Questions & Answers PDF Page 1
GIAC GCIA Exam GIAC Certified Intrusion Analyst
Thank you for Downloading GCIA exam PDF Demo
You can Buy Latest GCIA Full Version Download
https://www.certkillers.net/Exam/GCIA
https://www.certkillers.net Questions & AnswersPDF Pag e 2
Question: 1
Andrew worksas a S y s t e m Administrator f o r NetPerfect Inc.Allclient computers on the network run on Mac OS X. The Sales Manager of the company complains that his MacBook isnot able to boot. Andrew wa nts to check the booting process. Hesuspects that an error persists inthe bootloader of Mac OS X. Whichof the following isthe default bootloader on Mac OS X that he should use to r e s o l v e the issue?
A.LILO B. BootX C.NTLoader D. GRUB
Answer: B
Question: 2
Sasha wa nts to add an entry to yo u r DNS database f o r yo u r mailserver. Whichof the following types of resource records will she use to accomplish this?
A.ANAME B. SOA C.MX D. CNAME
Answer: C
Question: 3
John, a novice webuser, makesa new E-mailaccount and keeps his password as "apple", his f a v o r i t e fruit. John's password isvulnerable to whichof the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.
A.Dictionary attack B. Hybridattack C.Brute F o r c e attack D. Rule based attack
Answer: A, B, C
Question: 4
Whichof the following proxy servers isalso referred to as transparent proxies or f o r c e d proxies?
A.Tunneling proxy server
https://www.certkillers.net Questions & AnswersPDF Pag e 3
B. Reverse proxy server C.Anonymous proxy server D. Intercepting proxy server
Answer: D
Question: 5
Whichof the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. Choose two.
A.Itcan detect events scattered over the network. B. Itcan handle encrypted and unencrypted traffic equally. C.Itcannot detect events scattered over the network. D. Itisa technique that allows multiple computers to share one or moreIPaddresses.
Answer: B, C
Question: 6
Victor worksas a network administrator f o r DataSecu Inc.Heuses a dual firewall Demilitarized Zone (DMZ) to insulate the r e s t of the network from the portions that isavailable to the Internet. Whichof the following security threats mayoccur ifDMZ protocol attacks are performed? Each correct answer represents a complete solution. Choose all that apply.
A.Attacker can perform Zero Day attack by delivering a malicious payload that isnot a part of the intrusion detection/prevention systems guarding the network. B. Attacker can gain access to the W e b server ina DMZ and exploit the database. C.Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall ifitisdifferent. D. Attacker can exploit any protocol used to gointothe internal network or intranet of the com pany
Answer: A, B, D
Question: 7
Whichof the following isknown as a message digest? A.Hashfunction B. Hashing algorithm C.Spider D. Message authentication code
Answer: A
Question: 8
https://www.certkillers.net Questions & AnswersPDF Pag e 4
R y a n , a malicious hacker submits Cross-SiteScripting (XSS) exploit code to the W e b s i t e of Internet f o r u m f o r online discussion. Whena user visits the infected W e b page, code getsautomatically executed and R y a n can easily perform acts like account hijacking, history theft etc. Whichof the following types of Cross-SiteScripting attack R y a n intends to do?
A.Document Object Model (DOM) B. Nonpersistent C.SAX D. Persistent
Answer: D
Question: 9 Peter worksas a Technical Representative ina CSIRTf o r SecureEnet Inc.Histeam iscalled to investigatethe computer of an employee, whoissuspected f o r classified data theft. Suspect's computer runs on Windows operating system. Peter wa nts to collect data and evidences f o r further analysis. Heknows that inWindows operating system, the data issearched inpre-defined s t e p s f o r proper and efficient analysis. Whichof the following isthe correct order f o r searching data on a Windows based system?
A.Volatile data, file slack, r e g i s t r y , memory dumps, file system, system s t a t e backup, interne t traces B. Volatile data, file slack, file system, r e g i s t r y , memory dumps, system s t a t e backup, interne t traces C.Volatile data, file slack, internet traces, r e g i s t r y , memory dumps, system s t a t e backup, file system D. Volatile data, file slack, r e g i s t r y , system s t a t e backup, internet traces, file system, memory dumps
Answer: B
Question: 10
Y o u are the NetworkAdministrator f o r a largecorporate network. Y o u wa nt to monitor all network traffic on yo u r localnetwork f o r suspicious activities and receive a notification whena possible attack isinprocess. Whichof the following actions will yo u t a k e f o r this?
