Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. GIAC
  3. GIAC Certification
  4. GISP - GIAC Information Security Professional

GIAC GISP GIAC Information Security Professional Exam Practice Test

Demo: 98 questions
Total 659 questions
Get GISP Full Access Download GISP PDF

GIAC Information Security Professional Questions and Answers

Question 1

Which of the following types of virus is capable of changing its signature to avoid detection?

Options:

A.

Macro virus

B.

Polymorphic virus

C.

Stealth virus

D.

Boot sector virus

Question 2

An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?

Options:

A.

Backup policy

B.

Network security policy

C.

User password policy

D.

Privacy policy

Question 3

Which of the following is NOT a countermeasure against a spoofing attack?

Options:

A.

Patching operating system

B.

Installing Anti-virus software

C.

Patching application

D.

Employing IDS

Question 4

Identify whether the given statement is true or false.

"Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords."

Options:

A.

False

B.

True

Question 5

You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. You want to prevent malicious e-mails from entering the network from the non-existing domains. What will you do to accomplish this?

Options:

A.

Enable DNS recursive queries on the DNS server.

B.

Disable DNS reverse lookup on the e-mail server.

C.

Enable DNS reverse lookup on the e-mail server.

D.

Disable DNS recursive queries on the DNS server.

Question 6

How many keys are used to encrypt data in symmetric encryption?

Options:

A.

Four

B.

One

C.

Two

D.

Three

Question 7

Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?

Options:

A.

Hot site

B.

Cold site

C.

Data site

D.

Warm site

Question 8

Which of the following statements about certification authority (CA) are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It is an entity in a network, which manages security credentials and public keys for message encryption.

B.

It issues certificates that confirm the identity and other attributes of a certificate in relation to other entities.

C.

It is an entity in a network, which manages files and objects.

D.

It issues private keys that confirm the identity and other attributes of a certificate in relation to other entities.

Question 9

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:

•Network diagrams of the we-are-secure infrastructure

•Source code of the security tools

•IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?

Options:

A.

Graybox

B.

Whitebox

C.

Blackbox

D.

Alpha testing

Question 10

In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?

Options:

A.

TCP FIN scanning

B.

DNS poisoning

C.

Snooping

D.

TCP SYN scanning

Question 11

Key escrow is a method of __________.

Options:

A.

Key renewal

B.

Key distribution

C.

Key recovery

D.

key revocation

Question 12

Which of the following statements about packet filtering is true?

Options:

A.

It allows or restricts the flow of encrypted packets to provide security.

B.

It is used to send confidential data on the public network.

C.

It allows or restricts the flow of specific types of packets to provide security.

D.

It is used to store information about confidential data.

Question 13

Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?

Options:

A.

TCP port 110

B.

UDP port 161

C.

UDP port 1701

D.

TCP port 443

Question 14

Which of the following technologies are forms of single sign-on (SSO)?

Each correct answer represents a complete solution. Choose three.

Options:

A.

CoSign

B.

SESAME

C.

Kerberos

D.

RADIUS

Question 15

Which of the following protocols is used to send e-mails on the Internet?

Options:

A.

HTTP

B.

IMAP4

C.

SMTP

D.

POP3

Question 16

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. While examining a log report, he finds that an intrusion has been attempted by an attacker whose IP address is 0x40.0x3A.0x2B.0xE6. Which of the following decimal IP addresses will respond to the ping on the above Hexadecimal IP address?

Options:

A.

64.58.42.230

B.

64.59.43.230

C.

64.58.43.231

D.

64.58.43.230

Question 17

Which of the following encryption algorithms are based on stream ciphers?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Twofish

B.

RC4

C.

FISH

D.

Blowfish

Question 18

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

Options:

A.

Buffer overflow

B.

Collusion

C.

Phishing

D.

Eavesdropping

Question 19

An attacker sends a large number of packets to a target computer that causes denial of service. Which of the following type of attacks is this?

Options:

A.

Flooding

B.

Snooping

C.

Phishing

D.

Spoofing

Question 20

Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?

Options:

A.

Rootkit

B.

Backdoor

C.

Access control list

D.

Rainbow table

Question 21

At which of the following layers Structured Query Language (SQL) works?

Options:

A.

Physical

B.

Network

C.

Transport

D.

Session

Question 22

When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.

Options:

A.

False positive

B.

False negative

C.

True negative

D.

True positive

Question 23

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:

This rule can help him protect the We-are-secure server from the __________.

Options:

A.

Chernobyl virus

B.

I LOVE YOU virus

C.

Melissa virus

D.

Nimda virus

Question 24

Which of the following statements about the One Time Password (OTP) security system are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It requires a password only once to authenticate users.

B.

It requires a new password every time a user authenticates himself.

C.

It generates passwords by using either the MD4 or MD5 hashing algorithm.

D.

It generates passwords by using Kerberos v5.

Question 25

Which of the following statements about DMZ is true?

Options:

A.

DMZ is a corporate network used as the Internet.

B.

DMZ is a firewall that lies in between two corporate networks.

C.

DMZ is a network that is not connected to the Internet.

D.

DMZ is a network that lies in between a corporate network and the Internet.

Question 26

Which of the following is used to implement a procedure to control inbound and outbound traffic on a network?

Options:

A.

Sam Spade

B.

NIDS

C.

ACL

D.

Cookies

Question 27

Which of the following is a name, symbol, or slogan with which a product is identified?

Options:

A.

Trademark

B.

Patent

C.

Trade secret

D.

Copyright

Question 28

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

Options:

A.

Piggybacking

B.

Hacking

C.

Session hijacking

D.

Keystroke logging

Question 29

Which of the following is the process of overwriting all addressable locations on a disk?

Options:

A.

Sanitization

B.

Authentication

C.

Spoofing

D.

Drive wiping

Question 30

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He recommends a disk encryption tool to encrypt the secret files of the We-are-secure server. He presents a report to the We-are-secure authorities as given below:

Which of the following tools is John recommending for disk encryption on the We-are-secure server?

Options:

A.

CryptoHeaven

B.

Stunnel

C.

TrueCrypt

D.

Magic Lantern

Question 31

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

Options:

A.

Access control list (ACL)

B.

Discretionary access control entry (DACE)

C.

Security Identifier (SID)

D.

Access control entry (ACE)

Question 32

Which of the following are the benefits of information classification for an organization?

Options:

A.

It helps identify which information is the most sensitive or vital to an organization.

B.

It ensures that modifications are not made to data by unauthorized personnel or processes.

C.

It helps identify which protections apply to which information.

D.

It helps reduce the Total Cost of Ownership (TCO).

Question 33

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

Options:

A.

RAID-1

B.

RAID-10

C.

RAID-0

D.

RAID-5

Question 34

John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

He should upgrade his antivirus program.

B.

He should download the latest patches for Windows Server 2003 from the Microsoft site, so that he can repair the kernel.

C.

He should observe the process viewer (Task Manager) to see whether any new process is running on the computer or not. If any new malicious process is running, he should kill that process.

D.

He should restore his Windows settings.

Question 35

Which of the following are the differences between PPTP and L2TP?

Each correct answer represents a complete solution. Choose three.

Options:

A.

L2TP does not provide any kind of security.

B.

PPTP connections use Microsoft Point-to-Point Encryption (MPPE), whereas L2TP uses Data Encryption Standard (DES).

C.

L2TP may be used with IPSec, while PPTP stands alone.

D.

PPTP is supported by most industry vendors, while L2TP is a proprietary Microsoft standard.

Question 36

Which of the following statements about digital signature is true?

Options:

A.

Digital signature compresses the message to which it is applied.

B.

Digital signature is required for an e-mail message to get through a firewall.

C.

Digital signature verifies the identity of the person who applies it to a document.

D.

Digital signature decrypts the contents of documents.

Question 37

Which of the following protocols is used to verify the status of a certificate?

Options:

A.

CEP

B.

HTTP

C.

OSPF

D.

OCSP

Question 38

Sam works as a Web Developer for McRobert Inc. He wants to control the way in which a Web browser receives information and downloads content from Web sites. Which of the following browser settings will Sam use to accomplish this?

Options:

A.

Proxy server

B.

Security

C.

Cookies

D.

Certificate

Question 39

Which of the following statements are true about a Gantt chart?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It displays the duration of a task.

B.

It is easier to plan than PERT.

C.

It displays dependencies between activities.

D.

The impact of slippage is easily determined.

Question 40

Which of the following have been developed to address security issues in the e-commerce system?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Digital cash

B.

Encryption frameworks

C.

Shopping cart

D.

Digital signatures

Question 41

Which of the following are considered Bluetooth security violations?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Social engineering

B.

Bluesnarfing

C.

SQL injection attack

D.

Bluebug attack

E.

Cross site scripting attack

Question 42

Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.

Options:

A.

Packaging

B.

Spoofing

C.

Eavesdropping

D.

Shielding

Question 43

Which of the following are the goals of the cryptographic systems?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Availability

B.

Authentication

C.

Integrity

D.

Confidentiality

Question 44

You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?

Options:

A.

Only users within the company.

B.

Anyone can authenticate.

C.

Only users with the correct WEP key.

D.

Only the administrator.

Question 45

Which of the following statements about system hardening are true?

Each correct answer represents a complete solution. Choose two.

Options:

A.

It is used for securing the computer hardware.

B.

It can be achieved by locking the computer room.

C.

It is used for securing an operating system.

D.

It can be achieved by installing service packs and security updates on a regular basis.

Question 46

Which of the following is ensured by the concept of availability in information system security?

Options:

A.

Data modifications are not made by an unauthorized user or process.

B.

The intentional or unintentional unauthorized disclosure of a message or important document contents is prevented.

C.

The systems are up and running when they are needed.

D.

Unauthorized modifications are not made by authorized users.

Question 47

Which of the following is an attack with IP fragments that cannot be reassembled?

Options:

A.

Teardrop attack

B.

Dictionary attack

C.

Password guessing attack

D.

Smurf attack

Question 48

Which of the following are the goals of risk management?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Identifying the risk

B.

Assessing the impact of potential threats

C.

Finding an economic balance between the impact of the risk and the cost of the countermeasure

D.

Identifying the accused

Question 49

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Options:

A.

Employees

B.

Hackers

C.

Visitors

D.

Customers

Question 50

Which of the following processes is known as Declassification?

Options:

A.

Verifying the identity of a person, network host, or system process.

B.

Physically destroying the media and the information stored on it.

C.

Assessing the risk involved in making a confidential document available to public.

D.

Removing the content from the media so that it is difficult to restore.

Question 51

Which of the following are politically motivated threats that an organization faces?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Power distribution outages

B.

Civil disobedience

C.

Riot

D.

Terrorist attacks

E.

Vandalism

Question 52

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

Options:

A.

TCP FTP proxy scanning

B.

Eavesdropping

C.

Web ripping

D.

Fingerprinting

Question 53

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

Options:

A.

Denial-of-Service (DoS) attack

B.

Impersonation attack

C.

Vulnerability attack

D.

Man-in-the-middle attack

Question 54

Which of the following protects from electrical and magnetic induction that causes interference to the power voltage?

Options:

A.

Power regulator

B.

Shielded line

C.

Firewall

D.

Smoke detector

Question 55

In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?

Options:

A.

Remote dial-up network

B.

Remote network

C.

Stolen equipment

D.

Local network

Question 56

Which of the following classes of fire comes under Class C fire?

Options:

A.

Combustible metals fire

B.

Paper or wood fire

C.

Oil fire

D.

Electronic or computer fire

Question 57

Which of the following is a process of monitoring data packets that travel across a network?

Options:

A.

Packet sniffing

B.

Packet filtering

C.

Shielding

D.

Password guessing

Question 58

Which of the following statements about biometric authentication is true?

Options:

A.

A user provides his user name and password for authentication.

B.

A user uses a smart card for authentication.

C.

A sensor scans some physical characteristics of a user and sends that information to the authentication server.

D.

A user is issued a device that is used for authentication.

Question 59

Which of the following protocols implements VPN using IPSec?

Options:

A.

PPP

B.

L2TP

C.

PPTP

D.

SLIP

Question 60

Which of the following is an authentication protocol?

Options:

A.

LDAP

B.

PPTP

C.

TLS

D.

Kerberos

Question 61

Which of the following command-line utilities queries the DNS server to check whether or not the zone database contains the correct information?

Options:

A.

IPCONFIG

B.

TELNET

C.

NSLOOKUP

D.

NETSTAT

Question 62

Which of the following is a signature-based intrusion detection system (IDS) ?

Options:

A.

StealthWatch

B.

Snort

C.

RealSecure

D.

Tripwire

Question 63

Which of the following refers to a program that allows access to a system by skipping the security checks?

Options:

A.

Honey pot

B.

Hoax

C.

Back door

D.

Worm

Question 64

You are going to upgrade your hard disk's file system from FAT to NTFS. What are the major advantages of the NTFS file system over FAT16 and FAT32 file systems?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

NTFS gives better file security than FAT16 and FAT32.

B.

NTFS file system supports for larger hard disks.

C.

NTFS give improved disk compression than FAT16 and FAT32.

D.

Automatic backup.

Question 65

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

Options:

A.

Biometrics

B.

Anonymous

C.

Mutual

D.

Multi-factor

Question 66

Which of the following is the best method to stop vulnerability attacks on a Web server?

Options:

A.

Implementing the latest virus scanner

B.

Using strong passwords

C.

Configuring a firewall

D.

Installing service packs and updates

Question 67

Which of the following statements is true about transient noise?

Options:

A.

It is a momentary low voltage condition.

B.

It is a short duration of power line disruption.

C.

It is a prolonged power supply that is below the normal voltage.

D.

It is an electrical current that does not fluctuate.

Question 68

Which of the following is referred to as Radio Frequency Interference (RFI) and Electromagnetic Interference (EMI)?

Options:

A.

Spike

B.

Brownout

C.

Electrical line noise

D.

Transient

Question 69

In which type of access control do user ID and password system come under?

Options:

A.

Power

B.

Physical

C.

Technical

D.

Administrative

Question 70

Which of the following can provide security against man-in-the-middle attack?

Options:

A.

Strong data encryption during travel

B.

Strong authentication method

C.

Firewall

D.

Anti-virus programs

Question 71

Which of the following types of attacks occurs when attackers enter a system or capture network traffic and make changes to selected files or data packets?

Options:

A.

Brute force attack

B.

Teardrop attack

C.

Dictionary attack

D.

Data diddling attack

Question 72

Which of the following statements about packet filtering is true?

Options:

A.

It is used to store information about confidential data.

B.

It is used to send confidential data on the public network.

C.

It allows or restricts the flow of encrypted packets to provide security.

D.

It allows or restricts the flow of specific types of packets to provide security.

Question 73

The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

Options:

A.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices

B.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

C.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

D.

HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"

Question 74

Which of the following refers to the emulation of the identity of a network computer by an attacking computer?

Options:

A.

Hacking

B.

PING attack

C.

Spoofing

D.

SYN attack

Question 75

How long are cookies in effect if no expiration date is set?

Options:

A.

Forever

B.

Until the session ends.

C.

Fifteen days

D.

One year

Question 76

Which of the following statement about snooping is true?

Options:

A.

It occurs when an unauthorized user tries to log on repeatedly to a computer or network by guessing usernames and passwords.

B.

It is an activity of observing the content that appears on a computer monitor or watching what a user is typing.

C.

It is a technique that makes a transmission appear to have come from an authentic source by forging the IP address.

D.

It is the art of convincing people and making them disclose useful information such as account names and passwords.

Question 77

Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?

Options:

A.

Wiretapping

B.

Spoofing

C.

Data diddling

D.

Eavesdropping

Question 78

Which of the following types of fire comes under Class K fire?

Options:

A.

Cooking oil fire

B.

Electrical fire

C.

Wooden fire

D.

Combustible metal fire

Question 79

Which of the following tools or services is used to find the entire IP address range used by an organization?

Options:

A.

TRACERT

B.

Ping Scanner

C.

PATHPING

D.

Share Scanner

Question 80

Which of the following is a term used to refer to access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge?

Options:

A.

Mail bombing

B.

Piggybacking

C.

Spoofing

D.

Snooping

Question 81

Which authentication method uses retinal scanners for authentication process?

Options:

A.

Biometrics

B.

Challenge Handshake Authentication Protocol (CHAP)

C.

Smart cards

D.

Kerberos

E.

Certifications

F.

Multi-factor

Question 82

Which of the following actions might cause a privacy breach while surfing the Internet?

Options:

A.

Clicking pop-up windows while visiting a Web site.

B.

Conducting only secure transactions.

C.

Deleting mails from unknown sources.

D.

Ignoring banner ads on Web sites.

Question 83

Which of the following encryption strengths is used to secure NTLM version 2 passwords?

Options:

A.

56-bit

B.

32-bit

C.

128-bit

D.

64-bit

Question 84

Which of the following is the default port for Secure Shell (SSH)?

Options:

A.

TCP port 22

B.

UDP port 161

C.

UDP port 138

D.

TCP port 443

Question 85

Which term best describes an e-mail that contains incorrect and misleading information or warnings about viruses?

Options:

A.

Hoax

B.

Spam

C.

Trojan horse

D.

Virus

E.

Rlogin

F.

Blowfish

Question 86

Which of the following components come under the network layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Firewalls

B.

Hub

C.

Routers

D.

MAC addresses

Question 87

A ________ attack occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts.

Options:

A.

Man-in-the-middle

B.

Brute force

C.

Denial of Service (DoS)

D.

Dictionary

Question 88

Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?

Options:

A.

LMHOSTS

B.

Bastion host

C.

Firewall

D.

Gateway

Question 89

Which of the following ports is used by a BOOTP server?

Options:

A.

UDP port 389

B.

UDP port 67

C.

TCP port 80

D.

TCP port 110

Question 90

Which of the following is not a level of military data-classification system?

Options:

A.

Unclassified

B.

Normal

C.

Confidential

D.

Top secret

Question 91

Which of the following is not a level of military data-classification system?

Options:

A.

Unclassified

B.

Normal

C.

Confidential

D.

Top secret

Question 92

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Options:

A.

Visitors

B.

Customers

C.

Employees

D.

Hackers

Question 93

Which of the following IP addresses are private addresses?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

10.0.0.3

B.

192.168.15.2

C.

192.166.54.32

D.

19.3.22.17

Question 94

You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?

Options:

A.

Implement a proxy server on the network.

B.

Implement firewall on the network.

C.

Connect a router to the network.

D.

Connect a brouter to the network.

Question 95

Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?

Options:

A.

Brouter

B.

Router

C.

Hub

D.

Switch

Question 96

Which of the following are tunneling protocols?

Each correct answer represents a complete solution. Choose two.

Options:

A.

SMTP

B.

NNTP

C.

L2TP

D.

PPTP

Question 97

Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?

Options:

A.

DNS server

B.

Firewall

C.

Proxy server

D.

WINS server

Question 98

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Options:

A.

The Physical layer

B.

The Network layer

C.

The Data-Link layer

D.

The Presentation layer

Load More GISP Questions
Demo: 98 questions
Total 659 questions
Get GISP Full Access Download GISP PDF