FLYDUMPS also provide you with GIAC GSNA exam sample questions, may expects the authentication of the problem about answer. FLYDUMPS also provides you with convenient GIAC GSNA exam sample questions download. FLYDUMPS GIAC https://www.pass4itsure.com/GSNA.html exam sample questions testing engine format is a simulator of real exam. FLYDUMPS GIAC GSNA exam sample questions will have experience with the Android family and hands on experience in helping you pass GIAC GSNA exam easily. GIAC GSNA exam sample questions provides the real GIAC GSNA exam test. FLYDUMPS GIAC GSNA exam sample questions provides the exam question with verified answers that reflect the actual exam. So candidates can pass the GIAC GSNA exam for first try if they use GIAC GSNA exam sample questions.
QUESTION NO: 50
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the list of the filesystems mounted automatically at startup by the mount -a command in the /etc/rc startup file. Which of the following Unix configuration files can you use to accomplish the task?
Answer: D Explanation: In Unix, the /etc/fstab file is used by system administrators to list the filesystems that are mounted automatically at startup by the mount –a command (in /etc/rc or its equivalent startup file). Answer: C is incorrect. In Unix, the /etc/mtab file contains a list of the currently mounted file systems. This is set up by the boot scripts and updated by the mount command. Answer: A is incorrect. In Unix, the /etc/named.conf file is used for domain name servers. Answer: B is incorrect. In Unix, the /etc/groups file contains passwords to let a user join a group.
QUESTION NO: 51
Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?
A. Single Loss Expectancy (SLE)
B. Annualized Rate of Occurrence (ARO)
C. Exposure Factor (EF)
Answer: B Explanation: The Annualized Rate of Occurrence (ARO) is a number that represents the estimated frequency at which a threat is expected to occur. It is calculated based upon the probability of the event occurring and the number of employees that could make that event occur. Answer: C is incorrect. The Exposure Factor (EF) represents the % of assets loss caused by a threat. The EF is required to calculate the Single Loss Expectancy (SLE). Answer: A is incorrect. The Single Loss Expectancy (SLE) is the value in dollars that is assigned to a single event. SLE = Asset Value ($) X Exposure Factor (EF) Answer: D is incorrect. Safeguard acts as a countermeasure for reducing the risk associated with a specific threat or a group of threats.
QUESTION NO: 52
An executive in your company reports odd behavior on her PDA. After investigation you discover that a trusted device is actually copying data off the PDA. The executive tells you that the behavior started shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
C. Privilege Escalation
D. PDA Hijacking
Answer: B Explanation: Bluesnarfing is a rare attack in which an attacker takes control of a bluetooth enabled device. One way to do this is to get your PDA to accept the attacker’s device as a trusted device.
QUESTION NO: 53
You work as the Project Engineer for XYZ CORP. The company has a Unix-based network. Your office consists of one server, seventy client computers, and one print device. You raise a request for printing a confidential page. After 30 minutes, you find that your print request job is not processed and is at the seventh position in the printer queue. You analyze that it shall take another one hour to print. You decide to remove your job from the printer queue and get your page printed outside the office. Which of the following Unix commands can you use to remove your job from the printer queue?
Answer: C Explanation: The basic Unix printing commands are as follows: banner: It is used to print a large banner on a printer. lpr: It is used to submit a job to the printer. lpc: It enables one to check the status of the printer and set its state. lpq: It shows the contents of a spool directory for a given printer. lprm: It is used to remove a job from the printer queue. gs: It works as a PostScript interpreter. pr: It is used to print a file. tunelp: It is used to set various parameters for the lp device.
QUESTION NO: 54
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to run a command that forces all the unwritten blocks in the buffer cache to be written to the disk. Which of the following Unix commands can you use to accomplish the task?
Answer: D Explanation: The sync command is used to flush filesystem buffers. It ensures that all disk writes have been completed before the processor is halted or rebooted. Generally, it is preferable to use reboot or halt to shut down a system, as they may perform additional actions such as resynchronizing the hardware clock and flushing internal caches before performing a final sync. Answer: B is incorrect. In Unix, the tune2fs command is used to adjust tunable filesystem parameters on the second extended filesystems. Answer: A is incorrect. In Unix, the swapon command is used to activate a swap partition. Answer: C is incorrect. In Unix, the swapoff command is used to de-activate a swap partition.
