The Secret Of GIAC GSEC Vce

NEW QUESTION 1
What is the maximum passphrase length in Windows 2000/XP/2003?

• A. 255 characters
• B. 127 characters
• C. 95 characters
• D. 63 characters

Answer: B

NEW QUESTION 2
Which of the following tools is used to query the DNS servers to get detailed information about IP addresses, MX records, and NS servers?

• A. NBTSTAT
• B. NSLOOKUP
• C. PING
• D. NETSTAT

Answer: B

NEW QUESTION 3
Which of the following is a Layer 3 device that will typically drop directed broadcast traffic?

• A. Hubs
• B. Bridges
• C. Routers
• D. Switches

Answer: C

NEW QUESTION 4
You have an automated system for patching the operating systems of all your computers. All patches are supposedly current. Yet your automated vulnerability scanner has just reported vulnerabilities that you believe have been patched. Which of the actions below should you take next?

• A. Check some systems manuall
• B. Rerun the system patching routine
• C. Contact the incident response tea
• D. Ignore the findings as false positive

Answer: A

NEW QUESTION 5
Which of the following areas of a network contains DNS servers and Web servers for Internet users?

• A. VPN
• B. MMZ
• C. VLAN
• D. DMZ

Answer: D

NEW QUESTION 6
You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You are configuring an application server. An application named Report, which is owned by the root user, is placed on the server. This application requires superuser permission to write to other files. All sales managers of the company will be using the application. Which of the following steps will you take in order to enable the sales managers to run and use the Report application?

• A. Change the Report application to a SUID comman
• B. Make the user accounts of all the sales managers the members of the root grou
• C. Provide password of root user to all the sales manager
• D. Ask each sales manager to run the application as the root use
• E. As the application is owned by the root, no changes are require

Answer: A

NEW QUESTION 7
Which of the following BEST describes the two job functions of Microsoft Baseline Security Analyzer (MBSA)?

• A. Vulnerability scanner and auditing tool
• B. Auditing tool and alerting system
• C. Configuration management and alerting system
• D. Security patching and vulnerability scanner

Answer: D

NEW QUESTION 8
A US case involving malicious code is brought to trial. An employee had opened a helpdesk ticket to report specific instances of strange behavior on her system. The IT helpdesk representative collected information by interviewing the user and escalated the ticket to the system administrators. As the user had regulated and sensitive data on her computer, the system administrators had the hard drive sent to the company's forensic consultant for analysis and configured a new hard drive for the user. Based on the recommendations from the forensic consultant and the company's legal department, the CEO decided to prosecute the author of the malicious code. During the court case, which of the following would be able to provide direct evidence?

• A. The IT helpdesk representative
• B. The company CEO
• C. The user of the infected system
• D. The system administrator who removed the hard drive

Answer: C

NEW QUESTION 9
On which of the following OSI model layers does IPSec operate? A. Physical layer

• A. Network layer
• B. Data-link layer
• C. Session layer

Answer: B

NEW QUESTION 10
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are required to search for the error messages in the /var/log/messages log file. Which of the following commands will you use to accomplish this?

• A. ps /var/log/messages
• B. cat /var/log/messages | look error
• C. cat /var/log/messages | grep error
• D. cat /var/log/messages

Answer: C

NEW QUESTION 11
You are doing some analysis of malware on a Unix computer in a closed test network. The IP address of the computer is 192.168.1.120. From a packet capture, you see the malware is attempting to do a DNS query for a server called iamabadserver.com so that it can connect to it. There is no DNS server on the test network to do name resolution. You have another computer, whose IP is 192.168.1.115, available on the test network that you would like for the malware connect to it instead. How do you get the malware to connect to that computer on the test network?

• A. You modify the HOSTS file on the computer you want the malware to connect to and add an entry that reads: 192.168.1.120 iamabadserver iamabadserver.com
• B. You modify the HOSTS file on the Unix computer your malware is running on and add an entry that reads: 192.168.1.115 iamabadserveriamabadserver.com
• C. You modify the HOSTS file on the Unix computer your malware is running on and add an entry that reads: 192.168.1.120 iamabadserver iamabadserver.com
• D. You modify the HOSTS file on the computer you want the malware to connect to and add an entry that reads: 192.168.1.115 iamabadserver iamabadserver.com

Answer: B

NEW QUESTION 12
Your system has been infected by malware. Upon investigation, you discover that the malware propagated primarily via email. The malware attacked known vulnerabilities for which patches are available, but due to problems with your configuration management system you have no way to know which systems have been patched and which haven't, slowing your progress in patching your network. Of the following, which solution would you use to protect against this propagation vector?

• A. Encrypt the emails on the server
• B. Scan and block suspect email attachments at the email server
• C. Install a firewall between the email server and the Internet
• D. Separate the email server from the trusted portions of the network

Answer: B

NEW QUESTION 13
Which of the following statements about buffer overflow is true?

• A. It manages security credentials and public keys for message encryptio
• B. It is a collection of files used by Microsoft for software updates released between major service pack release
• C. It is a condition in which an application receives more data than it is configured to accep
• D. It is a false warning about a viru

Answer: C

NEW QUESTION 14
Which of the following files contains the shadowed password entries in Linux?

• A. /etc/passwd
• B. /etc/shadow
• C. /etc/profile
• D. /etc/shdpwd

Answer: B

NEW QUESTION 15
Which of the following protocols allows an e-mail client to access and manipulate a remote e-mail file without downloading it to the local computer?

• A. IMAP
• B. SNMP
• C. POP3
• D. SMTP

Answer: A

NEW QUESTION 16
How are differences in configuration settings handled between Domain and Local Group Policy Objects (GPOs)?

• A. Local and Domain GPOs control different configuration settings, so there will not be conflict
• B. Settings in the domain-wide GPO override conflicting settings in the local GPO on each compute
• C. Settings in the local GPO override conflicting settings when the domain-wide GPO is applie
• D. Precedence depends on which GPO was updated firs

Answer: B

NEW QUESTION 17
The Windows 'tracert' begins by sending what type of packet to the destination host?

• A. A UDP packet with a TTL of 1
• B. An ICMP Echo Request
• C. An ICMP Router Discovery
• D. An ICMP Echo Reply

Answer: A

NEW QUESTION 18
......