application gateway

B.

Proxy server

C.

Circuit-level gateway

D.

Packet filter

Full Access
Question # 51

Which of the following is a legal system that gives great precedential weight to common law, on the principle that it is unfair to treat similar facts differently on different occasions?

A.

Religious law

B.

Common law

C.

Civil law

D.

Customary law

Full Access
Question # 52

Which of the following security design principles supports comprehensive and simple design and implementation of protection mechanisms, so that an unintended access path does not exist or can be readily identified and eliminated?

A.

Psychological acceptability

B.

Separation of duties

C.

Economy of mechanism

D.

Least privilege

Full Access
Question # 53

You work as a Network Administrator for uCertify Inc. You are responsible for selecting the access control method that will be used for kiosk system software. Your manager wants to have full access to all information about all categories, but the visitors can access only general information about the organization. Which of the following types of access controls is suitable to accomplish this task?

A.

Attribute-based access control

B.

Mandatory access control

C.

Discretionary access control

D.

Rule-based access control

Full Access
Question # 54

You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?

A.

Take a full backup daily with the previous night's tape taken offsite.

B.

Take a full backup on alternate days and keep rotating the tapes.

C.

Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday's backup offsite.

D.

Take a full backup daily and use six-tape rotation.

E.

Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday's backup offsite.

F.

Take a full backup daily with one tape taken offsite weekly.

Full Access
Question # 55

You work as a Security Administrator for uCertify Inc. You are working on a project related to various security policies. Which of the following information security standards ensures conformance with information security policies, standards, laws, and regulations?

A.

Human resources security

B.

Business continuity management

C.

Compliance

D.

Asset management

Full Access
Question # 56

Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?

A.

Cross site scripting attack

B.

Mail bombing

C.

Password guessing attack

D.

Social engineering attack

Full Access
Question # 57

Service Level Agreement (SLA) provides one service for all customers of that service. Which of the following are the contents included by SLAs?

Each correct answer represents a complete solution. Choose all that apply.

A.

Vocations

B.

Mutual responsibilities

C.

Scope

D.

Service description

Full Access
Question # 58

Mark works as a security manager for SoftTech Inc. He is performing a security awareness program. To be successful in performing the awareness program, he should take into account the needs and current levels of training and understanding of the employees and audience. There are five key ways, which Mark should keep in mind while performing this activity:

l Current level of computer usage

l What the audience really wants to learn

l How receptive the audience is to the security program

l How to gain acceptance

l Who might be a possible ally

Which of the following activities is performed in this security awareness process?

A.

Audience segmentation

B.

Audience participation

C.

Separation of duties

D.

Stunned owl syndrome

Full Access
Question # 59

You work as a Network Security Administrator for uCertify Inc. You feel that someone has accessed your computer and used your e-mail account. To check whether there is any virus installed into your computer, you scan your computer but do not find any illegal software. Which of the following types of security attacks generally runs behind the scenes on your computer?

A.

Zero-day

B.

Rootkit

C.

Replay

D.

Hybrid

Full Access
Question # 60

Gary is the project manager for his organization. He is working with the project stakeholders on the project requirements and how risks may affect their project. One of the stakeholders is confused about what constitutes risks in the project. Which of the following is the most accurate definition of a project risk?

A.

It is an uncertain event or condition within the project execution.

B.

It is an uncertain event that can affect at least one project objective.

C.

It is an unknown event that can affect the project scope.

D.

It is an uncertain event that can affect the project costs.

Full Access
Question # 61

Which of the following best describes the identification, analysis, and ranking of risks?

A.

Fixed-price contract

B.

Plan Risk management

C.

Fast tracking

D.

Design of experiments

Full Access
Question # 62

Which of the following are the variables on which the structure of Service Level Agreement depends?

Each correct answer represents a complete solution. Choose all that apply.

A.

It depends on the physical aspects of the organization.

B.

It depends on the nature of the business activities, in terms of general terms and conditions, and business hours.

C.

It depends on the cultural aspects.

D.

It depends on the infrastructure aspects of the organization.

Full Access
Question # 63

For which of the following can risk analysis be used?

A.

Reducing risks to an acceptable level in conjunction with security measures

B.

Expressing the value of information for an organization in terms of money

C.

Ensuring that security measures are deployed in a cost-effective fashion

D.

Clarifying management about their responsibilities

Full Access
Question # 64

David works as the Network Administrator for Blue Well Inc. One of his tasks is to develop and maintain risk management plan. Which of the following are the objectives of risk management plan?

Each correct answer represents a complete solution. Choose all that apply.

A.

Eliminating risks

B.

Accepting risks cautiously that cannot be eliminated

C.

Developing required risks

D.

Transferring risks by insurance

Full Access
Question # 65

Which of the following are the negative points of CRAMM?

Each correct answer represents a complete solution. Choose all that apply.

A.

Full reviews, which usually last long, generate a lot of hard-copy output.

B.

It regularly updates extensive hierarchical countermeasure databases covering non-technical areas.

C.

After rapid changes to system or network reviewed, there is a possibility of insignificance of some results in a full review due to delay between analysis and implementation.

D.

It requires qualified and experienced practitioners to use it.

Full Access
Question # 66

Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?

A.

Honeynet

B.

Production honeypot

C.

Honeyfarm

D.

Research honeypot

Full Access
Question # 67

Which of the following paragraphs of the Turnbull Guidance stated that the board of directors is responsible for the company's system of internal control?

A.

19

B.

18

C.

17

D.

16

Full Access