GSLC

Card Set Information

Author:
ryant
ID:
145118
Filename:
GSLC
Updated:
2012-04-01 23:03:10
Tags:
GIAC GSLC Security
Folders:

Description:
GIAC Security Leadership Course (GSLC) exam study
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user ryant on FreezingBlue Flashcards. What would you like to do?


  1. Which of the following is used to describe the type of FTP access in which a user does not have permissions to list the contents of directories, but can access the contents if he knows the path and file name?
    A. Secure FTP
    B. Passive FTP
    C. Hidden FTP
    D. Blind FTP
    D. Blind FTP. Blind FTP means that the user cannot see the names of files in the FTP site's directory. They can only download from the FTP site files whose names they already know, and when they upload a file, it does not appear in the directory.
    (this multiple choice question has been scrambled)
  2. Which system is designed to analyze, detect, and report on security-related events?
    A. HIPS
    B. NIPS
    C. NIDS
    D. HIDS
    B. NIPS
    (this multiple choice question has been scrambled)
  3. Which of the following viruses is designed to prevent antivirus researchers from examining its code by using various methods that make tracing and disassembling difficult?
    A. Polymorphic virus
    B. Multipartite virus
    C. Armored virus
    D. Stealth virus
    C. Armored virus. An armored virus is a type of virus that has been designed to thwart attempts by analysts from examining its code by using various methods to make tracing, disassembling, and reverse engineering more difficult.
    (this multiple choice question has been scrambled)
  4. Which of the following provides security by implementing authentication and encryption on Wireless LAN (WLAN)?
    A. WEP
    B. WAP
    C. L2TP
    D. IPSec
    A. WEP. Wired Equivalent Privacy is a weak security algorithm for IEEE 802.11 wireless networks.
    (this multiple choice question has been scrambled)
  5. Which of the following are the examples of administrative controls? (Choose all that apply.)
    A. Security policy
    B. Auditing
    C. Security awareness training
    D. Data backup
    • A. Security policy
    • C. Security awareness training
  6. John works as a programmer for We-Are-Secure, Inc. On one of his routine visits to the company, he noted down the passwords of the employees while they are typing on their comuter screens. Which of the following social engineering attacks did he just perform?
    A. Important user posing
    B. Authorization by third party
    C. Shoulder surfing
    D. Dumpster diving
    C. Shoulder surfing. Shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get information.
    (this multiple choice question has been scrambled)
  7. Choose the firewall profiles supported by Windows Server 2008 and Windows Vista:
    A. Private profile
    B. User profile
    C. Domain profile
    D. Public profile
    B. User profile
    (this multiple choice question has been scrambled)
  8. Which of the following encryption algorithms is applied in the PGP encryption system?
    A. IDEA
    B. Blowfish
    C. TDE
    D. Triple DES
    A. IDEA. International Data Encryption Algorithm (IDEA) is a symmetric block cipher, intended as a replacement for the Data Encryption Standard (DES).
    (this multiple choice question has been scrambled)
  9. - No external traffic should be allowed into the network.
    - Administrators should be able to restrict the websites which can be accessed by the internal users.
    Which of the following technologies should be used to accomplish the above goals?
    A. Network Address Translation (NAT)
    B. Internet Connection Sharing (ICS)
    C. Routing and Remote Access Service (RRAS)
    D. Firewall
    E. Proxy server
    E. Proxy server. A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers.
    (this multiple choice question has been scrambled)
  10. Which of the following are the goals of risk management? (Choose all that apply.)
    A. Identifying the risk
    B. Finding an economic balance between the impact of the risk and the cost of the countermeasure
    C. Identifying the accused
    D. Assessing the impact of potential threats
    • A. Identifying the risk
    • B. Finding an economic balance between the impact of the risk and the cost of the countermeasure
    • D. Assessing the impact of potential threats
  11. The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just the packets addressed to it. Which of the following tools works by placing the host system network card into the promiscuous mode?
    A. THC-Scan
    B. Snort
    C. Sniffer
    D. NetStumbler
    C. Sniffer. A sniffer is a computer program or piece of hardware that can intercept and log traffic passing over a network.
    (this multiple choice question has been scrambled)
  12. The project team has been completing their work on time and there is still $75,000 left in the project budget. Janet decides to have the project team implement some extra features to use all of the budget. This is an example of:
    A. Change management
    B. Value added change
    C. Scope creep
    D. Gold plating
    D. Gold plating. Gold plating refers to the addition of any feature not considered in the original scope plan.
    (this multiple choice question has been scrambled)
  13. You are responsible for security at a compnay that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?
    A. Vulnerability scanning
    B. Automated penetration testing
    C. Code review
    D. Manual penetration testing
    A. Vulnerability scanning. A vulnerability scanner is a computer program designed to assess computers, computer systems, networks, or applications for weaknesses.
    (this multiple choice question has been scrambled)
  14. Single Loss Expectancy = Asset value x ____:
    A. Annualized Rate of Occurrence (ARO)
    B. Annualized Loss Expectancy (ALE)
    C. Exposure Factor (EF)
    C. Exposure Factor (AF)
    (this multiple choice question has been scrambled)
  15. A ___ is a computer system on the Internet that is expressly set up to attract and trap people who attempt to penetrate other people's computer systems.
    Honeypot. A honeypot is a trap set to detect, deflect, or in some manner couteract attempts at unauthorized use of information systems.
  16. Which of the following protocols is used as a transport protocol for Internet dial-up connections?
    A. PPP
    B. SNMP
    C. DHCP
    D. SMTP
    A. PPP. Point-to-Point Protocol is a data link protocol commonly used in establishing a direct connection between two networking nodes.
    (this multiple choice question has been scrambled)
  17. You want to ensure your message cannot be read by anyone but the recipient. Which of the following keys will you use to encrypt the message?
    A. Your private key
    B. The recipient's private key
    C. The recipient's public key
    D. Your public key
    C. The recipient's public key
    (this multiple choice question has been scrambled)
  18. Which of the following programs can collect various types of personal information, such as internet surfing habits and web sites that the user has visited?
    A. Worm
    B. Malware
    C. Spyware
    D. Honeypot
    C. Spyware. Spyware is a type of malware that can be installed on computers which collects small pieces of information about users without their knowledge.
    (this multiple choice question has been scrambled)
  19. Which of the following applications would be considered a data warehousing application?
    A. Fraud detection
    B. eCommerce site
    C. Badge reader
    D. Golf score tracking
    A. Fraud detection. A data warehouse (DW) is a database used for reporting. The data stored in the warehouse is uploaded from the operational systems. DWs are optimized for speed of data analysis.
    (this multiple choice question has been scrambled)
  20. Which of the following options is an approach to restricting system access to authorized users?
    A. MAC
    B. DAC
    C. MIC
    D. RBAC
    D. RBAC. Role-Based Access Control is an approach to restricting system access to authorized users. It is a newer alternative approach to Mandatory Access Control (MAC) and Discretionary Access Control (DAC).
    (this multiple choice question has been scrambled)
  21. Mark is deploying an 802.11 WLAN using WEP. Client computers must be able to automatically connect to the network, but unauthorized computers must not be allowed to view or connect to the network. What will accomplish this?
    A. Configure the authentication type for the WLAN to Open
    B. Install a firewall software on each WAP
    C. Configure the authentication type for the WLAN to Shared
    D. Disable SSID broadcast and enable MAC filtering on all WAPs
    E. Broadcast SSID to connect to the access point (AP)
    F. On each client computer, add the SSID for the WLAN as the preferred network
    • C. Configure the authentication type for the WLAN to Shared
    • D. Disable SSID broadcast and enable MAC filtering on all WAPs
    • F. On each client computer, add the SSID for the WLAN as the preferred network
  22. You have determined that any vendor that would like to bid on your project must have a MCSE on staff, eight years of Cisco experience, and at least two references from similar projects. What have you created?
    A. Weighting system for the vendors
    B. Preferred vendor list
    C. Bidders conference
    D. Screening system for the vendors
    D. Screening system for the vendors
    (this multiple choice question has been scrambled)
  23. Which of the following tools is based on Linux and used to carry out penetration testing?
    A. JPlag
    B. Vedit
    C. Ettercap
    D. BackTrack
    D. BackTrack. BackTrack is a GNU/Linux distribution aimed at digital forensics use and penetration testing. JPlag is a plaigiarism detection tool aiming to detect similarities among source code files. Vedit a text editor. Ettercap is a multipurpose sniffer/interceptro/logger for a switched LAN.
    (this multiple choice question has been scrambled)
  24. A ___ router performs packet-filtering and is used as a firewall.
    screening
  25. Which of the following IEEE standards can be sniffed with Kismet? (Choose all that apply.)
    A. 802.11a
    B. 802.11b
    C. 802.11g
    D. 802.11n
    E. All of the above
    E. All of the above
  26. Which of the following is NOT a part of the Project Procurement Management Knowledge Area?
    A. Contract administration
    B. Plan purchases and acquisitions
    C. Develop project management plan
    D. Request seller responses
    C. Develop project management plan
    (this multiple choice question has been scrambled)
  27. You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network. Which of the following network zones will you create to accomplish this task?
    A. Autonomous system area (AS)
    B. Site network area
    C. Border network area
    D. Demilitarized Zone (DMZ)
    C. Border network area
    (this multiple choice question has been scrambled)
  28. Which of the following are countermeasures to prevent unauthorized database access attacks? (Choose all that apply.)
    A. Session encryption
    B. Removing all stored procedures
    C. Input sanitization
    D. Applying strong firewall rules
    E. All of the above
    E. All of the above
  29. Which interface does an IPS sensor use to communicate with a security appliance for management purposes?
    A. Command and control interface
    B. User interface
    C. Monitoring interface
    D. Management interface
    A. Command and control interface
    (this multiple choice question has been scrambled)
  30. An attacker makes an attempt against a web server. The result is tha tthe attack takes the form of URLs. These URLs search for a certain string that identifies an attack against the web server. Which IDS/IPS detection method do the URLs use to detect and prevent an attack?
    A. Signature-based detection
    B. Honey pot detection
    C. Anamoly-based detection
    D. Policy-based detection
    A. Signature-based detection. Signature-based IDS monitors packets in the network and compares them with preconfigured and predetermined attack patterns known as signatures. Anomaly-based IDS determines normal network activity and alerts when abnormal traffic is detected.
    (this multiple choice question has been scrambled)
  31. Which of the following is used to communicate with an authentication server commonly used in UNIX networks?
    A. MS-CHAP
    B. IPX/SPX
    C. TACACS
    D. SMTP
    C. TACACS. Terminal Access Controller Access Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. MS-CHAP is the MS version of the challenge-handshake protocol. IPX and SPX are networking protocols on Novell Netware OS. SMTP is an internet standard for e-mail transmission across IP networks.
    (this multiple choice question has been scrambled)
  32. Which of the following backup sites takes the longest recovery time?
    A. Warm site
    B. Hot site
    C. Mobile backup site
    D. Cold site
    D. Cold site
    (this multiple choice question has been scrambled)
  33. Which of the following features of IE prevent users from a type of scam that entices users to disclose personal information such as social security number, bank account details, or credit card number?
    A. Cookie
    B. Content advisor
    C. Pop-up blocker
    D. Phishing filter
    D. Phishing filter
    (this multiple choice question has been scrambled)
  34. You want to have secure communication on the company's intranet. You decide to use public and private key pairs. What will you implement to accomplish this?
    A. Certificate server
    B. FTP server
    C. VPN
    D. Microsoft Internet Information Server (IIS)
    A. Certificate server. Certificate servers validate, or certify, keys as part of a Public Key Infrastructure.
    (this multiple choice question has been scrambled)
  35. You have installed Windows Vista Home Premium. The computer is connected through an ADSL connection. You want to protect yourself from traps of fraudulent sites. Which of the following IE7 features will you use?
    A. Protected mode
    B. Pop-up blocker
    C. Privacy settings
    D. Phishing filter
    D. Phishing filter
    (this multiple choice question has been scrambled)
  36. You have detected what appears to be an unauthorized WAP on your network. However this WAP has the same MAC address as one of your real WAPs and is broadcasting a stronger signal. What is this called?
    A. DOS
    B. Bluesnarfing
    C. WAP cloning
    D. The evil twin attack
    D. The evil twin attack
    (this multiple choice question has been scrambled)
  37. What is the purpose of cryptography?
    A. Protect information from unauthorized access
    B. Protect connections from intrusion
    C. Protect users from identification
    D. All of the above
    A. Cryptography is used to protect information from unauthorized access, whether that information is stored or transmitted. The technique will encrypt the data and decrypt it when required.