A.Enable verboselogging on the firewall B. Installa network-based IDS C.Installa DMZ firewall D. Installa host-based IDS
Answer: B
Question: 1 1 Adamworksas a professional Computer HackingF o r e n s i c Investigator.Hewa nts to investigatea suspicious email that issent using a Microsoft Exchange server. Whichof the following files will he review to accomplish the t a s k ? Each correct answer represents a part of the solution. Choose all that apply.
A.Checkpoint files
https://www.certkillers.net Questions & AnswersPDF Pag e 5
B. EDBand STM database files C.T e m p o r a r y files D. cookie files
Answer: A, B, C
Question: 12 This isa Windows-based tool that isused f o r the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The mainfeatures of these tools are as follows: l Itdisplays the signal strength of a wireless network, MAC address, SSID, channel details, etc. l Itiscommonly used f o r the following purposes: a. W a r driving b. Detecting unauthorized access points c. Detecting causes of interference on a WLAN d. WEPICVerror tracking e. Making Graphs and Alarmson 802.11 Data, including Signal Strength This tool isknown as ______.
A.Kismet B. Absinthe C.NetStumbler D. THC-Scan
Answer: C
Question: 13 John, a novice webuser, makesa new E-mailaccount and keeps his password as "apple", his f a v o r i t e fruit. John's password isvulnerable to whichof the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.
A.Brute F o r c e attack B. Dictionary attack C.Rule based attack D. Hybridattack
Answer: A,B,D
Question: 14 Mark worksas a NetworkSecurity Administrator f o r BlueWells Inc.The company has a Windowsbased network. Mark isgiving a presentation on Networksecurity threats to the newly recruited employees of the company. Hispresentation isabout the Externalthreats that the company recently f a c e d inthe past. Whichof the following statements are true about e x t e r n a l threats? Each correct answer represents a complete solution. Choose three.
A.These threats can be countered by implementing security controls on the perimeters of the
https://www.certkillers.net Questions & AnswersPDF Pag e 6
network, such as firewalls, whichlimit user access to the Internet. B. These are the threats intended to flood a network withlargevolumesof access requests. C.These are the threats that originate from outside an organization inwhichthe attacker attempts to gain unauthorized access. D. These are the threats that originate from within the organization.
Answer: A,B,C
Question: 15 SSH isa network protocol that allows data to be exchanged between two networks using a secure channel. Whichof the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.
A.Blowfish B. IDEA C.DES D. RC4
Answer: A, B, C
Question: 16 Adamworksas a Security Analystf o r Umbrella Inc.Heisperforming r e a l - ti m e traffic analysis on IP networks using Snort. Adamisf a c i n g problems inanalyzing intrusion data. Whichof the following software combined withSnort can Adamuse to geta visualrepresentation of intrusion data? Each correct answer represents a complete solution. Choose all that apply.
A.Basic Analysis and Security Engine (BASE) B. sguil C.KFSensor D. OSSIM
Answer: A, B, D
Question: 17 Mark worksas a NetworkSecurity Administrator f o r BlueWells Inc.The company has a Windowsbased network. Mark isgiving a presentation on Networksecurity threats to the newly recruited employees of the company. Hispresentation isabout the Externalthreats that the company recently f a c e d inthe past. Whichof the following statements are true about e x t e r n a l threats? Each correct answer represents a complete solution. Choose three.
A.These are the threats that originate from outside an organization inwhichthe attacker attempts to gain unauthorized access. B. These are the threats that originate from within the organization. C.These are the threats intended to flood a network withlargevolumesof access requests. D. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, whichlimit user access to the Internet.
https://www.certkillers.net Questions & AnswersPDF Pag e 7
Answer: A, C, D
Question: 18 Whichof the following file systems isdesigned by Sun Microsystems?
A.NTFS B. CIFS C.ZFS D. e x t 2
Answer: C
Question: 19 Y o u workas a NetworkAdministrator f o r T e c h Perfect Inc.The office network isconfigured as an IPv6 network. Y o u have to configure a computer withthe IPv6address, whichisequivalent to an IPv4 publicly routable address. Whichof the following types of addresses will yo u choose?
A.Site-local B. Global unicast C.Local-link D. Loopback
Answer: B
Question: 20 Whichof the following isthe default port f o r Simple NetworkManagement Protocol (SNMP)?
A.TCP port 110 B. TCP port 25 C.TCP port 80 D. UDPport 161
Answer: D
https://www.certkillers.net Questions & Answers PDF Page 8
Thank You for trying GCIA PDF Demo
To Buy Latest GCIA Full Version Download visit link below
https://www.certkillers.net/Exam/GCIA
Start Your GCIA Preparation
[Limited Time Offer] Use Coupon “CKNET” for Further discount on your purchase. Test your GCIA preparation with actual exam questions.
https://www.certkillers.net