Exam Details
Exam Code
:GPPAExam Name
:GIAC Certified Perimeter Protection AnalystCertification
:GIAC CertificationVendor
:GIACTotal Questions
:285 Q&AsLast Updated
:May 14, 2024
GIAC GIAC Certification GPPA Questions & Answers
-
Question 271:
Which of the following types of IP actions are supported by an IDP rulebase? (Choose three.)
A. Initiate rules of the rulebase
B. Notify
C. Drop/block session
D. Close connection
-
Question 272:
You work as a Network Administrator for ABC Inc. You want to configure Snort as an IDS for your
company's wireless network, but you are concerned that Snort does not support all types of traffic.
What traffic does Snort support?
Each correct answer represents a complete solution. (Choose all that apply.)
A. ICMP
B. UDP
C. TCP
D. IP
-
Question 273:
Which of the following parts of IP header is used to specify the correct place of the fragment in the original un-fragmented datagram?
A. Fragment offset
B. TTL
C. Source address
D. Fragment ID
-
Question 274:
An attacker changes the address of a sub-routine in such a manner that it begins to point to the address of the malicious code. As a result, when the function has been exited, the application can be forced to shift to the malicious code. The image given below explains this phenomenon:
Which of the following tools can be used as a countermeasure to such an attack?
A. SmashGuard B. Obiwan
C. Kismet
D. Absinthe
-
Question 275:
Which of the following forms on NAT maps multiple unregistered IP addresses to a single registered IP address by using different ports?
A. Overclocking
B. Dynamic NAT
C. Overloading
D. Static NAT
-
Question 276:
Which of the following tools is used to detect wireless LANs using the 802.11b, 802.11a, and 802.11g WLAN standards on the Windows platform?
A. Snort
B. NetStumbler
C. AiroPeek
D. Cain
-
Question 277:
Which of the following applications cannot proactively detect anomalies related to a computer?
A. NIDS
B. HIDS
C. Anti-virus scanner
D. Firewall installed on the computer
-
Question 278:
You work as a Network Administrator for ABC Inc. The company has a TCP/IP-based routed network. Two
routers have been configured on the network. A router receives a packet.
Which of the following actions will the router take to route the incoming packet?
Each correct answer represents a part of the solution. (Choose two.)
A. Read the source IP address.
B. Add the path covered by the packet to the routing table.
C. Use the routing table to determine the best path to the destination network address.
D. Read the destination IP address.
E. Use the routing table to determine the best path to the source network address.
-
Question 279:
Which of the following tools is an open source protocol analyzer that can capture traffic in real time?
A. Snort
B. NetWitness
C. Wireshark
D. Netresident
-
Question 280:
You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline.
This type of IDS is called __________.
A. Signature Based
B. Reactive IDS
C. Anomaly Based
D. Passive IDS
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GPPA exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.