giac gisf practice test

GIAC Information Security Fundamentals

Last exam update: Nov 18 ,2025
Page 1 out of 30. Viewing questions 1-15 out of 450

Question 1

Your company is covered under a liability insurance policy, which provides various liabilitycoverage
for information security risks, including any physical damage of assets, hacking attacks,etc. Which of
the following risk management techniques is your company using?

  • A. Risk acceptance
  • B. Risk transfer
  • C. Risk avoidance
  • D. Risk mitigation
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

You have successfully installed an IRM server into your environment. This IRM server will be utilized
to protect the company's videos, which are available to all employees but contain sensitive data. You
log on to the WSS 3.0 server with administrator permissions and navigate to the Operations section.
What option should you now choose so that you can input the RMS server name for the WSS 3.0
server to use?

  • A. Self-service site management
  • B. Content databases
  • C. Information Rights Management
  • D. Define managed paths
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

You work as a security manager for Qualxiss Inc. Your Company involves OODA loop for resolvingand
deciding over company issues. You have detected a security breach issue in your company.
Which of the following procedures regarding the breach is involved in the observe phase of the
OODA loop?

  • A. Follow the company security guidelines.
  • B. Decide an activity based on a hypothesis.
  • C. Implement an action practically as policies.
  • D. Consider previous experiences of security breaches.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

How should you configure the Regional Centers' e-mail, so that it is secure and encrypted?
(Click the Exhibit button on the toolbar to see the case study.)

  • A. Use EFS.
  • B. Use IPSec.
  • C. Use S/MIME.
  • D. Use TLS.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

How long are cookies in effect if no expiration date is set?

  • A. Fifteen days
  • B. Until the session ends.
  • C. Forever
  • D. One year
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

You work as a Network Administrator for ABC Inc. The company has a secure wireless network.
However, in the last few days, an attack has been taking place over and over again. This attack
istaking advantage of ICMP directed broadcast. To stop this attack, you need to disable ICMPdirected
broadcasts. Which of the following attacks is taking place?

  • A. Smurf attack
  • B. Sniffer attack
  • C. Cryptographic attack
  • D. FMS attack
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.

  • A. It is a virus.
  • B. It contains Trojans.
  • C. It is antivirus.
  • D. It is a collection of various hacking tools.
Mark Question:
Answer:

B,D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Based on the information given in the case study, which two authentication methods should youuse
to allow customers to access their photos on the Web site?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a part of the solution. Choose two.

  • A. Basic authentication without SSL
  • B. Digest authentication with SSL
  • C. Integrated Windows authentication
  • D. Anonymous access
  • E. Basic authentication with SSL
  • F. Digest authentication without SSL
Mark Question:
Answer:

B,E

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 9

Which of the following are the goals of the cryptographic systems?
Each correct answer represents a complete solution. Choose three.

  • A. Availability
  • B. Authentication
  • C. Confidentiality
  • D. Integrity
Mark Question:
Answer:

B,C,D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

John works as an Exchange Administrator for Apple Inc. The company has a Windows 2003
ActiveDirectory domain-based network. The network contains several Windows Server 2003 servers.
Threeof them have been configured as domain controllers. John complains to the Network
Administrator thathe is unable to manage group memberships. Which of the following operations
master roles isresponsible for managing group memberships?

  • A. PDC emulator
  • B. Infrastructure master
  • C. Schema master
  • D. RID master
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

You are the project manager of SST project. You are in the process of collecting and distributing
performance information including status report, progress measurements, and forecasts. Which of
the following process are you performing?

  • A. Perform Quality Control
  • B. Verify Scope
  • C. Report Performance
  • D. Control Scope
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based
network. The company is aware of various types of security attacks and wants to impede them.
Hence, management has assigned John a project to port scan the company's Web Server. For this, he
uses the nmap port scanner and issues the following command to perform idle port scanning:
nmap -PN -p- -sI IP_Address_of_Company_Server
He analyzes that the server's TCP ports 21, 25, 80, and 111 are open.
Which of the following security policies is the company using during this entire process to mitigate
therisk of hacking attacks?

  • A. Audit policy
  • B. Antivirus policy
  • C. Non-disclosure agreement
  • D. Acceptable use policy
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which of the following protocols provides secured transaction of data between two computers?

  • A. SSH
  • B. FTP
  • C. Telnet
  • D. RSH
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

A firewall is a combination of hardware and software, used to provide security to a network. It isused
to protect an internal network or intranet against unauthorized access from the Internet orother
outside networks. It restricts inbound and outbound access and can analyze all trafficbetween an
internal network and the Internet. Users can configure a firewall to pass or blockpackets from
specific IP addresses and ports. Which of the following tools works as a firewall forthe Linux 2.4
kernel?

  • A. IPChains
  • B. OpenSSH
  • C. Stunnel
  • D. IPTables
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Which of the following concepts represent the three fundamental principles of informationsecurity?
Each correct answer represents a complete solution. Choose three.

  • A. Privacy
  • B. Availability
  • C. Integrity
  • D. Confidentiality
Mark Question:
Answer:

B,C,D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2