QUESTION NO: 55
You work as a Network Administrator for Infonet Inc. The company’s network has an FTP server. You want to secure the server so that only authorized users can access it. What will you do to accomplish this?
A. Disable anonymous authentication.
B. Stop the FTP service on the server.
C. Disable the network adapter on the server.
D. Enable anonymous authentication.
Answer: A Explanation: You will have to disable anonymous authentication. This will prevent unauthorized users from accessing the FTP server. Anonymous authentication (anonymous access) is a method of authentication for Websites. Using this method, a user can establish a Web connection to the IIS server without providing a username and password. Hence, this is an insecure method of authentication. This method is generally used to permit unknown users to access the Web or FTP server directories. Answer: D is incorrect. Enabling anonymous authentication will allow all the users to access the server. Answer: B is incorrect. Stopping the FTP service on the server will
prevent all the users from accessing the FTP server. Answer: C is incorrect. Disabling the network
adapter on the FTP server will disconnect the server from the network.
QUESTION NO: 56
Which of the following statements about a perimeter network are true? (Choose three)
A. It has a connection to the Internet through an external firewall and a connection to an internal network through an interior firewall.
B. It has a connection to a private network through an external firewall and a connection to an internal network through an interior firewall.
C. It is also known as a demilitarized zone or DMZ.
D. It prevents access to the internal corporate network for outside users.
Answer: A,C,D Explanation: A perimeter network, also known as a demilitarized zone or DMZ, is a small network that lies in between the Internet and a private network. It has a connection to the Internet through an external firewall and a connection to the internal network through an interior firewall. It allows outside users access to the specific servers located in the perimeter network while preventing access to the internal corporate network. Servers, routers, and switches that maintain security by preventing the internal network from being exposed on the Internet are placed in a perimeter network. A perimeter network is commonly used for deploying e-mail and Web servers for a company.
QUESTION NO: 57
John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?
A. He should download the latest patches for Windows Server 2003 from the Microsoft site, so that he can repair the kernel.
B. He should restore his Windows settings.
C. He should observe the process viewer (Task Manager) to see whether any new process is running on the computer or not. If any new malicious process is running, he should kill that process.
D. He should upgrade his antivirus program.
Answer: C,D Explanation: In such a situation, when John receives an error message revealing that Kernel32.exe is encountering a problem, he needs to come to the conclusion that his antivirus program needs to be updated, because Kernel32.exe is not a Microsoft file (It is a Kernel32.DLL file.). Although such viruses normally run on stealth mode, he should examine the process viewer (Task Manager) to see whether any new process is running on the computer or not. If any new process (malicious) is running on the server, he should exterminate that process. Answer: A, B are incorrect. Since kernel.exe is not a real kernel file of Windows, there is no need to repair or download any patch for Windows Server 2003 from the Microsoft site to repair the kernel. Note: Such error messages can be received if the computer is infected with malware, such as Worm_Badtrans.b, Backdoor.G_Door, Glacier Backdoor, Win32.Badtrans.29020, etc.
QUESTION NO: 58
In addition to denying and granting access, what other services does a firewall support?
A. Network Access Translation (NAT)
B. Secondary connections
C. Control Internet access based on keyword restriction
D. Data caching
Answer: A,C,D Explanation: A firewall is a tool to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Firewalls often have network address translation (NAT) functionality. The hosts protected behind a firewall commonly have addresses in the private address range. Firewalls have such functionality to hide the true address of protected hosts. Firewalls are used by administrators to control Internet access based on keyword restriction. Some proxy firewalls can cache data so that clients can access frequently requested data from the local cache instead of using the Internet connection to request it. This is convenient for cutting down on unnecessary bandwidth consumption. Answer: B is incorrect. It is an area where a firewall faces difficulty in securing the network. It is the area where employees make alternate connections to the Internet for their personal use, resulting in useless rendering of the firewall.
