Refined GIAC GISF Free Exam Online

Proper study guides for Updated GIAC GIAC Information Security Fundamentals certified begins with GIAC GISF preparation products which designed to deliver the Pinpoint GISF questions by making you pass the GISF test at your first time. Try the free GISF demo right now.

GIAC GISF Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1

Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.

  • A. It is a digital representation of information that identifies users.
  • B. It uses asymmetric key pairs.
  • C. It provides security using data encryption and digital signature.
  • D. It uses symmetric key pairs.

Answer: BC

NEW QUESTION 2

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

  • A. Snort
  • B. Wireshark
  • C. NetWitness
  • D. Netresident

Answer: B

NEW QUESTION 3

The Intrusion Detection System (IDS) instructs the firewall to reject any request from a particular IP address if the network is repeatedly attacked from this address. What is this action known as?

  • A. Sending deceptive e-mails
  • B. Sending notifications
  • C. Shunning
  • D. Logging
  • E. Spoofing
  • F. Network Configuration Changes

Answer: F

NEW QUESTION 4

John works as a Network Administrator for Perfect Solutions Inc. The company has a
Linux-based network. The company is aware of various types of security attacks and wants to impede them. Hence, management has assigned John a project to port scan the company's Web Server. For this, he uses the nmap port scanner and issues the following command to perform idle port scanning:
nmap -PN -p- -sI IP_Address_of_Company_Server
He analyzes that the server's TCP ports 21, 25, 80, and 111 are open.
Which of the following security policies is the company using during this entire process to mitigate the risk of hacking attacks?

  • A. Audit policy
  • B. Antivirus policy
  • C. Non-disclosure agreement
  • D. Acceptable use policy

Answer: A

NEW QUESTION 5

John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He analyzes that the company has blocked all ports except port 80.
Which of the following attacking methods can he use to send the dangerous software protocols?

  • A. HTTP tunneling
  • B. URL obfuscation
  • C. Banner grabbing
  • D. MAC spoofing

Answer: A

NEW QUESTION 6

Bluetooth uses the ______ specification in the _____ band with FHSS technology.

  • A. IEEE 802.11, 2.4-2.5 GHz
  • B. IEEE 802.11, 1.4-2.5 GHz
  • C. IEEE 802.15, 1.5-2.0 GHz
  • D. IEEE 802.15, 2.4-2.5 GHz

Answer: D

NEW QUESTION 7

You work as a Network Administrator for Net World Inc. The company has a TCP/IP-based network.
You have configured an Internet access router on the network. A user complains that he is unable to access a resource on the Web. You know that a bad NAT table entry is causing the issue. You decide to clear all the entries on the table. Which of the following commands will you use?

  • A. show ip dhcp binding
  • B. ipconfig /flushdns
  • C. ipconfig /all
  • D. clear ip nat translation *

Answer: D

NEW QUESTION 8

You and your project team want to perform some qualitative analysis on the risks you have identified and documented in Project Web Access for your project. You would like to create a table that captures the likelihood and affect of the risk on the project. What type of a chart or table would you like to create for the project risks?

  • A. Risk Breakdown Structure
  • B. Risk Probability and Impact Matrix
  • C. Risk Review Table
  • D. Risk Impact and Affect Matrix

Answer: B

NEW QUESTION 9

Which two security components should you implement on the sales personnel portable computers to increase security?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

  • A. Remote access policy
  • B. L2TP over IPSec
  • C. PPTP
  • D. Remote Authentication Dial-In User Service (RADIUS)
  • E. Encrypting File System (EFS)

Answer: BE

NEW QUESTION 10

Which of the following types of cipher encrypts alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword?

  • A. Block cipher
  • B. Transposition cipher
  • C. Vigen re cipher
  • D. Stream cipher

Answer: C

NEW QUESTION 11

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

  • A. Availability
  • B. Integrity
  • C. Confidentiality
  • D. Authenticity

Answer: C

NEW QUESTION 12

Which of the following protocols provides connectionless integrity and data origin authentication of IP packets?

  • A. ESP
  • B. IKE
  • C. ISAKMP
  • D. AH

Answer: D

NEW QUESTION 13

Which of the following statements about Secure Shell (SSH) are true? Each correct answer represents a complete solution. Choose three.

  • A. It was designed as a replacement for TELNET and other insecure shells.
  • B. It is a network protocol used primarily on Linux and Unix based systems.
  • C. It allows data to be exchanged using a secure channel between two networked devices.
  • D. It is the core routing protocol of the Internet.

Answer: ABC

NEW QUESTION 14

You work as the project manager for Bluewell Inc. Your project has several risks that will affect several stakeholder requirements. Which project management plan will define who will be available to share information on the project risks?

  • A. Risk Management Plan
  • B. Communications Management Plan
  • C. Stakeholder management strategy
  • D. Resource Management Plan

Answer: B

NEW QUESTION 15

Which of the following viruses is designed to prevent antivirus researchers from examining its code by using various methods that make tracing and disassembling difficult?

  • A. Multipartite virus
  • B. Polymorphic virus
  • C. Armored virus
  • D. Stealth virus

Answer: C

NEW QUESTION 16

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

  • A. Quantitative analysis
  • B. Qualitative analysis
  • C. Estimate activity duration
  • D. Risk identification

Answer: B

NEW QUESTION 17

Kelly is the project manager of the NNQ Project for her company. This project will last for one year and has a budget of $350,000. Kelly is working with her project team and subject matter experts to begin the risk response planning process. When the project manager begins the plan risk response process, what two inputs will she need?

  • A. Risk register and the results of risk analysis
  • B. Risk register and the risk response plan
  • C. Risk register and the risk management plan
  • D. Risk register and power to assign risk responses

Answer: C

NEW QUESTION 18

Which of the following protocols work at the Network layer of the OSI model?

  • A. Internet Group Management Protocol (IGMP)
  • B. Simple Network Management Protocol (SNMP)
  • C. Routing Information Protocol (RIP)
  • D. File Transfer Protocol (FTP)

Answer: AC

NEW QUESTION 19
......

P.S. Easily pass GISF Exam with 333 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam GISF Dumps: https://www.surepassexam.com/GISF-exam-dumps.html (333 New Questions)