New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > GIAC > Audit GSNA > GSNA

GSNA GIAC Systems and Network Auditor Question and Answers

Question # 4

You work as a Network Administrator for XYZ CORP. The company has a Linux-based network. The company needs to provide secure network access. You have configured a firewall to prevent certain ports and applications from forwarding the packets to the company's intranet. What does a firewall check to prevent these ports and applications from forwarding the packets to the intranet?

A.

The network layer headers and the session layer port numbers

B.

The application layer port numbers and the transport layer headers

C.

The transport layer port numbers and the application layer headers

D.

The presentation layer headers and the session layer port numbers

Full Access
Question # 5

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer. You have configured auditing on this server. The client computers of the company use the Windows XP Professional operating system. You want to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. To accomplish the task, you have enabled the Audit account management option on the server. Which of the following events can be audited by enabling this audit option?

A.

Access to an Active Directory object

B.

Change of password for a user account

C.

Addition of a user account to a group

D.

Creation of a user account

Full Access
Question # 6

Sam works as a Web Developer for McRobert Inc. He creates a Web site. He wants to include the following table in the Web site:

He writes the following HTML code to create the table:

1.

2.

3.

4.

5.

6.

7.

9.

11.

13.

14.

15.

17.

19.

21.

22.

8.

10.

12.

16.

18.

20.

Which of the following tags will Sam place at lines 3 and 4 to create the table?

A.

at line 3 at line 4

B.

at line 3 at line 4

C.

at line 4 at line

D.

at line 3 at line 4

Full Access
Question # 7

George works as an office assistant in Soft Well Inc. The company uses the Windows Vista operating system. He wants to disable a program running on a computer. Which of the following Windows Defender tools will he use to accomplish the task?

A.

Allowed items

B.

Quarantined items

C.

Options

D.

Software Explorer

Full Access
Question # 8

Which of the following allows the use of multiple virtual servers using different DNS names resolved by the same IP address?

A.

HTTP 1.1

B.

JAVA

C.

HTML

D.

VPN

Full Access
Question # 9

You are responsible for a large network that has its own DNS servers. You periodically check the log to see if there are any problems. Which of the following are likely errors you might encounter in the log? (Choose three)

A.

The DNS server could not create FTP socket for address [IP address of server]

B.

The DNS server could not create an SMTP socket

C.

Active Directory Errors

D.

The DNS server could not create a Transmission Control Protocol (TCP) socket

E.

The DNS server could not initialize the Remote Procedure Call (RPC) service

Full Access
Question # 10

You have recently joined as a Network Auditor in XYZ CORP. The company has a Windows-based network. You have been assigned the task to determine whether or not the company's goal is being achieved. As an auditor, which of the following tasks should you perform before conducting the data center review? Each correct answer represents a complete solution. Choose three.

A.

Review the future IT organization chart.

B.

Meet with IT management to determine possible areas of concern.

C.

Review the company's IT policies and procedures.

D.

Research all operating systems, software applications, and data center equipment operating within the data center.

Full Access
Question # 11

Which of the following statements about a perimeter network are true? (Choose three)

A.

It has a connection to the Internet through an external firewall and a connection to an internal network through an interior firewall.

B.

It has a connection to a private network through an external firewall and a connection to an internal network through an interior firewall.

C.

It is also known as a demilitarized zone or DMZ.

D.

It prevents access to the internal corporate network for outside users.

Full Access
Question # 12

You work as a professional Ethical Hacker. You are assigned a project to test the security of www.we-are-secure.com. You are working on the Windows Server 2003 operating system. You suspect that your friend has installed the keyghost keylogger onto your computer. Which of the following countermeasures would you employ in such a situation?

A.

Use commercially available anti-keyloggers such as PrivacyKeyboard.

B.

Use on-screen keyboards and speech-to-text conversion software which can also be useful against keyloggers, as there are no typing or mouse movements involved.

C.

Remove the SNMP agent or disable the SNMP service.

D.

Monitor the programs running on the server to see whether any new process is running on the server or not.

