giac gppa practice test

GIAC Certified Perimeter Protection Analyst

Last exam update: Nov 18 ,2025
Page 1 out of 19. Viewing questions 1-15 out of 285

Question 1

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

  • A. Snort
  • B. NetWitness
  • C. Wireshark
  • D. Netresident
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

You are implementing a host based intrusion detection system on your web server. You feel that the
best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and
to monitor for conditions above that baseline.
This type of IDS is called __________.

  • A. Signature Based
  • B. Reactive IDS
  • C. Anomaly Based
  • D. Passive IDS
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which of the following are open-source vulnerability scanners? (Choose three.)

  • A. Nessus
  • B. Hackbot
  • C. Nikto
  • D. NetRecon
Mark Question:
Answer:

A,B,C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Suppose you are working as a Security Administrator at ABC Inc. The company has a switched
network. You have configured tcpdump in the network which can only see traffic addressed to itself
and broadcast traffic.
What will you do when you are required to see all traffic of the network?

  • A. Connect the sniffer device to a Switched Port Analyzer (SPAN) port.
  • B. Connect the sniffer device to a Remote Switched Port Analyzer (RSPAN) port.
  • C. Configure Network Access Control (NAC).
  • D. Configure VLAN Access Control List (VACL).
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which of the following techniques is used to identify attacks originating from a botnet?

  • A. Recipient filtering
  • B. BPF-based filter
  • C. IFilter
  • D. Passive OS fingerprinting
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

John works as a professional Ethical Hacker. He is assigned a project to test the security of
www.abc.com
. You have searched all open ports of the ABC server. Now, you want to perform the
next information-gathering step, i.e., passive OS fingerprinting.
Which of the following tools can you use to accomplish the task?

  • A. P0f
  • B. Superscan
  • C. Nmap
  • D. NBTscan
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of the following protocols is used by TFTP as a file transfer protocol?

  • A. SMTP
  • B. UDP
  • C. TCP
  • D. SNMP
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following steps are generally followed in computer forensic examinations?
Each correct answer represents a complete solution. (Choose three.)

  • A. Analyze
  • B. Acquire
  • C. Authenticate
  • D. Encrypt
Mark Question:
Answer:

A,B,C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which of the following monitors program activities and modifies malicious activities on a system?

  • A. HIDS
  • B. Back door
  • C. NIDS
  • D. RADIUS
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which of the following wireless security features provides the best wireless security mechanism?

  • A. WPA with Pre Shared Key
  • B. WPA
  • C. WPA with 802.1X authentication
  • D. WEP
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

David works as the Security Manager for ABC Inc. He has been assigned a project to detect the
attacks over multiple connections and sessions and to count the number of scanned ports in a
defined time period.
Which of the following rulebases will he use to accomplish the task?

  • A. SYN Protector rulebase
  • B. Exempt rulebase
  • C. Traffic Anomalies rulebase
  • D. Network Honeyport rulebase
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which of the following terms is used to represent IPv6 addresses?

  • A. Colon-dot
  • B. Dot notation
  • C. Hexadecimal-dot notation
  • D. Colon-hexadecimal
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

You work as a Security Administrator for ABC Inc. You have implemented and configured a web
application security scanner in the company's network. It helps in the automated review of the web
applications with the defined purpose of discovering security vulnerabilities. In order to perform this
task, the web application security scanner examines a number of vulnerabilities.
What are these vulnerabilities?
Each correct answer represents a complete solution. (Choose three.)

  • A. Input/Output validation
  • B. Denials of service against the TCP/IP stack
  • C. Server configuration mistakes/errors/version
  • D. Specific application problems
Mark Question:
Answer:

A,C,D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Which of the following information must the fragments carry for the destination host to reassemble
them back to the original unfragmented state?
Each correct answer represents a complete solution. (Choose all that apply.)

  • A. Offset field
  • B. MF flag
  • C. Length of the data
  • D. IP identification number
  • E. IP address
  • F. MAC address
Mark Question:
Answer:

A,B,C,D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 15

Which of the following types of IP actions are supported by an IDP rulebase? (Choose three.)

  • A. Initiate rules of the rulebase
  • B. Notify
  • C. Drop/block session
  • D. Close connection
Mark Question:
Answer:

B,C,D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2