GIAC gisp practice test

GIAC Information Security Professional Exam


Question 1

Which of the following is a technique used to attack an Ethernet wired or wireless network?
A. DNS poisoning
B. Keystroke logging
C. Mail bombing
184/185
Questions & Answers PDF
P-
D. ARP poisoning

Answer:

D
185/185

Discussions

Question 2

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the
browser's address bar, you are able to access the site. But, you are unable to access the site when
you enter http://www.PassGuide.com. What is the most likely cause?

  • A. The site's Web server has heavy traffic.
  • B. WINS server has no NetBIOS name entry for the server.
  • C. DNS entry is not available for the host name.
  • D. The site's Web server is offline.
Answer:

C

Discussions

Question 3

Identify whether the given statement is true or false.
"Replay attack is a type of attack in which attackers capture packets containing passwords or digital
signatures whenever packets pass between two hosts on a network."

  • A. False
  • B. True
Answer:

B

Discussions

Question 4

The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from
children under __ years of age without verifiable permission of a parent?

  • A. 15
  • B. 13
  • C. 10
  • D. 21
  • E. 18
Answer:

B

Discussions

Question 5

Which of the following law does not protect intellectual property?

  • A. Murphy's law
  • B. Patent law
  • C. Trademark
  • D. Copyright 183/185 Questions & Answers PDF P-
Answer:

A

Discussions

Question 6

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

  • A. Single Loss Expectancy x Annualized Rate of Occurrence
  • B. ALE before implementing safeguard + ALE after implementing safeguard + annual cost of safeguard
  • C. ALE before implementing safeguard - ALE after implementing safeguard - annual cost of safeguar
  • D. Asset Value x Exposure factor
Answer:

D

Discussions

Question 7

Which of the following is not a level of military data-classification system?

  • A. Unclassified
  • B. Normal
  • C. Confidential
  • D. Top secret
Answer:

B

Discussions

Question 8

Which of the following statements about DES (Data Encryption Standard) is true?

  • A. Its most widely used symmetric encryption algorithm uses a 56-bit key.
  • B. Its most widely used symmetric encryption algorithm uses a 32-bit key.
  • C. Its most widely used symmetric encryption algorithm uses a 128-bit key.
  • D. Its most widely used symmetric encryption algorithm uses a 64-bit key.
Answer:

A

Discussions

Question 9

A ________ attack occurs when an attacker successfully inserts an intermediary software or program
between two communicating hosts.

  • A. Man-in-the-middle
  • B. Brute force
  • C. Denial of Service (DoS)
  • D. Dictionary 182/185 Questions & Answers PDF P-
Answer:

A

Discussions

Question 10

Which of the following acts as an intermediary between a user on the internal network and a service
on the external network such as the Internet?

  • A. DNS server
  • B. Firewall
  • C. Proxy server
  • D. WINS server
Answer:

C

Discussions
To page 2