GISF | The Improved Guide To GISF Training

Cause all that matters here is passing the GIAC GISF exam. Cause all that you need is a high score of GISF GIAC Information Security Fundamentals exam. The only one thing you need to do is downloading Pass4sure GISF exam study guides now. We will not let you down with our money-back guarantee.

Free GISF Demo Online For GIAC Certifitcation:


Fred is the project manager for the TCC Company. His company has an internal policy that states each year they will provide free services to a nonprofit organization. Therefore, the company and its employees are not allowed to charge or receive money or gifts from the nonprofit organization they choose to provide free services. This year, the TCC Company offers to provide project management services to the children's hospital for a marketing campaign to raise money. Due to the TCC Company's project management services, the nonprofit agency exceeded previous years fund raising efforts. To show appreciation the nonprofit organization offered to reimburse the project manager for his travel expenses. Which of the following best describes how the project manager should handle the situation?

  • A. Say thank you and let them pay for the travel, it is the least they can do.
  • B. Tell the hospital no thank you and explain it is against company policy to accept payment for services provided to their pro bono customers.
  • C. Say nothing as to not hurt the feelings of the children's hospital.
  • D. Ask if the hospital could pay for some of the supplies too.

Answer: B


The executive team wants you to track labor costs for your project as well as progress on task completion and the resulting dates. What information must you update for tasks to provide this information?

  • A. Start, Work, and Remaining Work
  • B. Actual Start and Percent Complete
  • C. Actual Start, Actual Work, and Remaining Work
  • D. Actual Start, Percent Complete, and Remaining Duration

Answer: C


You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be
involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

  • A. Recovery
  • B. Contamination
  • C. Identification
  • D. Eradication
  • E. Preparation

Answer: ABD


You have purchased a wireless router for your home network. What will you do first to enhance the security?

  • A. Change the default password and administrator's username on the router
  • B. Disable the network interface card on the computer
  • C. Configure DMZ on the router
  • D. Assign a static IP address to the computers

Answer: A


Which of the following are the goals of the cryptographic systems? Each correct answer represents a complete solution. Choose three.

  • A. Availability
  • B. Authentication
  • C. Confidentiality
  • D. Integrity

Answer: BCD


Which of the following are the types of Intrusion detection system?

  • A. Server-based intrusion detection system (SIDS)
  • B. Client based intrusion detection system (CIDS)
  • C. Host-based intrusion detection system (HIDS)
  • D. Network intrusion detection system (NIDS)

Answer: CD


Availability Management allows organizations to sustain the IT service availability to support the business at a justifiable cost. Which of the following elements of Availability Management is used to perform at an agreed level over a period of time?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Maintainability
  • B. Resilience
  • C. Error control
  • D. Recoverability
  • E. Reliability
  • F. Security
  • G. Serviceability

Answer: ABDEFG


Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration.
The tool uses raw IP packets to determine the following:
What ports are open on our network systems. What hosts are available on the network. Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering. What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use. Which of the following tools is Victor using?

  • A. Nessus
  • B. Kismet
  • C. Nmap
  • D. Sniffer

Answer: C


You are the program manager of the BHG Program. One of the projects in your program will be using new materials that are somewhat untested. You are worried that there may be delays and waste because the project team is unaware of how to accurately use these materials. You elect to send the people that will be using the new materials through training on how to complete their project work. You also allow them to purchase some of the materials to experiment on their use before the actual project work is to be done. You want to ensure that mistakes do not enter into the project. What type of action have you provided in this scenario?

  • A. This is an example of team development.
  • B. This is an example of a corrective action.
  • C. This is an example of quality assurance.
  • D. This is an example of a preventive action.

Answer: D


Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

  • A. IPLog
  • B. Snort
  • C. Timbersee
  • D. Swatch

Answer: B


You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.
  • B. Look at the Web servers logs and normal traffic logging.
  • C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.
  • D. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

Answer: ABD


You work in a company that accesses the Internet frequently. This makes the company's files susceptible to attacks from unauthorized access. You want to protect your company's network from external attacks. Which of the following options will help you in achieving your aim?

  • A. FTP
  • B. Gopher
  • C. Firewall
  • D. HTTP

Answer: C


Maria works as a professional Ethical Hacker. She is assigned a project to test the security of She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

  • A. Smurf DoS attack
  • B. Teardrop attack
  • C. Fraggle DoS attack
  • D. Ping flood attack

Answer: C


You are concerned about an attacker being able to get into your network. You want to make sure that you are informed of any network activity that is outside normal parameters. What is the best way to do this?

  • A. Utilize protocol analyzers.
  • B. User performance monitors.
  • C. Implement signature based antivirus.
  • D. Implement an anomaly based IDS.

Answer: D


You work as a Network Administrator for McRoberts Inc. You are required to upgrade a client computer on the company's network to Windows Vista Ultimate. During installation, the computer stops responding, and the screen does not change. What is the most likely cause?

  • A. Teardrop attack
  • B. Replay attack
  • C. Denial-of-Service (DoS) attack
  • D. Polymorphic shell code attack

Answer: C


Which of the following types of attack can guess a hashed password?

  • A. Teardrop attack
  • B. Evasion attack
  • C. Denial of Service attack
  • D. Brute force attack

Answer: D


Under the SMART scheme, the Predictive Failure Analysis Technology is used to determine the failure or crash for which of the following parts of a computer system?

  • A. Operating System
  • B. Hard Disc drive
  • C. Software
  • D. Internet Browser

Answer: B


Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

  • A. Disaster Invocation Guideline
  • B. Business Continuity Strategy
  • C. Index of Disaster-Relevant Information
  • D. Availability/ ITSCM/ Security Testing Schedule

Answer: B


Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address. He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Forward a copy of the spam to the ISP to make the ISP conscious of the spam.
  • B. Send an email to the domain administrator responsible for the initiating IP address.
  • C. Report the incident to the FTC (The U.
  • D. Federal Trade Commission) by sending a copy of the spam message.
  • E. Close existing email account and open new email account.

Answer: AC


100% Valid and Newest Version GISF Questions & Answers shared by, Get Full Dumps HERE: (New 333 Q&As)