GISF | Top Tips Of Up To The Minute GISF Sample Question

It is impossible to pass GIAC GISF exam without any help in the short term. Come to Examcollection soon and find the most advanced, correct and guaranteed GIAC GISF practice questions. You will get a surprising result by our Abreast of the times GIAC Information Security Fundamentals practice guides.

Online GISF free questions and answers of New Version:


You work as an Application Developer for uCertify Inc. The company uses Visual Studio
.NET Framework 3.5 as its application development platform. You are working on a WCF service. You have decided to implement transport level security. Which of the following security protocols will you use?

  • A. Kerberos
  • B. HTTPS
  • C. RSA
  • D. IPSEC

Answer: B


You work as a security manager for Qualxiss Inc. Your Company involves OODA loop for resolving and deciding over company issues. You have detected a security breach issue in your company.
Which of the following procedures regarding the breach is involved in the observe phase of the OODA loop?

  • A. Follow the company security guidelines.
  • B. Decide an activity based on a hypothesis.
  • C. Implement an action practically as policies.
  • D. Consider previous experiences of security breaches.

Answer: A


Which of the following books is used to examine integrity and availability?

  • A. Brown Book
  • B. Red Book
  • C. Purple Book
  • D. Orange Book

Answer: B


Which of the following IDS/IPS detection methods do the URLs use to detect and prevent an attack?

  • A. Encryption-based detection
  • B. Policy-based detection
  • C. Signature-based detection
  • D. Internet bot detection

Answer: C


Which of the following processes is described in the statement below?
"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

  • A. Perform Quantitative Risk Analysis
  • B. Perform Qualitative Risk Analysis
  • C. Monitor and Control Risks
  • D. Identify Risks

Answer: C


Which of the following service provider classes is used to create a digital signature?

  • A. RC2CryptoServiceProvider
  • B. RNGCryptoServiceProvider
  • C. DESCryptoServiceProvider
  • D. SHA1CryptoServiceProvider
  • E. MD5CryptoServiceProvider
  • F. DSACryptoServiceProvider

Answer: F


The MBR of a hard disk is a collection of boot records that contain disk information such as disk architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating system files that are required to run a hard disk. In the context of the operating system, MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.

  • A. Boot sector
  • B. Multipartite
  • C. File
  • D. Stealth

Answer: AB


Which of the following authentication methods uses MD5 hash encoding while transferring credentials over a network?

  • A. .NET Passport authentication
  • B. Advanced Digest authentication
  • C. Integrated Windows authentication
  • D. Digest authentication

Answer: B


NIST Special Publication 800-50 is a security awareness program. It is designed for those people who are currently working in the information technology field and want to the information security policies.
Which of the following are its significant steps?
Each correct answer represents a complete solution. Choose two.

  • A. Awareness and Training Material Effectiveness
  • B. Awareness and Training Material Development
  • C. Awareness and Training Material Implementation
  • D. Awareness and Training Program Design

Answer: BD


You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

  • A. SHA
  • B. AES
  • C. MD5
  • D. DES

Answer: C


You work as a Network Administrator for Infosec Inc. You find that not only have security applications running on the server, including software firewalls, anti-virus programs, and anti-spyware programs been disabled, but anti-virus and anti-spyware definitions have also been deleted. You suspect that this situation has arisen due to malware infection. Which of the following types of malware is the most likely cause of the issue?

  • A. Whack-A-Mole
  • B. FireKiller 2000
  • C. Beast
  • D. SubSeven

Answer: B


You are the project manager of the HHH Project. The stakeholders for this project are scattered across the world and you need a method to promote interaction. You determine that a Web conferencing software would be the most cost effective solution. The stakeholders can watch a slide show while you walk them through the project details. The stakeholders can hear you, ask questions via a chat software, and post concerns. What is the danger in this presentation?

  • A. 55 percent of all communication is nonverbal and this approach does not provide non- verbal communications.
  • B. The technology is not proven as reliable.
  • C. The stakeholders won't really see you.
  • D. The stakeholders are not required to attend the entire session.

Answer: A


John works as a professional Ethical Hacker. He is assigned a project to test the security of He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

  • A. Hunt
  • B. IPChains
  • C. Ethercap
  • D. Tripwire

Answer: A


The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

  • A. Organizing a solution to remove an incident
  • B. Building up an incident response kit
  • C. Working with QA to validate security of the enterprise
  • D. Setting up the initial position after an incident

Answer: B


Which of the following is used to determine whether or not a principal is allowed to perform a requested action?

  • A. Authentication
  • B. Security policy
  • C. Authorization
  • D. Principal

Answer: C


Your company is going to add wireless connectivity to the existing LAN. You have concerns about the security of the wireless access and wish to implement encryption. Which of the following would be the best choice for you to use?

  • A. WAP
  • B. WEP
  • C. DES
  • D. PKI

Answer: B


Which of the following tools can be used for stress testing of a Web server? Each correct answer represents a complete solution. Choose two.

  • A. Internet bots
  • B. Spyware
  • C. Scripts
  • D. Anti-virus software

Answer: AC


Which of the following protocols work at the Network layer of the OSI model?

  • A. Internet Group Management Protocol (IGMP)
  • B. Simple Network Management Protocol (SNMP)
  • C. Routing Information Protocol (RIP)
  • D. File Transfer Protocol (FTP)

Answer: AC


Which of the following are the levels of public or commercial data classification system? Each correct answer represents a complete solution. Choose all that apply.

  • A. Sensitive
  • B. Unclassified
  • C. Confidential
  • D. Public
  • E. Secret
  • F. Private

Answer: ACDF


100% Valid and Newest Version GISF Questions & Answers shared by Surepassexam, Get Full Dumps HERE: (New 333 Q&As)