Questions & Answers PDF Page 1

GIAC GCIA Exam GIAC Certified Intrusion Analyst

Thank you for Downloading GCIA exam PDF Demo

You can Buy Latest GCIA Full Version Download

https://www.certkillers.net/Exam/GCIA

https://www.certkillers.net Questions & AnswersPDF Pag e 2

Question: 1

Andrew worksas a S y s t e m Administrator f o r NetPerfect Inc.Allclient computers on the network run on Mac OS X. The Sales Manager of the company complains that his MacBook isnot able to boot. Andrew wa nts to check the process. Hesuspects that an error persists inthe of Mac OS X. Whichof the following isthe default bootloader on Mac OS X that he should use to r e s o l v e the issue?

A.LILO B. BootX C.NTLoader D. GRUB

Answer: B

Question: 2

Sasha wa nts to add an entry to yo u r DNS database f o r yo u r mailserver. Whichof the following types of resource records will she use to accomplish this?

A.ANAME B. SOA C.MX D. CNAME

Answer: C

Question: 3

John, a novice webuser, makesa new E-mailaccount and keeps his password as "apple", his f a v o r i t e fruit. John's password isvulnerable to whichof the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.

A. attack B. Hybridattack C.Brute F o r c e attack D. Rule based attack

Answer: A, B, C

Question: 4

Whichof the following proxy servers isalso referred to as transparent proxies or f o r c e d proxies?

A.Tunneling proxy server

https://www.certkillers.net Questions & AnswersPDF Pag e 3

B. Reverse proxy server C.Anonymous proxy server D. Intercepting proxy server

Answer: D

Question: 5

Whichof the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. Choose two.

A.Itcan detect events scattered over the network. B. Itcan handle encrypted and unencrypted traffic equally. C.Itcannot detect events scattered over the network. D. Itisa technique that allows multiple computers to share one or moreIPaddresses.

Answer: B, C

Question: 6

Victor worksas a network administrator f o r DataSecu Inc.Heuses a dual firewall Demilitarized Zone (DMZ) to insulate the r e s t of the network from the portions that isavailable to the Internet. Whichof the following security threats mayoccur ifDMZ protocol attacks are performed? Each correct answer represents a complete solution. Choose all that apply.

A.Attacker can perform Zero Day attack by delivering a malicious payload that isnot a part of the intrusion detection/prevention systems guarding the network. B. Attacker can gain access to the W e b server ina DMZ and exploit the database. C.Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall ifitisdifferent. D. Attacker can exploit any protocol used to gointothe internal network or intranet of the com pany

Answer: A, B, D

Question: 7

Whichof the following isknown as a message digest? A.Hashfunction B. Hashing algorithm C.Spider D. Message authentication code

Answer: A

Question: 8

https://www.certkillers.net Questions & AnswersPDF Pag e 4

R y a n , a malicious hacker submits Cross-SiteScripting (XSS) exploit code to the W e b s i t e of Internet f o r u m f o r online discussion. Whena user visits the infected W e b page, code getsautomatically executed and R y a n can easily perform acts like account hijacking, history theft etc. Whichof the following types of Cross-SiteScripting attack R y a n intends to do?

A.Document Object Model (DOM) B. Nonpersistent C.SAX D. Persistent

Answer: D

Question: 9 Peter worksas a Technical Representative ina CSIRTf o r SecureEnet Inc.Histeam iscalled to investigatethe computer of an employee, whoissuspected f o r classified data theft. Suspect's computer runs on Windows . Peter wa nts to collect data and evidences f o r further analysis. Heknows that inWindows operating system, the data issearched inpre-defined s t e p s f o r proper and efficient analysis. Whichof the following isthe correct order f o r searching data on a Windows based system?

A.Volatile data, file slack, r e g i s t r y , memory dumps, file system, system s t a t e backup, interne t traces B. Volatile data, file slack, file system, r e g i s t r y , memory dumps, system s t a t e backup, interne t traces C.Volatile data, file slack, internet traces, r e g i s t r y , memory dumps, system s t a t e backup, file system D. Volatile data, file slack, r e g i s t r y , system s t a t e backup, internet traces, file system, memory dumps

Answer: B

Question: 10

Y o u are the NetworkAdministrator f o r a largecorporate network. Y o u wa nt to monitor all network traffic on yo u r localnetwork f o r suspicious activities and receive a notification whena possible attack isinprocess. Whichof the following actions will yo u t a k e f o r this?

