2026 New GISF Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/GISF/

Certleader offers free demo for GISF exam. "GIAC Information Security Fundamentals", also known as GISF exam, is a GIAC Certification. This set of posts, Passing the GIAC GISF exam, will help you answer those questions. The GISF Questions & Answers covers all the knowledge points of the real exam. 100% real GIAC GISF exams and revised by experts!

Free GISF Demo Online For GIAC Certifitcation:

NEW QUESTION 1

You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant. Which algorithm are they most likely using for hashing?

  • A. PKI
  • B. MD5
  • C. SHA
  • D. Kerberos

Answer: B

NEW QUESTION 2

You are hired by Techmart Inc. to upgrade its existing network. You have prepared a case study for planning the network.
According to your study, how many domains are required to setup the network of Techmart Inc.?
(Click the Exhibit button on the toolbar to see the case study.)

  • A. Two
  • B. Four
  • C. Three
  • D. One

Answer: D

NEW QUESTION 3

The Project Risk Management knowledge area focuses on which of the following processes?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk Management Planning
  • B. Quantitative Risk Analysis
  • C. Potential Risk Monitoring
  • D. Risk Monitoring and Control

Answer: ABD

NEW QUESTION 4

Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

  • A. Disaster Invocation Guideline
  • B. Business Continuity Strategy
  • C. Index of Disaster-Relevant Information
  • D. Availability/ ITSCM/ Security Testing Schedule

Answer: B

NEW QUESTION 5

Which of the following are some of the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk identification
  • B. Project schedule
  • C. Team members list
  • D. Risk analysis

Answer: ABC

NEW QUESTION 6

Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions, which is available to the Internet. Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Attacker can exploit any protocol used to go into the internal network or intranet of the com pany.
  • B. Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.
  • C. Attacker can gain access to the Web server in a DMZ and exploit the database.
  • D. Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.

Answer: ACD

NEW QUESTION 7

You are the project manager of the HHH Project. The stakeholders for this project are scattered across the world and you need a method to promote interaction. You determine that a Web conferencing software would be the most cost effective solution. The stakeholders can watch a slide show while you walk them through the project details. The stakeholders can hear you, ask questions via a chat software, and post concerns. What is the danger in this presentation?

  • A. 55 percent of all communication is nonverbal and this approach does not provide non- verbal communications.
  • B. The technology is not proven as reliable.
  • C. The stakeholders won't really see you.
  • D. The stakeholders are not required to attend the entire session.

Answer: A

NEW QUESTION 8

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

  • A. Containment
  • B. Preparation
  • C. Recovery
  • D. Identification

Answer: A

NEW QUESTION 9

You have been tasked with finding an encryption methodology for your company's network. The solution must use public key encryption which is keyed to the users email address. Which of the following should you select?

  • A. AES
  • B. 3DES
  • C. PGP
  • D. Blowfish

Answer: C

NEW QUESTION 10

Which of the following viruses is designed to prevent antivirus researchers from examining its code by using various methods that make tracing and disassembling difficult?

  • A. Multipartite virus
  • B. Polymorphic virus
  • C. Armored virus
  • D. Stealth virus

Answer: C

NEW QUESTION 11

Which of the following refers to encrypted text?

  • A. Plaintext
  • B. Cookies
  • C. Ciphertext
  • D. Hypertext

Answer: C

NEW QUESTION 12

Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration.
The tool uses raw IP packets to determine the following:
What ports are open on our network systems. What hosts are available on the network. Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering. What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use. Which of the following tools is Victor using?

  • A. Nessus
  • B. Kismet
  • C. Nmap
  • D. Sniffer

Answer: C

NEW QUESTION 13

Under the SMART scheme, the Predictive Failure Analysis Technology is used to determine the failure or crash for which of the following parts of a computer system?

  • A. Operating System
  • B. Hard Disc drive
  • C. Software
  • D. Internet Browser

Answer: B

NEW QUESTION 14

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Cookies folder
  • B. Temporary Internet Folder
  • C. Download folder
  • D. History folder

Answer: ABD

NEW QUESTION 15

Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company's network. Which of the following statements are true about the Black Box penetration testing?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Black box testing provides the testers with complete knowledge of the infrastructure to be tested.
  • B. Black box testing simulates an attack from someone who is unfamiliar with the system.
  • C. Black box testing simulates an attack from someone who is familiar with the system.
  • D. Black box testing assumes no prior knowledge of the infrastructure to be tested.

Answer: BC

NEW QUESTION 16
......

P.S. Thedumpscentre.com now are offering 100% pass ensure GISF dumps! All GISF exam questions have been updated with correct answers: https://www.thedumpscentre.com/GISF-dumps/ (333 New Questions)