[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GISF Dumps with VCE and PDF 201-210

CollectDumps 2017 Sep GIAC Official New Released GISF
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GISF.html

GIAC Information Security Fundamentals

Question No: 201 – (Topic 2)

The workstations on your network utilize Windows XP (service pack 2 or later). Many users take their laptops on the road. You are very concerned about the security and want to have a robust firewall solution for mobile users. You have decided that all your firewalls to use the Stateful Packet Inspection (SPI) method. What must you do to provide SPI to your mobile users?

  1. You must purchase a third party firewall solution for your mobile users.

  2. Do nothing. Windows XP service pack 2 has a firewall turned on by default.

  3. Download the SPI template from Microsoft.

  4. Configure the Windows XP firewall to use SPI.

Answer: A

Question No: 202 – (Topic 2)

You are hired by Techmart Inc. to upgrade its existing network. You have prepared a case

study for planning the network.

According to your study, how many domains are required to setup the network of Techmart Inc.?

(Click the Exhibit button on the toolbar to see the case study.)

  1. Two

  2. Four

  3. Three

  4. One

Answer: D

Question No: 203 – (Topic 2)

Which of the following types of firewalls looks deep into packets and makes granular access control decisions?

  1. Stateful

  2. Application level proxy

  3. Circuit level proxy

  4. Packet filtering

Answer: B

Question No: 204 – (Topic 2)

You are the Administrator for a corporate network. You are concerned about denial of service attacks. Which of the following measures would be most helpful in defending against a Denial-of-Service (DoS) attack?

  1. Shorten the timeout for connection attempts.

  2. Place a honey pot in the DMZ.

  3. Implement a strong password policy.

  4. Implement network based antivirus.

Answer: A

Question No: 205 – (Topic 2)

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases.

The email header of the suspicious email is given below:

Collectdumps 2017 PDF and VCE

What is the IP address of the sender of this email?

A. 209.191.91.180

B. 141.1.1.1

C. 172.16.10.90

D. 216.168.54.25

Answer: D

Question No: 206 – (Topic 2)

Web applications play a vital role in deploying different databases with user accessibility on the Internet. Which of the following allows an attacker to get unauthorized access to the database of a Web application by sending (attacking) user-supplied data to an interpreter as part of a command or query?

  1. Cross Site Scripting

  2. Injection flaw

  3. Cross Site Request Forgery (CSRF)

  4. Malicious File Execution

Answer: B

Question No: 207 – (Topic 2)

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e- mails.

Which of the following will you use to accomplish this?

  1. NTFS

  2. PPTP

  3. PGP

  4. IPSec

Answer: C

Question No: 208 – (Topic 2)

Rick is the project manager of a construction project. He is in a process to procure some construction equipments. There are four vendors available for supplying the equipments. Rick does not want one of them to participate in the bidding as he has some personal grudges against the owner of the vendor. This is the violation of which of the following categories of the Project Management Institute Code of Ethics and Professional Conduct?

  1. Respect

  2. Honesty

  3. Responsibility

  4. Fairness

Answer: D

Question No: 209 – (Topic 2)

The Information assurance pillars provide the surety of data availability to the users of an Information system. Which of the following network infrastructure techniques accomplishes the objective of an efficient data availability management on a network?

Each correct answer represents a complete solution. Choose all that apply.

  1. SAN

  2. EFS

  3. NAS

  4. RAID

Answer: A,C,D

Question No: 210 – (Topic 2)

Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company#39;s network. Which of the following statements are true about the Black Box penetration testing?

Each correct answer represents a complete solution. Choose all that apply.

  1. Black box testing provides the testers with complete knowledge of the infrastructure to be tested.

  2. Black box testing simulates an attack from someone who is unfamiliar with the system.

  3. Black box testing simulates an attack from someone who is familiar with the system.

  4. Black box testing assumes no prior knowledge of the infrastructure to be tested.

Answer: B,C

100% Free Download!
Download Free Demo:GISF Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GISF Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE