GIAC GIAC Information Security GSNA Questions & Answers
Question 11:
Which of the following tags will create two vertical frames, as given in the image below, where the left frame is half as wide as the right one?
A.
Question 12:
You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities.
Which of the following vulnerabilities can be fixed using Nessus?
A. Vulnerabilities that allow a remote cracker to control sensitive data on a system
B. Misconfiguration (e.g. open mail relay, missing patches, etc.)
C. Vulnerabilities that allow a remote cracker to access sensitive data on a system
D. Vulnerabilities that help in Code injection attacks
Correct Answer: ABC
Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example: Vulnerabilities that allow a remote cracker to control or access sensitive data on a system. Misconfiguration (e.g. open mail relay, missing patches, etc). Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack. Denials of service against the TCP/IP stack by using mangled packets. On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user. For Windows, Nessus 3 installs as an executable and has a self-contained scanning, reporting, and management system. Operations: In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction. Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also gives access to support and additional scripts (audit and compliance tests). Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML, and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners. If the user chooses to do so (by disabling the option' safe checks'), some of Nessus's vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production. Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA's guide for hardening Windows servers. Answer: D is incorrect. Nessus cannot be used to scan vulnerabilities that help in Code injection attacks.
Question 13:
You work as the Network Administrator for a company. You configure a Windows 2000-based computer as the Routing and Remote Access server, so that users can access the company's network, remotely. You want to log a record of all the users who access the network by using Routing and Remote Access.
What will you do to log all the logon activities?
A. On the Routing and Remote Access server, enable log authentication requests in auditing, and define the path for the log file in Remote Access Logging.
B. On the Routing and Remote Access server, enable log authentication requests in Remote Access Logging.
C. On the Routing and Remote Access server, enable log authentication requests in auditing.
D. Do nothing as the Windows 2000-based Routing and Remote Access server automatically creates a log record for each connection attempt.
Correct Answer: B
The Routing and Remote Access service can log all the records of authentication and accounting information for connection attempts when Windows authentication or accounting is enabled. This can be done by enabling the log authentication requests in the properties of the RemoteAccess Logging folder, in the Routing and Remote Access snap-in, where you can configure the type of activity to log, i.e., accounting or authentication activity and log file settings. This information is stored in the form of a log file in '%SystemRoot%System32LogFiles' folder. For each authentication attempt, the name of the remote access policy, that either accepted or rejected the connection attempt, is recorded. The logged information is useful to track remote access usage, and authentication attempts.
Question 14:
What is the extension of a Cascading Style Sheet?
A. .hts
B. .cs
C. .js
D. .css
Correct Answer: D
A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the
appearance and presentation of their Web pages. It has codes that are interpreted and applied by the browser on to the Web pages and their elements. CSS files have .css extension.
There are three types of Cascading Style Sheets:
1.
External Style Sheet
2.
Embedded Style Sheet
3.
Inline Style Sheet
Question 15:
Which of the following is a basic feature of the Unix operating system? (Choose three) A. It is highly portable across hardware.
B. All files can be individually protected using read, write, and execute permissions for the user, group, and others.
C. It allows all the modules to be loaded into memory.
D. A user can execute multiple programs at the same time from a single terminal.
Correct Answer: ABD
The basic features of Unix are as follows:
1.
Multi-user: It supports more than one user to access the system simultaneously through a set of terminals attached to a system.
2.
Multi-tasking: A user can execute multiple programs at the same time from a single terminal.
3.
Time sharing: The operating system shares CPU time among tasks.
4.
Portability: It is highly portable across hardware.
5.
Modularity: It allows only needed modules to be loaded into the memory.
6.
File structure: It has an inverted tree like file structure, with files and directories created within the file structure.
7.
Security: All files can be individually protected using read, write, and execute permissions for the user, group, and others.
8.
Network support: It uses the TCP/IP protocol.
9.
Advanced graphics: CAD-CAM applications perform the best in a Unix System with its varied support for graphics card.
Question 16:
Which of the following statements are true about a hot site?
