Regenerate GIAC Certified Intrusion Analyst GCIA Sample Question

NEW QUESTION 1
Which of the following is the ability of a hacker to determine the nature of the network?

• A. Investigating
• B. Profiling
• C. Sniffing
• D. Intruding

Answer: B

NEW QUESTION 2
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?

• A. PsExec
• B. PsList
• C. Fpipe
• D. Cain

Answer: C

NEW QUESTION 3
Which of the following IPv6 address types is a single address that can be assigned to multiple interfaces?

• A. Unicast
• B. Anycast
• C. Loopback
• D. Multicast

Answer: B

NEW QUESTION 4
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

• A. Preparation
• B. gaining access
• C. Scanning
• D. Reconnaissance

Answer: A

NEW QUESTION 5
Which of the following tools is used to analyze a system and report any unsigned drivers found?

• A. regedit.exe
• B. sigverify.exe
• C. sigverif.exe
• D. msconfig

Answer: C

NEW QUESTION 6
Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

• A. Command injection attack
• B. Code injection attack
• C. Cross-Site Request Forgery
• D. Cross-Site Scripting attack

Answer: B

NEW QUESTION 7
Which of the following can be monitored by using the host-based intrusion detection system (HIDS)?

• A. Computer performance
• B. File system integrity
• C. Computer storage space
• D. DoS attack

Answer: B

NEW QUESTION 8
You work as a Network Administrator in a company. The NIDS is implemented on the network.
You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

• A. Promiscuous
• B. Audit mode
• C. Full Duplex
• D. Half duplex

Answer: A

NEW QUESTION 9
At which layers of the OSI and TCP/IP models does IP addressing function?

• A. OSI Layer 5 and TCP/IP Transport Layer
• B. OSI Layer 2 and TCP/IP Network Layer
• C. OSI Layer 4 and TCP/IP Application Layer
• D. OSI Layer 3 and TCP/IP Internet Layer

Answer: D

NEW QUESTION 10
Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

• A. Risk analysis
• B. Cryptography
• C. Firewall security
• D. OODA loop

Answer: B

NEW QUESTION 11
You work as a Network Administrator for Net Perfect Inc. The company's network is configured with Internet Security and Acceleration (ISA) Server 2000 to provide firewall services. You want to block all e-mails coming from the domain named fun4you.com. How will you accomplish this?

• A. Enable POP intrusion detection filter Block e-mails from the fun4you.com domain
• B. Enable SMTP filter Add the fun4you.com domain name to the list of rejected domains
• C. Create a site and content rule to prohibit access to the fun4you.com domain
• D. Create a protocol rule that allows only authorized users to use the SMTP protocol

Answer: B

NEW QUESTION 12
Which of the following is the process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks?

• A. Alarm filtering
• B. Confidence value
• C. Reactive system
• D. Site policy

Answer: A

NEW QUESTION 13
The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just packets addressed to it. Which of the following tools works by placing the host system network card into the promiscuous mode?

• A. NetStumbler
• B. Snort
• C. THC-Scan
• D. Sniffer

Answer: D

NEW QUESTION 14
Where is the Hypertext Transfer Protocol (HTTP) used?

• A. On a client/server-based Wide Area Network (WAN).
• B. On the Internet to download text files and graphic file
• C. On a peer-to-peer based Local Area Network (LAN).
• D. On the World Wide Web (WWW) to display SQL database statistic
• E. On the World Wide Web (WWW) to display Hypertext Markup Language (HTML) page

Answer: E

NEW QUESTION 15
Which of the following limits the number of packets seen by tcpdump?

• A. Sender filtering
• B. IFilters
• C. BPF-based filter
• D. Recipient filtering

Answer: C

NEW QUESTION 16
Which system is designed to analyze, detect, and report on security-related events?

• A. NIPS
• B. HIPS
• C. NIDS
• D. HIDS

Answer: A

NEW QUESTION 17
Which of the following tools is used to detect wireless LANs using the 802.11b, 802.11a, and 802.11g WLAN standards on the Windows platform?

• A. Cain
• B. AiroPeek
• C. NetStumbler
• D. Snort

Answer: C

NEW QUESTION 18
Which of the following methods is a behavior-based IDS detection method?

• A. Knowledge-based detection
• B. Protocol detection
• C. Statistical anomaly detection
• D. Pattern matching detection

Answer: C

NEW QUESTION 19
Which of the following statements are true about snort?
Each correct answer represents a complete solution. Choose all that apply.

• A. It develops a new signature to find vulnerabilitie
• B. It detects and alerts a computer user when it finds threats such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors and system vulnerabilities, and DDoS client
• C. It encrypts the log file using the 256 bit AES encryption scheme algorith
• D. It is used as a passive trap to record the presence of traffic that should not be found on a network, such as NFS or Napster connection

Answer: ABD

NEW QUESTION 20
......