GCIA | What High Quality GCIA Exam Engine Is

NEW QUESTION 1
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

What is the IP address of the sender of this email?

• A. 216.168.54.25
• B. 141.1.1.1
• C. 172.16.10.90
• D. 209.191.91.180

Answer: A

NEW QUESTION 2
John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?

• A. Rainbow attack
• B. DoS attack
• C. ARP spoofing
• D. Replay attack

Answer: B

NEW QUESTION 3
Sniffer operates at which layer of the OSI reference model?

• A. Data Link
• B. Physical
• C. Transport
• D. Presentation

Answer: A

NEW QUESTION 4
Which of the following is the purpose of creating a Demilitarized zone (DMZ) in an enterprise network?

• A. Performing Isolation
• B. Creating Autonomous Systems
• C. Intrusion Detection
• D. Military usage

Answer: A

NEW QUESTION 5
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?

• A. Brute Force attack
• B. Hybrid attack
• C. Dictionary attack
• D. Rainbow attack

Answer: D

NEW QUESTION 6
Which of the following image file formats uses a lossy data compression technique?

• A. GIF
• B. JPG
• C. PNG
• D. TIF

Answer: B

NEW QUESTION 7
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

• A. Enable verbose logging on the firewall
• B. Install a network-based IDS
• C. Install a DMZ firewall
• D. Install a host-based IDS

Answer: B

NEW QUESTION 8
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except ports that must be used.
He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

• A. Block ICMP type 13 messages
• B. Block all outgoing traffic on port 21
• C. Block all outgoing traffic on port 53
• D. Block ICMP type 3 messages

Answer: A

NEW QUESTION 9
Which of the following tools can be used for passive OS fingerprinting?

• A. dig
• B. nmap
• C. ping
• D. tcpdump

Answer: D

NEW QUESTION 10
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter committing?

• A. E-mail spoofing
• B. E-mail bombing
• C. E-mail Storm
• D. E-mail Spam

Answer: D

NEW QUESTION 11
Which of the following port numbers are valid ephemeral port numbers?
Each correct answer represents a complete solution. Choose two.

• A. 143
• B. 1025
• C. 161
• D. 1080

Answer: BD

NEW QUESTION 12
Which of the following protocols is used by TFTP as a file transfer protocol?

• A. UDP
• B. SNMP
• C. TCP
• D. SMTP

Answer: A

NEW QUESTION 13
Which of the following can be monitored by using the host intrusion detection system (HIDS)?
Each correct answer represents a complete solution. Choose two.

• A. Computer performance
• B. File system integrity
• C. Storage space on computers
• D. System files

Answer: BD

NEW QUESTION 14
Which of the following types of firewall ensures that the packets are part of the established session?

• A. Switch-level firewall
• B. Application-level firewall
• C. Stateful inspection firewall
• D. Circuit-level firewall

Answer: C

NEW QUESTION 15
Which of the following statements is true about ICMP packets?
Each correct answer represents a complete solution. Choose all that apply.

• A. The PING utility uses them to verify connectivity between two host
• B. They guarantee the delivery of datagram
• C. They are encapsulated within IP datagram
• D. They use UDP datagram
• E. They are used to report errors if a problem in IP processing occur

Answer: ACE

NEW QUESTION 16
Which of the following utilities provides an efficient way to give specific users permission to use specific system commands at the root level of a Linux operating system?

• A. SSH
• B. SUDO
• C. Apache
• D. Snort

Answer: B

NEW QUESTION 17
Which of the following attacks is designed to deduce the brand and/or version of an operating system or application?

• A. Vulnerability assessment
• B. Banner grabbing
• C. OS fingerprinting
• D. Port scanning

Answer: B

NEW QUESTION 18
You work as a Network Administrator in a company. The NIDS is implemented on the network.
You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

• A. Promiscuous
• B. Audit mode
• C. Full Duplex
• D. Half duplex

Answer: A

NEW QUESTION 19
......