A. It is a duplicate of the original site of the organization, with full computer systems as well as near- complete backups of user data.
B. It is the most inexpensive backup site.
C. It can be used within an hour for data recovery.
D. It is cheaper than a coldsite but more expensive than a worm site.
Correct Answer: AC
A hot site is a duplicate of the original site of the organization, with full computer systems as well as near- complete backups of user data. A hot site can be used within an hour for data recovery. The capacity of the hot site may or may not match the capacity of the original site depending on the organization's requirements. This type of backup site is the most expensive to operate. Hot sites are popular with organizations that operate real time processes such as financial institutions, government agencies, and ecommerce providers. the original site. A cold site is the most inexpensive type of backup site for an organization to operate since it does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. A warm site is, quite logically, a compromise between hot and cold in terms of resources and cost.
Question 17:
You have purchased a laptop that runs Windows Vista Home Premium. You want to protect your computer from malicious applications, such as spyware, while connecting to the Internet. You configure Windows Defender on your laptop to schedule scan daily at 2 AM as shown in the image below:
You want Windows Defender to scan the laptop for all the known spyware and other potentially unwanted software, including the latest one. You do not want to manually perform this task.
Which of the following actions will you perform to accomplish the task?
A. Create a scheduled task to download definition files for Windows Defender every Sunday.
B. Configure Windows Defender to use the definition file placed on the Microsoft Update site for scanning the laptop.
C. Select the Check for updated definitions before scanning check box in the Automatic Scanning section.
D. Click the arrow beside the Help button Click the Check for updates option.
Correct Answer: C
According to the question, Windows Defender should scan the laptop for all the known spyware and other potentially unwanted software, including the latest one. Windows Defender uses definitions to scan the system. Definitions are files that include the information of known spyware and potentially unwanted software. To scan a computer for the latest spyware, Windows Defender requires the latest definition files available on the Internet. For this, you have to configure Windows Defender to check for the latest definitions and download them, if available, before scanning the computer. Furthermore, the question also states that the task must be performed automatically. In order to accomplish the task, you will have to select the Check for updated definitions before scanning check box in the Automatic Scanning section.
Question 18:
What are the purposes of audit records on an information system? (Choose two)
A. Upgradation
B. Backup
C. Troubleshooting
D. Investigation
Correct Answer: CD
The following are the purposes of audit records on an information system:
1.
Troubleshooting
2.
Investigation
An IT audit is the process of collecting and evaluating records of an organization's information systems, practices, and operations. The evaluation of records provides evidence to determine if the information systems are safeguarding assets,
maintaining data integrity, and operating effectively and efficiently enough to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of
attestation engagement. Audit records are also used to troubleshoot system issues.
Answers A, B are incorrect. The audit records cannot be used for backup and upgradation purposes.
Question 19:
Which of the following statements are true about WPA?
A. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireless client.
B. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.
C. WPA-PSK converts the passphrase into a 256-bit key.
D. WPA provides better security than WEP.
Correct Answer: ABCD
WPA stands for Wi-Fi Protected Access. It is a wireless security standard. It provides better security than WEP (Wired Equivalent Protection). Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows:
WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit
key.
WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote AuthenticationDial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card
to connect to a WPA-EAP protected network. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used. To protect against a brute force attack, a truly random passphrase of 13 characters (selected from the
set of 95 permitted characters) is probably sufficient.
Question 20:
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to do RARP mapping from hardware mapping addresses to IP addresses.
Which of the following Unix configuration files can you use to accomplish the task?
A. /etc/dhcpd.conf
B. /etc/motd
C. /etc/exports
D. /etc/ethers
Correct Answer: D
In Unix, the/etc/ethers file is used by system administrators for RARP mapping from hardware mapping addresses to IP addresses.
Answer: A is incorrect. In Unix, the /etc/dhcpd.conf file is the configuration file for the DHCP server daemon.
Answer: C is incorrect. In Unix, the /etc/exports file describes exported file systems for NFS services. Answer: B is incorrect. In Unix, the /etc/motd file automatically displays the message of the day after a successful login.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GSNA exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.