Full Access
Question # 13

Which of the following is an attempt to give false information or to deny that a real event or transaction should have occurred?

A.

A DDoS attack

B.

A repudiation attack

C.

A reply attack

D.

A dictionary attack

Full Access
Question # 14

Samantha works as a Web Developer for XYZ CORP. She develops a Web application using Visual InterDev. She wants to group a series of HTML elements together so that an action can be performed collectively on them. Which of the following tags will Samantha use to accomplish this?

A.

DIV

B.

GROUP

C.

BODY

D.

SPAN

Full Access
Question # 15

Brutus is a password cracking tool that can be used to crack the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File Transfer Protocol) SMB (Server Message Block) Telnet Which of the following attacks can be performed by Brutus for password cracking?

A.

Man-in-the-middle attack

B.

Hybrid attack

C.

Replay attack

D.

Brute force attack

E.

Dictionary attack

Full Access
Question # 16

Which of the following statements about URL rewriting are true?

A.

If cookies are supported by the browser, URL rewriting will return the URL unchanged.

B.

The request.encodeRedirectURL() method is used to add a session id info to the URL and send the request to another URL.

C.

The request.encodeURL() method is used to add a session id info to the URL.

D.

URL rewriting is used in cases where cookies are not supported by the browser.

Full Access
Question # 17

In an IT organization, some specific tasks require additional detailed controls to ensure that the workers perform their job correctly. What do these detailed controls specify? (Choose three)

A.

How the department handles acquisitions, security, delivery, implementation, and support of IS services

B.

How to lock a user account after unsuccessful logon attempts

C.

How output data is verified before being accepted into an application

D.

The way system security parameters are set

Full Access
Question # 18

Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services. Which of the following are the techniques used for network mapping by large organizations? Each correct answer represents a complete solution. Choose three.

A.

Route analytics

B.

Active Probing

C.

SNMP-based approaches

D.

Packet crafting

Full Access
Question # 19

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer as the domain controller. The client computers of the company use the Windows XP Professional operating system. When a user logs on to a client computer, it gets authenticated by the domain controller. You want to audit the logon events that would be generated on the domain controller. Which of the following audit settings do you need to configure to accomplish the task?

A.

Audit account management

B.

Audit logon events

C.

Audit directory service access

D.

Audit account logon events

Full Access
Question # 20

Which of the following types of servers are dedicated to provide resources to hosts on the network? (Choose three)

A.

Web servers

B.

Monitoring servers

C.

Mail servers

D.

Default gateway servers

E.

Print servers

Full Access
Question # 21

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

A.

WPA-EAP

B.

WEP

C.

WPA-PSK

D.

WPA2

Full Access
Question # 22

You are tasked with configuring your routers with a minimum security standard that includes the following: A local Username and Password configured on the router A strong privilege mode password Encryption of user passwords Configuring telnet and ssh to authenticate against the router user database Choose the configuration that best meets these requirements.

A.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4 RouterA(config-line)#login

B.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable password n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

C.

RouterA(config)#service password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login local

D.

RouterA(config)#service enable-password-encryption

RouterA(config)#username cisco password PaS$w0Rd

RouterA(config)#enable secret n56e&$te

RouterA(config)#line vty 0 4

RouterA(config-line)#login user

Full Access
Question # 23

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the hard disk geometry parameters, cylinders, heads, and sectors. Which of the following Unix commands can you use to accomplish the task?

A.

mke2fs

B.

mkswap

C.

mkfs

D.

hdparm

Full Access
Question # 24

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

A.

A3-07-B9-E3-BC-F9

B.

F936.28A1.5BCD.DEFA

C.

1011-0011-1010-1110-1100-0001

D.

132.298.1.23

Full Access
Question # 25

Which of the following is a prevention-driven activity to reduce errors in the project and to help the project meet its requirements?

A.

Audit sampling

B.

Asset management

C.

Access control

D.

Quality assurance

Full Access
Question # 26

John works as a Network Auditor for XYZ CORP. The company has a Windows-based network. John wants to conduct risk analysis for the company. Which of the following can be the purpose of this analysis? (Choose three)

A.

