A Review Of Downloadable GISF Test Preparation

NEW QUESTION 1

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

• A. Cross-Site Request Forgery
• B. Code injection attack
• C. Cross-Site Scripting attack
• D. Command injection attack

Answer: B

NEW QUESTION 2

You have successfully installed an IRM server into your environment. This IRM server will be utilized to protect the company's videos, which are available to all employees but contain sensitive data. You log on to the WSS 3.0 server with administrator permissions and navigate to the Operations section. What option should you now choose so that you can input the RMS server name for the WSS 3.0 server to use?

• A. Self-service site management
• B. Content databases
• C. Information Rights Management
• D. Define managed paths

Answer: C

NEW QUESTION 3

Which of the following is the maximum variable key length for the Blowfish encryption algorithm?

• A. 448 bit
• B. 256 bit
• C. 64 bit
• D. 16 bit

Answer: A

NEW QUESTION 4

Kelly is the project manager of the NNQ Project for her company. This project will last for one year and has a budget of $350,000. Kelly is working with her project team and subject matter experts to begin the risk response planning process. When the project manager begins the plan risk response process, what two inputs will she need?

• A. Risk register and the results of risk analysis
• B. Risk register and the risk response plan
• C. Risk register and the risk management plan
• D. Risk register and power to assign risk responses

Answer: C

NEW QUESTION 5

You work as a Network Administrator for ABC Inc. The company has a secure wireless network.
However, in the last few days, an attack has been taking place over and over again. This attack is taking advantage of ICMP directed broadcast. To stop this attack, you need to disable ICMP directed broadcasts. Which of the following attacks is taking place?

• A. Smurf attack
• B. Sniffer attack
• C. Cryptographic attack
• D. FMS attack

Answer: A

NEW QUESTION 6

You work as a security manager for Qualxiss Inc. Your Company involves OODA loop for resolving and deciding over company issues. You have detected a security breach issue in your company.
Which of the following procedures regarding the breach is involved in the observe phase of the OODA loop?

• A. Follow the company security guidelines.
• B. Decide an activity based on a hypothesis.
• C. Implement an action practically as policies.
• D. Consider previous experiences of security breaches.

Answer: A

NEW QUESTION 7

Each time you start your computer, you receive an error message that your TCP/IP address is in use. Which of the following attacks is this?

• A. Worm attack
• B. ICMP attack
• C. Back door attack
• D. TCP/IP hijacking
• E. TCP Sequence Number attack
• F. TCP SYN or TCP ACK flood attack

Answer: D

NEW QUESTION 8

You work as a Network Administrator for Tech World Inc. The company has a TCP/IP- based router. You have configured a router on your network. You want to accomplish the following goals:
l Configure the router to require a password to move from user EXEC mode to privileged EXEC mode.
l The password must be listed as a hidden entry in the configuration file. You run the following command: enable password <password>
Which of the goals will this action accomplish?

• A. The password will be listed as a hidden entry in the configuration file
• B. The action will accomplish neither of the goals
• C. The action will accomplish both the goals
• D. The router will require a password to move from user EXEC mode to privileged EXEC mode

Answer: D

NEW QUESTION 9

Which of the following IDS/IPS detection methods do the URLs use to detect and prevent an attack?

• A. Encryption-based detection
• B. Policy-based detection
• C. Signature-based detection
• D. Internet bot detection

Answer: C

NEW QUESTION 10

You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security policies and management to enhance the safety of your information systems. Which of the following is the best practice to initiate the renewal process from the lowest level with the least managerial effort?

• A. Start the Incident handling process.
• B. Change the entire security policy.
• C. Perform an IT audit.
• D. Switch to a new network infrastructure.

Answer: C

NEW QUESTION 11

Hardening a system is one of the practical methods of securing a computer system. Which of the following techniques is used for hardening a computer system?

• A. Disabling all user accounts
• B. Applying egress filtering
• C. Applying Access Control List (ACL)
• D. Applying a patch to the OS kernel

Answer: D

NEW QUESTION 12

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

• A. TCP FTP proxy scanning
• B. Eavesdropping
• C. Fingerprinting
• D. Web ripping

Answer: D

NEW QUESTION 13

You work as the Network Administrator of TechJobs. You implement a security policy, to be in effect at all times, on the client computer in your network. While troubleshooting, assistant administrators often change security settings on the network. You want the security policy to be reapplied after changes have been made. How can you automate this task? (Click the Exhibit button on the toolbar to see the case study.)

• A. Create a group policy object (GPO) and implement it to the domai
• B. Configure a security policy on i
• C. Give Administrators read-only permission on that GPO.
• D. Create a separate OU for the Administrators to test the security settings.
• E. Ask the assistant administrators to re-apply the security policy after the changes have been made.
• F. Schedule the SECEDIT command to run on the client computers.

Answer: D

NEW QUESTION 14

Which of the following algorithms produce 160-bit hash values? Each correct answer represents a complete solution. Choose two.

• A. MD2
• B. MD5
• C. SHA-1
• D. SHA-0

Answer: CD

NEW QUESTION 15

How long are cookies in effect if no expiration date is set?

• A. Fifteen days
• B. Until the session ends.
• C. Forever
• D. One year

Answer: B

NEW QUESTION 16
......