1. Home
  2. GIAC
  3. GIAC Certification
  4. GISP
  5. GIAC Information Security Professional Questions and Answers

Pass the GIAC GIAC Certification GISP Questions and answers with CertsForce

 GIAC Exams      Go to Exam Detail      Get Premium Access
Viewing page 4 out of 14 pages
Viewing questions 46-60 out of questions
Questions # 46:

Which of the following statements about Public Key Infrastructure (PKI) are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It uses symmetric key pairs.

B.

It uses asymmetric key pairs.

C.

It provides security using data encryption and digital signature.

D.

It is a digital representation of information that identifies users.

Questions # 47:

Which of the following is used to allow or deny access to network resources?

Options:
A.

ACL

B.

System hardening

C.

Spoofing

D.

NFS

Questions # 48:

Which of the following methods can be helpful to eliminate social engineering threat?

Each correct answer represents a complete solution. Choose three.

Options:
A.

Password policies

B.

Vulnerability assessments

C.

Data classification

D.

Data encryption

Questions # 49:

Which of the following types of evidence is considered as the best evidence?

Options:
A.

A copy of the original document

B.

A computer-generated record

C.

Information gathered through the witness's senses

D.

The original document

Questions # 50:

Which of the following is the most secure policy for a firewall?

Options:
A.

Passing all packets unless they are explicitly rejected.

B.

Enabling all internal interfaces.

C.

Blocking all packets unless they are explicitly permitted.

D.

Disabling all external interfaces.

Questions # 51:

Which of the following ports is used by a BOOTP server?

Options:
A.

UDP port 389

B.

UDP port 67

C.

TCP port 80

D.

TCP port 110

Questions # 52:

Which of the following statements about Dynamic Host Configuration Protocol (DHCP) are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It is used to provide host name resolution in a TCP/IP-based network.

B.

It is used to dynamically assign IP addresses to computers.

C.

It reduces the complexity of managing network client IP address configuration.

D.

It reduces the risk of a denial of service (DoS) attack.

Questions # 53:

Which of the following statements about biometric authentication is true?

Options:
A.

A user provides his user name and password for authentication.

B.

A user uses a smart card for authentication.

C.

A sensor scans some physical characteristics of a user and sends that information to the authentication server.

D.

A user is issued a device that is used for authentication.

Questions # 54:

A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to perform war dialing?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

ToneLoc

B.

THC-Scan

C.

Wingate

D.

NetStumbler

Questions # 55:

Which of the following is the default port for TACACS?

Options:
A.

UDP port 49

B.

TCP port 443

C.

TCP port 25

D.

TCP port 80

Questions # 56:

Which of the following statements about buffer overflow are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It is a situation that occurs when a storage device runs out of space.

B.

It can terminate an application.

C.

It can improve application performance.

D.

It is a situation that occurs when an application receives more data than it is configured to accept

Questions # 57:

Which of the following ports is used by a BOOTP client?

Options:
A.

UDP port 67

B.

UDP port 53

C.

UDP port 69

D.

UDP port 68

Questions # 58:

Which of the following protocols work at the network layer?

Each correct answer represents a complete solution. Choose three.

Options:
A.

OSPF

B.

SPX

C.

IGMP

D.

RIP

Questions # 59:

Which of the following statements about a perimeter network are true?

Each correct answer represents a complete solution. Choose three.

Options:
A.

It has a connection to the Internet through an external firewall and a connection to an internal network through an interior firewall.

B.

It has a connection to a private network through an external firewall and a connection to an internal network through an interior firewall.

C.

It is also known as a demilitarized zone or DMZ.

D.

It prevents access to the internal corporate network for outside users.

Questions # 60:

Mark works as a Webmaster for Infonet Inc. He sets up an e-commerce site. He wants to accept online payments through credit cards on this site. He wants the credit card numbers to be encrypted. What will Mark do to accomplish the task?

Options:
A.

Use PGP.

B.

Use HTTP.

C.

Use MIME.

D.

Use SET.

Viewing page 4 out of 14 pages
Viewing questions 46-60 out of questions