To ensure absolute safety during the audit

B.

To analyze exposure to risk in order to support better decision-making and proper management of those risks

C.

To try to quantify the possible impact or loss of a threat

D.

To assist the auditor in identifying the risks and threats

Full Access
Question # 27

You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

A.

Network anti-spyware software

B.

Network anti-virus software

C.

Protocol analyzers

D.

Site surveys

Full Access
Question # 28

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

A.

DSniff

B.

Dig

C.

Host

D.

NSLookup

Full Access
Question # 29

Which of the following statements is NOT true about FAT16 file system?

A.

FAT16 file system works well with large disks because the cluster size increases as the disk partition size increases.

B.

FAT16 file system supports file-level compression.

C.

FAT16 does not support file-level security.

D.

FAT16 file system supports Linux operating system.

Full Access
Question # 30

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has a data.txt file in which each column is separated by the TAB character. Now, he wants to use this file as input for a data mining software he has created. The problem preventing him from accomplishing his task is that with his data mining software, he has used TAB as a delimiter to distinguish between columns. Hence, he is unable to use this file as input for the software. However, if he somehow replaces the TAB characters of the file with SPACE characters, he can use this file as an input file for his data mining software. Which of the following commands will John use to replace the TAB characters of the file with SPACE characters?

A.

expand -t 1 data.txt > data.txt

B.

cat data.txt

C.

chmod 755 data.txt

D.

touch data.txt

Full Access
Question # 31

What is the purpose of Cellpadding attribute of

tag?

A.

Cellpadding is used to set the width of cell border and its content.

B.

Cellpadding is used to set the width of a table.

C.

Cellpadding is used to set the space between the cell border and its content.

D.

Cellpadding is used to set the space between two cells in a table.

Full Access
Question # 32

Which of the following is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control?

A.

Airwave Management Platform

B.

Andrisoft WANGuard Platform

C.

akk@da

D.

Aggregate Network Manager

Full Access
Question # 33

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:

Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

A.

A protocol rule that allows the use of HTTP has not been created.

B.

An IP packet filter that allows the use of network traffic on port 80 has not been created.

C.

An IP packet filter that allows the use of network traffic on port 443 has not been created.

D.

A protocol rule that allows the use of HTTPS has not been created.

Full Access
Question # 34

You work as a Network Administrator for Tech Perfect Inc. You need to configure the company firewall so that only Simple Network Management Protocol (SNMP) and Secure HTTP (HTTPS) traffic is allowed into the intranet of the company. No other traffic should be allowed into the intranet. Which of the following rule sets should you use on your firewall to accomplish the task? (Assume left to right equals top to bottom.)

A.

Output chain: allow port 443, allow 25, deny all

B.

Input chain: deny all, allow port 25, allow 443

C.

Input chain: allow port 25, allow 443, deny all

D.

Output chain: allow port 25, allow 443, deny all

Full Access
Question # 35

In a network, a data packet is received by a router for transmitting it to another network. In order to make decisions on where the data packet should be forwarded, the router checks with its routing table. Which of the following lists does a router check in a routing table?

A.

Available networks

B.

Available packets

C.

Available protocols

D.

Available paths

Full Access
Question # 36

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection? (Choose two)

A.

Hardening the server OS

B.

Using either WEP or WPA encryption

C.

MAC filtering on the router

D.

Strong password policies on workstations.

E.

Not broadcasting SSID

Full Access
Question # 37

You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site. Which type of style sheet will you use?

A.

Internal Style Sheet

B.

External Style Sheet

C.

Inline Style Sheet

D.

Embedded Style Sheet

Full Access
Question # 38

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the following is the required information that you will need to configure the client computer? (Choose two)

A.

SSID of the WLAN

B.

WEP key

C.

IP address of the router

D.

MAC address of the router

Full Access
Question # 39

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. Which of the following tools can you use to accomplish the task?

A.

Wget

B.

WinSSLMiM

C.

Whisker

D.

httprint

Full Access
Question # 40

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set some terminal characteristics and environment variables. Which of the following Unix configuration files can you use to accomplish the task?