A.Enable verboselogging on the firewall B. Installa network-based IDS C.Installa DMZ firewall D. Installa host-based IDS

Answer: B

Question: 1 1 Adamworksas a professional Computer HackingF o r e n s i c Investigator.Hewa nts to investigatea suspicious email that issent using a Microsoft Exchange server. Whichof the following files will he review to accomplish the t a s k ? Each correct answer represents a part of the solution. Choose all that apply.

A.Checkpoint files

https://www.certkillers.net Questions & AnswersPDF Pag e 5

B. EDBand STM database files C.T e m p o r a r y files D. cookie files

Answer: A, B, C

Question: 12 This isa Windows-based tool that isused f o r the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The mainfeatures of these tools are as follows: l Itdisplays the signal strength of a wireless network, MAC address, SSID, channel details, etc. l Itiscommonly used f o r the following purposes: a. W a r driving b. Detecting unauthorized access points c. Detecting causes of interference on a WLAN d. WEPICVerror tracking e. Making Graphs and Alarmson 802.11 Data, including Signal Strength This tool isknown as ______.

A.Kismet B. Absinthe C.NetStumbler D. THC-Scan

Answer: C

Question: 13 John, a novice webuser, makesa new E-mailaccount and keeps his password as "apple", his f a v o r i t e fruit. John's password isvulnerable to whichof the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.

A.Brute F o r c e attack B. Dictionary attack C.Rule based attack D. Hybridattack

Answer: A,B,D

Question: 14 Mark worksas a NetworkSecurity Administrator f o r BlueWells Inc.The company has a Windowsbased network. Mark isgiving a presentation on Networksecurity threats to the newly recruited employees of the company. Hispresentation isabout the Externalthreats that the company recently f a c e d inthe past. Whichof the following statements are true about e x t e r n a l threats? Each correct answer represents a complete solution. Choose three.

A.These threats can be countered by implementing security controls on the perimeters of the

https://www.certkillers.net Questions & AnswersPDF Pag e 6

network, such as firewalls, whichlimit user access to the Internet. B. These are the threats intended to flood a network withlargevolumesof access requests. C.These are the threats that originate from outside an organization inwhichthe attacker attempts to gain unauthorized access. D. These are the threats that originate from within the organization.

Answer: A,B,C

Question: 15 SSH isa network protocol that allows data to be exchanged between two networks using a secure channel. Whichof the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.

A.Blowfish B. IDEA C.DES D. RC4

Answer: A, B, C

Question: 16 Adamworksas a Security Analystf o r Umbrella Inc.Heisperforming r e a l - ti m e traffic analysis on IP networks using Snort. Adamisf a c i n g problems inanalyzing intrusion data. Whichof the following combined withSnort can Adamuse to geta visualrepresentation of intrusion data? Each correct answer represents a complete solution. Choose all that apply.

A.Basic Analysis and Security Engine (BASE) B. sguil C.KFSensor D. OSSIM

Answer: A, B, D

Question: 17 Mark worksas a NetworkSecurity Administrator f o r BlueWells Inc.The company has a Windowsbased network. Mark isgiving a presentation on Networksecurity threats to the newly recruited employees of the company. Hispresentation isabout the Externalthreats that the company recently f a c e d inthe past. Whichof the following statements are true about e x t e r n a l threats? Each correct answer represents a complete solution. Choose three.

A.These are the threats that originate from outside an organization inwhichthe attacker attempts to gain unauthorized access. B. These are the threats that originate from within the organization. C.These are the threats intended to flood a network withlargevolumesof access requests. D. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, whichlimit user access to the Internet.

https://www.certkillers.net Questions & AnswersPDF Pag e 7

Answer: A, C, D

Question: 18 Whichof the following file systems isdesigned by Sun Microsystems?

A.NTFS B. CIFS C.ZFS D. e x t 2

Answer: C

Question: 19 Y o u workas a NetworkAdministrator f o r T e c h Perfect Inc.The office network isconfigured as an IPv6 network. Y o u have to configure a computer withthe IPv6address, whichisequivalent to an IPv4 publicly routable address. Whichof the following types of addresses will yo u choose?

A.Site-local B. Global unicast C.Local-link D. Loopback

Answer: B

Question: 20 Whichof the following isthe default port f o r Simple NetworkManagement Protocol (SNMP)?

A.TCP port 110 B. TCP port 25 C.TCP port 80 D. UDPport 161

Answer: D

https://www.certkillers.net Questions & Answers PDF Page 8

Thank You for trying GCIA PDF Demo

To Buy Latest GCIA Full Version Download visit link below

https://www.certkillers.net/Exam/GCIA

Start Your GCIA Preparation

[Limited Time Offer] Use Coupon “CKNET” for Further discount on your purchase. Test your GCIA preparation with actual exam questions.

https://www.certkillers.net