QUESTION NO: 59
Which of the following are the goals of risk management? (Choose three)
A. Identifying the risk
B. Assessing the impact of potential threats
C. Finding an economic balance between the impact of the risk and the cost of the countermeasure
D. Identifying the accused
Answer: A,B,C Explanation: There are three goals of risk management as follows: Identifying the risk Assessing the impact of potential threats Finding an economic balance between the impact of the risk and the cost of the countermeasure Answer: D is incorrect. Identifying the accused does not come under the scope of risk management.
QUESTION NO: 60
Ryan wants to create an ad hoc wireless network so that he can share some important files with another employee of his company. Which of the following wireless security protocols should he choose for setting up an ad hoc wireless network?
A. WPA2 -EAP
Answer: B,C Explanation: Ryan can either choose WEP or WPA-PSK wireless protocol to set an ad hoc wireless network. Answer: A is incorrect. WPA2-EAP cannot be chosen for an ad hoc wireless network, as it requires RADIUS (Remote Authentication Dial- In User Service) server for authentication. Answer: D is incorrect. WPA-EAP cannot be chosen for an ad hoc wireless network, as it requires RADIUS (Remote Authentication Dial-In User Service) server for authentication.
QUESTION NO: 61
Which of the following mechanisms is closely related to authorization?
A. Sending secret data such as credit card information.
B. Allowing access to a particular resource.
C. Verifying username and password.
D. Sending data so that no one can alter it on the way.
Answer: B Explanation: Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer: C is incorrect. Verifying username and password describes the mechanism of authentication. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer: D is incorrect. Sending data so that no one can alter it on the way describes the mechanism of data integrity. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source. Answer: A is incorrect. Sending secret data such as credit card information describes the mechanism of confidentiality. Confidentiality is a mechanism that ensures that only the intendeA, Duthorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it.
QUESTION NO: 62
An auditor assesses the database environment before beginning the audit. This includes various key tasks that should be performed by an auditor to identify and prioritize the users, data, activities, and applications to be monitored. Which of the following tasks need to be performed by the auditor manually?
A. Classifying data risk within the database systems
B. Monitoring data changes and modifications to the database structure, permission and user changes, and data viewing activities
C. Analyzing access authority
D. Archiving, analyzing, reviewing, and reporting of audit information
Answer: A,C Explanation: The Internal Audit Association lists the following as key components of a database audit: Create an inventory of all database systems and use classifications. This should include production and test data. Keep it up-to-date. Classify data risk within the database systems. Monitoring should be prioritized for high, medium, and low risk data. Implement an access request process that requires database owners to authorize the “roles” granted to database accounts (roles as in Role Based Access and not the native database roles). Analyze access authority. Users with higher degrees of access permission should be under higher scrutiny, and any account for which access has been suspended should be monitored to ensure access is denieA, Dttempts are identified. Assess application coverage. Determine what applications have built-in controls, and prioritize database auditing accordingly. All privileged user access must have audit priority. Legacy and custom applications are the next highest priority to consider, followed by the packaged applications. Ensure technical safeguards. Make sure access controls are set properly. Audit the activities. Monitor data changes and modifications to the database structure, permission and user changes, and data viewing activities. Consider using network-based database activity monitoring appliances instead of native database audit trails. Archive, analyze, review, and report audit information. Reports to auditors and IT managers must communicate relevant audit information, which can be analyzed and reviewed to determine if corrective action is required. Organizations that must retain audit data for long-term use should archive this information with the ability to retrieve relevant data when needed. The first five steps listed are to be performed by the auditor manually. Answer: B, D are incorrect. These tasks are best achieved by using an automated solution.
With Flydumps.com complete study guide for the GIAC https://www.pass4itsure.com/GSNA.html certification exam you will find questions and answers from previous exams as well as ones that our experts believe will be on the upcoming exams due to upgrades and new releases. This gives you the resources you actually need to pass the exam instead of just studying material without any knowledge of what might be on a test. If you want a career in the IT world, a certification is the only answer to ensure you get your dream job.