A.

/etc/sysconfig/routed

B.

/proc/net

C.

/etc/sysconfig/network-scripts/ifcfg-interface

D.

/etc/sysconfig/init

Full Access
Question # 41

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the default port values of the services, which of the following services is running on UDP port 137?

A.

HTTP

B.

TELNET

C.

NetBIOS

D.

HTTPS

Full Access
Question # 42

You work as a Network Administrator for InfraTech Inc. You have been assigned the task of designing the firewall policy for the company. Which of the following statements can be considered acceptable in the 'contracted worker statement' portion of the firewall policy?

A.

No contractors shall have access to the authorized resources.

B.

No contractors shall be permitted to scan the network.

C.

No contractors shall have access to the unauthorized resources.

D.

No contractors can access FTP unless specifically granted permissions to use it.

Full Access
Question # 43

In which of the following techniques does an attacker take network traffic coming towards a host at one port and forward it from that host to another host?

A.

Snooping

B.

UDP port scanning

C.

Firewalking

D.

Port redirection

Full Access
Question # 44

Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

A.

A DNS Zone

B.

An Intranet

C.

A stub zone

D.

A demilitarized zone (DMZ)

Full Access
Question # 45

Mike works as a Network Engineer for XYZ CORP. The company has a multi-platform network. Recently, the company faced lots of blended threat issues that lead to several drastic attacks. Mike has been assigned a project to manage the resources and services of the company through both Intranet and Internet to protect the company from these attacks. Mike needs a system that provides auto-discovering and network topology building features to allow him to keep an intuitive view of the IT infrastructure. What will Mike use to meet the requirement of the project?

A.

eBox

B.

dopplerVUe

C.

David system

D.

EM7

Full Access
Question # 46

Web applications are accessed by communicating over TCP ports via an IP address. Choose the two most common Web Application TCP ports and their respective protocol names. (Choose two)

A.

TCP Port 443 / S-HTTP or SSL

B.

TCP Port 80 / HTTPS or SSL

C.

TCP Port 443 / HTTPS or SSL

D.

TCP Port 80 / HTTP

Full Access
Question # 47

A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over the network, it is broken into fragments (packets) at the source and reassembled at the destination system. Each packet contains a sequence number that is used by the destination system to reassemble the data packets in the correct order. The Initial Sequence Number of your computer is 24171311 at login time. You connect your computer to a computer having the IP address 210.213.23.21. This whole process takes three seconds. What will the value of the Initial Sequence Number be at this moment?

A.

24171811

B.

24619311

C.

24171111

D.

24171311

Full Access
Question # 48

You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires fast processing of the data in the database of the company so that answers to queries can be generated quickly. To provide fast processing, you have a conceptual idea of representing the dimensions of data available to a user in the data cube format. Which of the following systems can you use to implement your idea?

A.

SYSDBA

B.

MDDBMS

C.

Federated database system

D.

Hierarchical database system

Full Access
Question # 49

In which of the following attacking methods does an attacker distribute incorrect IP address?

A.

DNS poisoning

B.

IP spoofing

C.

Mac flooding

D.

Man-in-the-middle

Full Access
Question # 50

Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly?

A.

Path MTU discovery (PMTUD)

B.

AS Route Inference

C.

AS PATH Inference

D.

Firewalking

Full Access
Question # 51

Which of the following tools can be used to perform ICMP tunneling? (Choose two)

A.

Itunnel

B.

Ptunnel

C.

WinTunnel

D.

Ethereal

Full Access
Question # 52

Which of the following services are provided by the proxy servers?

A.

Intrusion detection

B.

Logging

C.

Hiding network resources

D.

Caching

Full Access
Question # 53

You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?

A.

Implement WPA

B.

Implement WEP

C.

Don't broadcast SSID

D.

Implement MAC filtering

Full Access
Question # 54

Which of the following techniques can be used to determine the network ranges of any network?

A.

Whois query

B.

SQL injection

C.

Snooping

D.

Web ripping

Full Access