GCIA | How Many Questions Of GCIA Exam

Testking offers free demo for GCIA exam. "GIAC Certified Intrusion Analyst", also known as GCIA exam, is a GIAC Certification. This set of posts, Passing the GIAC GCIA exam, will help you answer those questions. The GCIA Questions & Answers covers all the knowledge points of the real exam. 100% real GIAC GCIA exams and revised by experts!

Check GCIA free dumps before getting the full version:

NEW QUESTION 1
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Nessus
  • B. Whisker
  • C. Y.A.
  • D. Fragroute

Answer: AB

NEW QUESTION 2
Maria works as the Chief Security Officer for CertLeader Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?

  • A. Encryption
  • B. Public-key cryptography
  • C. Steganography
  • D. RSA algorithm

Answer: C

NEW QUESTION 3
You are using the TRACERT utility to trace the route to CertLeader.com. You receive the following output:
Which of the following conclusions can you draw from viewing the output?
Each correct answer represents a complete solution. Choose two.

  • A. Everything is fin
  • B. One of the routers on the path to the destination is not functiona
  • C. The destination computer is not operationa
  • D. The IP address of the destination computer is not resolve

Answer: BC

NEW QUESTION 4
Which of the following is the process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks?

  • A. Alarm filtering
  • B. Confidence value
  • C. Reactive system
  • D. Site policy

Answer: A

NEW QUESTION 5
You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network.
You are configuring an Internet connection for your company. Your Internet service provider (ISP) has a UNIX-based server. Which of the following utilities will enable you to access the UNIX server, using a text-based connection?

  • A. TELNET
  • B. IPCONFIG
  • C. PING
  • D. FTP
  • E. TRACERT

Answer: A

NEW QUESTION 6
Which of the following types of attacks uses ICMP to consume bandwidth and crash sites?

  • A. MITM attack
  • B. SYN flood attack
  • C. TFN attack
  • D. XSS attack

Answer: C

NEW QUESTION 7
How many bits does IPv6 use in IP addresses?

  • A. 40 bits
  • B. 32 bits
  • C. 64 bits
  • D. 128 bits

Answer: D

NEW QUESTION 8
Peter works as a professional Computer Hacking Forensic Investigator for eLaw-Suit law firm. He is working on a case of a cyber crime. Peter knows that the good investigative report should not only communicate the relevant facts, but also present expert opinion. This report should not include the cases in which the expert acted as a lay witness. Which of the following type of witnesses is a lay witness?

  • A. One who can give a firsthand account of something seen, heard, or experience
  • B. One with special knowledge of the subject about which he or she is testifyin
  • C. One who observes an even
  • D. One who is not qualified as an expert witnes

Answer: D

NEW QUESTION 9
Which of the following commands prints out the headers of packets regarding the boolean expression?

  • A. tcpdump
  • B. vmstat
  • C. iftop
  • D. iostat

Answer: A

NEW QUESTION 10
Which of the following types of scan does not open a full TCP connection?

  • A. ACK scan
  • B. FIN scan
  • C. Stealth scan
  • D. Idle scan

Answer: C

NEW QUESTION 11
Which of the following is the default port for Simple Network Management Protocol (SNMP)?

  • A. TCP port 110
  • B. TCP port 25
  • C. TCP port 80
  • D. UDP port 161

Answer: D

NEW QUESTION 12
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a multimedia enabled mobile phone, which is suspected to be used in a cyber crime. Adam uses a tool, with the help of which he can recover deleted text messages, photos, and call logs of the mobile phone. Which of the following tools is Adam using?

  • A. FAU
  • B. FTK Imager
  • C. Galleta
  • D. Device Seizure

Answer: D

NEW QUESTION 13
You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domainbased network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

  • A. Configure Internet Protocol Security (IPSec).
  • B. Disable Windows firewall loggin
  • C. Enable Windows firewall loggin
  • D. Configure Network address translation (NAT).

Answer: C

NEW QUESTION 14
You work as a Network Administrator for Tech Perfect Inc. The office network is configured as an IPv6 network. You have to configure a computer with the IPv6 address, which is equivalent to an IPv4 publicly routable address. Which of the following types of addresses will you choose?

  • A. Site-local
  • B. Global unicast
  • C. Local-link
  • D. Loopback

Answer: B

NEW QUESTION 15
Which of the following processes is used to convert plain text into cipher text?

  • A. Encryption
  • B. Decryption
  • C. Encapsulation
  • D. Steganography

Answer: A

NEW QUESTION 16
Which of the following protocols does IPsec use to perform various security functions in the network?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Encapsulating Security Payload
  • B. Internet Key Exchange
  • C. Skinny Client Control Protocol
  • D. Authentication Header

Answer: ABD

NEW QUESTION 17
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. A firewall has been configured on the network. You configure a filter on the router. You verify that SMTP operations have stopped after the recent configuration. Which of the following ports will you have to open on the router to resolve the issue?

  • A. 25
  • B. 21
  • C. 80
  • D. 20

Answer: A

NEW QUESTION 18
You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline. This type of IDS is called __________.

  • A. Anomaly Based
  • B. Reactive IDS
  • C. Passive IDS
  • D. Signature Based

Answer: A

NEW QUESTION 19
......

Thanks for reading the newest GCIA exam dumps! We recommend you to try the PREMIUM Certshared GCIA dumps in VCE and PDF here: https://www.certshared.com/exam/GCIA/ (508 Q&As Dumps)