    (this multiple choice question has been scrambled)
  38. What is the primary model for creating security policies?
    A. Allow everything unless specifically denied
    B. Deny everything unless specifically allowed
    C. All policies are essentially unenforceable
    D. Only create enforceable policies
    B. Deny everything unless specifically allowed.
    (this multiple choice question has been scrambled)
  39. What is the insecure area between a trusted network and untrusted network called?
    A. Supernet
    B. VPN
    C. Subnet
    D. DMZ
    D. DMZ. A demilitarized zone is a prescribed insecure area between a trusted network and an untrusted network.
    (this multiple choice question has been scrambled)
  40. Which of the following is not a responsibility of facility security?
    A. Building materials
    B. Computer and network
    C. Health and safety concerns
    D. Facility age
    B. The physical security responsibilities revolve around the site layout, building materials, builiding age, provision of the infrastructure, and requirements of health and safety.
    (this multiple choice question has been scrambled)
  41. Which of the following is a symmetric algorithm used in encrypting information?
    A. CAST
    B. Diffie-Hellmann
    C. RSA
    D. EL Gamal
    A. Symmetric algorithms use a single cryptographic key to encrypt and decrypt a message. The most popular types are DES, AES, and CAST.
    (this multiple choice question has been scrambled)
  42. What is the term used to recognize the function of DNS server designated to handle queries for resolving external DNS domain names by sending requests to another DNS server?
    A. DNS forwarder
    B. No term exists
    C. DNS client
    D. DNS router
    A. A DNS server which sends queries to other servers to resolve external or offsite DNS domain names is called a forwarder.
    (this multiple choice question has been scrambled)
  43. Which of the following is a quantitative assessment used in risk management?
    A. Failure Modes and Effect Analysis
    B. NIST SP 800-66
    C. OCTAVE
    D. CRAMM
    A. Risk assessments are either qualitative or quantitative. Quantitative assessments include Spanning Tree Analysis and Failure Modes and Effect Analysis.
    (this multiple choice question has been scrambled)
  44. In decision tree analysis, which node is the start of the decision tree?
    A. Root ndoe
    B. Decision node
    C. Event node
    D. End node
    A. The root node is the start of the decision tree in decision tree analysis.
    (this multiple choice question has been scrambled)
  45. What type of incident is cyberstalking considered to be?
    A. Harassment
    B. Extortion
    C. Reconnaissance
    D. Repudiation
    A. Cyberstalking is a form of harassment which uses electronic devices to track a person's activities.
    (this multiple choice question has been scrambled)
  46. What is the technique used to store accessed information temporarily called?
    A. Forwarding
    B. Zoning
    C. Namespace
    D. Caching
    D. Caching is the technique used to temporarily store recently accessed information.
    (this multiple choice question has been scrambled)
  47. What character is used to represent an invalid character in DNS names?
    A. Hyphen
    B. Ampersand
    C. Asterisk
    D. Question mark
    A. DNS names can consist of upper and lower case letters, numbers, and hyphens. Invalid characters are replaced by hyphens.
    (this multiple choice question has been scrambled)
  48. Which of the following is not considered a layer of a Defense-in-Depth solution?
    A. Antivirus software
    B. Routers and firewalls
    C. Proxy servers
    D. Application servers
    D. Application servers are not themselves a component of the Defense-in-Depth solution, however, software such as host-based IDS may be installed on the server which would be considered a Defense-in-Depth component of the solution.
    (this multiple choice question has been scrambled)
  49. Which key standard was developed for financial institutions to transmit securities across electronic mediums?
    A. X.509
    B. ANSI X9.17
    C. PKI
    D. None of the above
    B. ANSI X9.17 was developed for financial institutions. It uses a heirarchical approach to ensure keys are secure.
    (this multiple choice question has been scrambled)
  50. What risk analysis program is a strategic assessment and planning technique used for understanding security.
    A. COBRA
    B. OCTAVE
    C. RADIUS
    D. DELPHI
    B. RADIUS is an authentication tool. Operational Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a risk-based strategic assessment and planning technique.
    (this multiple choice question has been scrambled)
  51. What analysis method used by IDS solutions identifies unacceptable behavior based on deviations from standards set by RFC documents?
    A. Pattern matching
    B. Protocol anomaly
    C. Stateful matching
    D. Statistical anomaly
    B. Protocol anomaly-based IDS solutions identify deviations from RFC standards, as well as attacks not having signatures. Well-defined protocols will reduce the number of false-positive results.
    (this multiple choice question has been scrambled)
  52. Which of the following security concerns falls into the administrative type for access controls?
    A. System access
    B. Fire management
    C. Monitoring
    D. Asset management
    C. The administrative controls involve the actions, policies, and management of the control system, and include procedures, hiring, security policies, monitoring, user management, and privilege management. The other types are physical and technical.
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview