GSNA | The Most Recent Guide To GSNA Sample Question
Cause all that matters here is passing the GIAC GSNA exam. Cause all that you need is a high score of GSNA GIAC Systems and Network Auditor exam. The only one thing you need to do is downloading Actualtests GSNA exam study guides now. We will not let you down with our money-back guarantee.
Also have GSNA free dumps questions for you:
NEW QUESTION 1
Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?
- A. Warkitting
- B. War driving
- C. Wardialing
- D. Demon dialing
War dialing or wardialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers - hackers that specialize in computer security - for password guessing. Answer A is incorrect. Warkitting is a combination of wardriving and rootkitting. In a warkitting attack, a hacker replaces the firmware of an attacked router. This allows them to control all traffic for the victim, and could even permit them to disable SSL by replacing HTML content as it is being downloaded. Warkitting was identified by Tsow, Jakobsson, Yang, and Wetzel in 2006. Their discovery indicated that 10% of the wireless routers were susceptible to WAPjacking (malicious configuring of the firmware settings, but making no modification on the firmware itself) and 4.4% of wireless routers were vulnerable to WAPkitting (subverting the router firmware). Their analysis showed that the volume of credential theft possible through Warkitting exceeded the estimates of credential theft due to phishing. Answer D is incorrect. In the computer hacking scene of the 1980s, demon dialing was a technique by which a computer is used to repeatedly dial a number (usually to a crowded modem pool) in an attempt to gain access immediately after another user had hung up. The expansion of accessible Internet service provider connectivity since that time more or less rendered the practice obsolete. The term "demon dialing" derives from the Demon Dialer product from Zoom Telephonics, Inc., a telephone device produced in the 1980s which repeatedly dialed busy telephone numbers under control of an extension phone. Answer B is incorrect. War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war driving, one needs a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a wireless LAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources.
NEW QUESTION 2
The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol. Which of the following is supported by the LEAP protocol?
- A. Dynamic key encryption
- B. Public key certificate for server authentication
- C. Strongest security level
- D. Password hash for client authentication
LEAP can use only password hash as the authentication technique. Not only LEAP, but EAP-TLS, EAP-TTLS, and PEAP also support dynamic key encryption and mutual authentication. Answer C is incorrect. LEAP provides only a moderate level of security. Answer B is incorrect. LEAP uses password hash for server authentication.
NEW QUESTION 3
You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes. Which of the following files store a copy of the data dictionary? (Choose two)
- A. Online redo log files
- B. Operating system flat file
- C. Dump file
- D. Control file
LogMiner requires a dictionary to translate object IDs into object names when it returns redo data to you. You have the following three options to retrieve the data dictionary: The Online catalog: It is the most easy and efficient option to be used. It is used when a database user have access to the source database from which the redo log files were created. The other condition that should qualify is that there should be no changes to the column definitions in the desired tables. The Redo Log Files: This option is used when a database user does not have access to the source database from which the redo log files were created and if there is any chances of changes to the column definitions of the desired tables. An operating system flat file: Oracle does not recommend to use this option, but it is retained for backward compatibility. The reason for not preferring the option is that it does not guarantee transactional consistency. LogMiner is capable to access the Oracle redo logs. It keeps the complete record of all the activities performed on the database, and the associated data dictionary, which is used to translate internal object identifiers and types to external names and data formats. For offline analysis, LogMiner can be run on a separate database, using archived redo logs and the associated dictionary from the source database.
NEW QUESTION 4
You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
- A. Vulnerabilities that allow a remote cracker to control sensitive data on a system
- B. Misconfiguration (e.
- C. open mail relay, missing patches, etc.)
- D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
- E. Vulnerabilities that help in Code injection attacks
Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example: Vulnerabilities that allow a remote cracker to control or access sensitive data on a system. Misconfiguration (e.g. open mail relay, missing patches, etc). Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack. Denials of service against the TCP/IP stack by using mangled packets. On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user. For Windows, Nessus 3 installs as an executable and has a self-contained scanning, reporting, and management system. Operations: In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap ) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction. Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also gives access to support and additional scripts (audit and compliance tests). Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML, and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners. If the user chooses to do so (by disabling the option 'safe checks'), some of Nessus's vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production. Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA's guide for hardening Windows servers. Answer D is incorrect. Nessus cannot be used to scan vulnerabilities that help in Code injection attacks.
NEW QUESTION 5
You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site. Which type of style sheet will you use?
- A. Internal Style Sheet
- B. External Style Sheet
- C. Inline Style Sheet
- D. Embedded Style Sheet
To apply the same style consistently throughout your Web site you should use external style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628
NEW QUESTION 6
Mark works as a Database Administrator for MarLinc Inc. How will he execute a SQL command from the SQL buffer?
- A. Enter an asterisk (*)
- B. Enter a semicolon (;)
- C. Press [ESC] twice
- D. Press [RETURN] twice
- E. Enter a slash (/)
SQL buffer stores the most recently used SQL commands and PL/SQL blocks. It does not store the SQL* Plus commands. The SQL buffer can be edited or saved to a file. A SQL command or a PL/SQL block can be executed by entering a semicolon (;) or a slash (/), or by using the RUN command at the command prompt. When a semicolon (;) is entered at the end of a command, the command is completed and executed. When a slash (/) is entered on a new line, the command in the buffer is executed. It can also be used to execute a PL/SQL block. The RUN command is used to execute a command in the buffer. A SQL command can be saved in the buffer by entering a blank line. Reference: Oracle8i Online Documentation, Contents: "SQL*PLUS Users Guide and Reference", "Learning SQL*PLUS Basics, 3 of 4"
NEW QUESTION 7
Which of the following controls define the direction and behavior required for technology to function properly?
- A. Detailed IS controls
- B. General controls
- C. Application controls
- D. Pervasive IS controls
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The pervasive control permeates the area by using a greater depth of control integration over a wide area of influence. Answer B is incorrect. General controls are the parent class of controls that governs all areas of a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. Answer A is incorrect. Detailed IS controls are controls used for manipulating the on-going tasks in an organization. Some of the specific tasks require additional detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as: The way system security parameters are set. How input data is verified before being accepted into an application. How to lock a user account after unsuccessful logon attempts. How the department handles acquisitions, security, delivery, implementation, and support of IS services. Answer C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in the control family. An activity should be filtered through the general controls, then the pervasive controls and detailed controls, before reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that each system meets the requirement.
NEW QUESTION 8
You are responsible for a large network that has its own DNS servers. You periodically check the log to see if there are any problems. Which of the following are likely errors you might encounter in the log? (Choose three)
- A. The DNS server could not create FTP socket for address [IP address of server]
- B. The DNS server could not create an SMTP socket
- C. Active Directory Errors
- D. The DNS server could not create a Transmission Control Protocol (TCP) socket
- E. The DNS server could not initialize the Remote Procedure Call (RPC) service
There are a number of errors one could find in a Windows Server 2003 DNS log. They are as follows: The DNS server could not create a Transmission Control Protocol. The DNS server could not open socket for address. The DNS server could not initialize the Remote Procedure Call (RPC) service. The DNS server could not bind the main datagram socket. The DNS Server service relies on Active Directory to store and retrieve information for Active Directory-integrated zones. And several active directory errors are possible. Answer B is incorrect. DNS Servers do not create FTP connections. Answer A is incorrect. DNS Servers do not create SMTP connections.
NEW QUESTION 9
You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?
- A. Group access policies
- B. Backup policies
- C. User access policies
- D. Storage and retention policies
Storage and retention policies will determine how long you keep records (such as records of customers Web activity), how you will store them, and how you will dispose of them. This will allow you to know what records you should still have on hand should a legal request for such records come in. Answer C is incorrect. User policies might determine what a customer has access to, but won't help you identify what they actually did access. Answer A is incorrect. Group policies are usually pertinent to network administration, not the open and uncontrolled environment of an ISP. Answer B is incorrect. Backup policies dictate how data is backed up and stored.
NEW QUESTION 10
You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:
Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?
- A. A protocol rule that allows the use of HTTP has not been created.
- B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
- C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
- D. A protocol rule that allows the use of HTTPS has not been created.
The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.
NEW QUESTION 11
You have to move the whole directory /foo to /bar. Which of the following commands will you use to accomplish the task?
- A. mv /bar /foo
- B. mv -R /foo /bar
- C. mv /foo /bar
- D. mv -r /bar /foo
You will use the mv /foo /bar command to move the whole directory /foo to /bar. The mv command moves files and directories from one directory to another or renames a file or directory. mv must always be given at least two arguments. The first argument is given as a source file. The second argument is interpreted as the destination. If destination is an existing directory, the source file is moved to that directory with the same name as the source. If the destination is any other directory, the source file is moved and/or renamed to that destination name. Syntax : mv [options] source destination Some important options used with mv command are as follows:
Answer A is incorrect. The mv /bar /foo command will move the whole /bar directory to the /foo directory. Answer B, D are incorrect. These are not valid Linux commands.
NEW QUESTION 12
You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router. You run the following command for a router interface: show interface serial0 You get the following output: Serial0 is administratively down, line protocol is down What will be your conclusion after viewing this output?
- A. There is a physical problem either with the interface or the cable attached to it.
- B. The router has no power.
- C. There is a problem related to encapsulation.
- D. The interface is shut down.
According to the question, the output displays that the interface is administratively down. Administratively down means that the interface is shut down. In order to up the interface, you will have to open the interface with the no shutdown command. Answer A is incorrect. Had there been a physical problem with the interface, the output would not have displayed "administratively down". Instead, the output would be as follows: serial0 is down, line protocol is down Answer B is incorrect. You cannot run this command on a router that is powered off. Answer C is incorrect. Encapsulation has nothing to do with the output displayed in the question.
NEW QUESTION 13
Which of the following allows the use of multiple virtual servers using different DNS names resolved by the same IP address?
- A. HTTP 1.1
- B. JAVA
- C. HTML
- D. VPN
HTTP 1.1 allows the use of multiple virtual servers, all using different DNS names resolved by the same IP address. The WWW service supports a concept called virtual server. A virtual server can be used to host multiple domain names on the same physical Web server. Using virtual servers, multiple FTP sites and Web sites can be hosted on a single computer. It means that there is no need to allocate different computers and software packages for each site. Answer D is incorrect. VPN stands for virtual private network. It allows users to use the Internet as a secure pipeline to their corporate local area networks (LANs). Remote users can dial-in to any local Internet Service Provider (ISP) and initiate a VPN session to connect to their corporate LAN over the Internet. Companies using VPNs significantly reduce long-distance dial-up charges. VPNs also provide remote employees with an inexpensive way of remaining connected to their company's LAN for extended periods.
Answer B is incorrect. Java is an object oriented programming language developed by Sun Microsystems. It allows the creation of platform independent executables. Java source code files are compiled into a format known as bytecode (files with .class extension). Java supports programming for the Internet in the form of Java applets. Java applets can be executed on a computer having a Java interpreter and a run-time environment known as Java Virtual Machine (JVM). Java Virtual Machines (JVMs) are available for most operating systems, including UNIX, Macintosh OS, and Windows. Answer C is incorrect. HTML stands for Hypertext Markup Language. It is a set of markup symbols or codes used to create Web pages and define formatting specifications. The markup tells the Web browser how to display the content of the Web page.
NEW QUESTION 14
This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows: It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc. It is commonly used for the following purposes: a.War driving b.Detecting unauthorized access pointsc.Detecting causes of interference on a WLAN d.WEP ICV error trackinge.Making Graphs and Alarms on 802.11 Data, including Signal Strength This tool is known as .
- A. THC-Scan
- B. NetStumbler
- C. Absinthe
- D. Kismet
NetStumbler is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of NetStumbler are as follows: It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc. It is commonly used for the following purposes: a.War driving b.Detecting unauthorized access points c.Detecting causes of interference on a WLAN d.WEP ICV error tracking e.Making Graphs and Alarms on 802.11 Data, including Signal Strength
Answer D is incorrect. Kismet is an IEEE 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Answer A is incorrect. THC-Scan is a war-dialing tool. Answer C is incorrect. Absinthe is an automated SQL injection tool.
NEW QUESTION 15
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He wants to forward all the kernel messages to the remote host having IP address 192.168.0.1. Which of the following changes will he perform in the syslog.conf file to accomplish the task?
- A. kern.* @192.168.0.1
- B. !*.* @192.168.0.1
- C. !kern.* @192.168.0.1
- D. *.* @192.168.0.1
According to the scenario, John will make the following entry in the syslog.conf file to forward all the kernel messages to the remote host having IP address 192.168.0.1: kern.* @192.168.0.1 Answer D is incorrect. This entry will forward all the messages to the remote host having IP address 192.168.0.1. Answer B is incorrect. This entry will not forward any message to the remote host having IP address 192.168.0.1. Answer C is incorrect. This entry will not forward any kernel message to the remote host having IP address 192.168.0.1.
NEW QUESTION 16
You work as a Network Analyst for XYZ CORP. The company has a Unix-based network. You want to view the directories in alphabetical order. Which of the following Unix commands will you use to accomplish the task?
- A. cat
- B. chmod
- C. cp
- D. ls
In Unix, the ls command is used to view the directories in alphabetical order. Answer A is incorrect. In Unix, the cat command in Unix is used to create or display short files. Answer B is incorrect. In Unix, the chmod command is used to change permissions. Answer C is incorrect. In Unix, the cp command is used for copying files.
NEW QUESTION 17
Which of the following mechanisms is closely related to authorization?
- A. Sending secret data such as credit card information.
- B. Allowing access to a particular resource.
- C. Verifying username and password.
- D. Sending data so that no one can alter it on the way.
Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer C is incorrect. Verifying username and password describes the mechanism of authentication. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer D is incorrect. Sending data so that no one can alter it on the way describes the mechanism of data integrity. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source. Answer A is incorrect. Sending secret data such as credit card information describes the mechanism of confidentiality. Confidentiality is a mechanism that ensures that only the intendeA, Duthorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it.
NEW QUESTION 18
P.S. Easily pass GSNA Exam with 368 Q&As Dumps-hub.com Dumps & pdf Version, Welcome to Download the Newest Dumps-hub.com GSNA Dumps: https://www.dumps-hub.com/GSNA-dumps.html (368 New Questions)