Renew GISF Exam For GIAC Information Security Fundamentals Certification

NEW QUESTION 1

Which of the following tools can be used to perform tasks such as Windows password cracking Windows enumeration, and VoIP session sniffing?

• A. John the Ripper
• B. Obiwan
• C. Cain
• D. L0phtcrack

Answer: C

NEW QUESTION 2

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

• A. SHA
• B. AES
• C. MD5
• D. DES

Answer: C

NEW QUESTION 3

The TCP/IP protocol suite uses _____ to identify which service a certain packet is destined for.

• A. Subnet masks
• B. IP addresses
• C. MAC addresses
• D. Port numbers

Answer: D

NEW QUESTION 4

Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use Steganographic file system method to encrypt and hide some secret information. Which of the following disk spaces will he use to store this secret information?
Each correct answer represents a complete solution. Choose all that apply.

• A. Slack space
• B. Unused Sectors
• C. Dumb space
• D. Hidden partition

Answer: ABD

NEW QUESTION 5

Rick is the project manager of a construction project. He is in a process to procure some construction equipments. There are four vendors available for supplying the equipments. Rick does not want one of them to participate in the bidding as he has some personal grudges against the owner of the vendor. This is the violation of which of the following categories of the Project Management Institute Code of Ethics and Professional Conduct?

• A. Respect
• B. Honesty
• C. Responsibility
• D. Fairness

Answer: D

NEW QUESTION 6

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

• A. Attacker can use the Ping Flood DoS attack if WZC is used.
• B. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
• C. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
• D. It will not allow the configuration of encryption and MAC filterin
• E. Sending information is not secure on wireless network.

Answer: BC

NEW QUESTION 7

Which of the following encryption techniques does digital signatures use?

• A. MD5
• B. RSA
• C. IDEA
• D. Blowfish

Answer: C

NEW QUESTION 8

Which of the following factors determine the strength of the encryption?

• A. Character-set encoding
• B. Length of the key
• C. Operating system
• D. Ease of use

Answer: B

NEW QUESTION 9

Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

• A. IPLog
• B. Snort
• C. Timbersee
• D. Swatch

Answer: B

NEW QUESTION 10

Which project management risk event would you be using if you changed the sequence of activities to reduce the probability of the project being delayed?

• A. Enhancing
• B. Withdrawal
• C. Exploiting
• D. Avoidance

Answer: D

NEW QUESTION 11

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

• A. Hunt
• B. IPChains
• C. Ethercap
• D. Tripwire

Answer: A

NEW QUESTION 12

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.

• A. Dictionary attack
• B. Rule based attack
• C. Brute Force attack
• D. Hybrid attack

Answer: ACD

NEW QUESTION 13

You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:
The information has proved beneficial to another company.
The other company is located about 340 feet away from your office. The other company is also using wireless network.
The bandwidth of your network has degraded to a great extent. Which of the following methods of attack has been used?

• A. A piggybacking attack has been performed.
• B. The information is traced using Bluebugging.
• C. A DOS attack has been performed.
• D. A worm has exported the information.

Answer: A

NEW QUESTION 14

Which of the following service provider classes is used to create a digital signature?

• A. RC2CryptoServiceProvider
• B. RNGCryptoServiceProvider
• C. DESCryptoServiceProvider
• D. SHA1CryptoServiceProvider
• E. MD5CryptoServiceProvider
• F. DSACryptoServiceProvider

Answer: F

NEW QUESTION 15

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

• A. Install a DMZ firewall
• B. Enable verbose logging on the firewall
• C. Install a host-based IDS
• D. Install a network-based IDS

Answer: D

NEW QUESTION 16
......