• Home
  • Articles
  • GIAC GSEC Real 2022 Braindumps Mock Exam Dumps [Q145-Q168]

GIAC GSEC Real 2022 Braindumps Mock Exam Dumps [Q145-Q168]

Share

GIAC GSEC Real 2022 Braindumps Mock Exam Dumps

GSEC Exam Questions | Real GSEC Practice Dumps

NEW QUESTION 145
Which of the following defines the communication link between a Web server and Web applications?

  • A. PGP
  • B. CGI
  • C. IETF
  • D. Firewall

Answer: B

 

NEW QUESTION 146
Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose two.

  • A. It reduces the need for globally unique IP addresses.
  • B. It allows external network clients access to internal services.
  • C. It provides added security by using Internet access to deny or permit certain traffic from the Bastion Host.
  • D. It allows the computers in a private network to share a global, ISP assigned address to connect to the Internet.

Answer: A,D

 

NEW QUESTION 147
Which Windows event log would you look in if you wanted information about whether or not a specific diver was running at start up?

  • A. Application
  • B. Security
  • C. Startup
  • D. System

Answer: D

 

NEW QUESTION 148
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.uCertify.com. What is the most likely cause?

  • A. WINS server has no NetBIOS name entry for the server.
  • B. DNS entry is not available for the host name.
  • C. The site's Web server has heavy traffic.
  • D. The site's Web server is offline.

Answer: B

 

NEW QUESTION 149
Which of the following is an Implementation of PKI?

  • A. 3DES
  • B. SSL
  • C. SHA-1
  • D. Kerberos

Answer: B

 

NEW QUESTION 150
Which of the following quantifies the effects of a potential disaster over a period of time?

  • A. Disaster Recovery Planning
  • B. Business Impact Analysis
  • C. Risk Assessment
  • D. Lessons Learned

Answer: B

 

NEW QUESTION 151
In preparation to do a vulnerability scan against your company's systems. You've taken the steps below:
You've notified users that there will be a system test.
You've priontized and selected your targets and subnets.
You've configured the system to do a deep scan.
You have a member of your team on call to answer questions.
Which of the following is a necessary step to take prior to starting the scan?

  • A. Scheduling the scan to run before OS updates.
  • B. Clear relevant system log files.
  • C. Getting permission to run the scan.
  • D. Placing the incident response team on call.

Answer: C

 

NEW QUESTION 152
What are the two actions the receiver of a PGP email message can perform that allows establishment of trust between sender and receiver?

  • A. Decode the message by decrypting the asymmetric key with his private key, then using the asymmetric key to decrypt the message.
  • B. Decode the message by decrypting the symmetric key with his private key, then using the symmetric key to decrypt the message.
  • C. Decrypt the message by encrypting the digital signature with his private key, then using the digital signature to decrypt the message.
  • D. Decode the message by decrypting the symmetric key with his public key, then using the symmetric key to decrypt the message.

Answer: A

 

NEW QUESTION 153
Which of the following statements about DMZ is true?

  • A. DMZ is a corporate network used as the Internet.
  • B. DMZ is a firewall that lies in between two corporate networks.
  • C. DMZ is a network that lies in between a corporate network and the Internet.
  • D. DMZ is a network that is not connected to the Internet.

Answer: C

 

NEW QUESTION 154
Which of the following protocols is responsible for the resolution of IP addresses to media access control (MAC) addresses?

  • A. ICMP
  • B. HTTP
  • C. ARP
  • D. PPP

Answer: C

 

NEW QUESTION 155

  • A. The packets may be deliberately spoofed by an attacker.
  • B. B and C
  • C. The packets are a sign of excess fragmentation.
  • D. A and D
  • E. B and D
  • F. The packets are probably corrupted.
  • G. A and B
  • H. The packets may have been accidentally routed onto the Internet.

Answer: B,H

 

NEW QUESTION 156
Which of the following statements about the integrity concept of information security management are
true?
Each correct answer represents a complete solution. Choose three.

  • A. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situation.
  • B. It determines the actions and behaviors of a single individual within a system
  • C. It ensures that modifications are not made to data by unauthorized personnel or processes.
  • D. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.

Answer: A,C,D

 

NEW QUESTION 157
You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. You want to kill a process running on a Linux server. Which of the following commands will you use to know the process identification number (PID) of the process?

  • A. killall
  • B. kill
  • C. getpid
  • D. ps

Answer: D

 

NEW QUESTION 158
Which of the following are threats to network security?
Each correct answer represents a complete solution. Choose two.

  • A. Events auditing
  • B. Dial-up connections
  • C. Disabled user accounts
  • D. Rogue employees

Answer: B,D

 

NEW QUESTION 159
When considering ingress filtering, why should all inbound packets be dropped if they contain a source address from within the protected network address space?

  • A. The packets may be deliberately spoofed by an attacker.
  • B. The packets are a sign of excess fragmentation.
  • C. A and D
  • D. B and C
  • E. B and D
  • F. The packets are probably corrupted.
  • G. A and B
  • H. The packets may have been accidentally routed onto the Internet.

Answer: H

 

NEW QUESTION 160
You have reason to believe someone with a domain user account has been accessing and modifying sensitive spreadsheets on one of your application servers. You decide to enable auditing for the files to see who is accessing and changing them. You enable the Audit Object Access policy on the files via Group Policy. Two weeks later, when you check on the audit logs, you see they are empty. What is the most likely reason this has happened?

  • A. You did not save the change to the policy
  • B. You did not enable auditing on the files
  • C. You cannot enable auditing on files, just folders
  • D. The person modifying the files turned off auditing

Answer: B

 

NEW QUESTION 161
Which of the following languages enable programmers to store cookies on client computers? Each correct answer represents a complete solution. Choose two.

  • A. HTML
  • B. DHTML
  • C. JavaScript
  • D. Perl

Answer: C,D

 

NEW QUESTION 162
Which of the following SIP INVITE lines indicates to the remote registrar the VoIP phone that initiated the call?

  • A. To
  • B. Via
  • C. From-Agent
  • D. User-Agent

Answer: D

 

NEW QUESTION 163
Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain- based network. The network contains ten Windows 2003 member servers, 150 Windows XP Professional client computers. According to the company's security policy, Mark needs to check whether all the computers in the network have all available security updates and shared folders. He also needs to check the file system type on each computer's hard disk. Mark installs and runs MBSACLI.EXE with the appropriate switches on a server. Which of the following tasks will he accomplish?

  • A. None of the tasks will be accomplished.
  • B. He will be able to check the file system type on each computer's hard disk.
  • C. He will be able to accomplish all the tasks.
  • D. He will be able to check all available security updates and shared folders.

Answer: C

 

NEW QUESTION 164
Which of the following is an Institute of Electrical and Electronics Engineering (IEEE) specification that defines standards for Ethernet?

  • A. 802.5
  • B. 802.12
  • C. 802.4
  • D. 802.3

Answer: D

 

NEW QUESTION 165
Which of the following statements about policy is FALSE?

  • A. Policy protects people who are trying to do the right thing.
  • B. A well-written policy states the specifics of "how" to do something.
  • C. Security policy establishes what must be done to protect information stored on computers.
  • D. A well-written policy contains definitions relating to "what" to do.

Answer: A

 

NEW QUESTION 166
While using Wire shark to investigate complaints of users being unable to login to a web application, you come across an HTTP POST submitted through your web application. The contents of the POST are listed below. Based on what you see below, which of the following would you recommend to prevent future damage to your database?

  • A. Use https to prevent hackers from inserting malware
  • B. Authenticate users to prevent hackers from using your database
  • C. Use ssh to prevent a denial of service attack
  • D. Sanitize user inputs to prevent injection attacks

Answer: A

 

NEW QUESTION 167
Which of the below choices should an organization start with when implementing an effective risk management process?

  • A. Design controls and develop standards for each technology you plan to deploy
  • B. Conduct periodic reviews
  • C. Define security policy requirements
  • D. Implement an incident response plan

Answer: C

 

NEW QUESTION 168
......

Verified GSEC Exam Dumps Q&As - Provide GSEC with Correct Answers: https://itcert-online.newpassleader.com/GIAC/GSEC-exam-preparation-materials.html

Related Articles

more
GIAC GSEC Certification Practice Exam