[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GISF Dumps with VCE and PDF 211-220

CollectDumps 2017 Sep GIAC Official New Released GISF
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GISF.html

GIAC Information Security Fundamentals

Question No: 211 – (Topic 2)

You have created a Web site, which will be used for e-commerce. You want to ensure that the transactions are highly secured. For this purpose, you have to create a system to verify the identity of a potential customer. Which of the following security techniques will you use?

  1. Asymmetric encryption

  2. Symmetric encryption

  3. Spoofing

  4. Digital certificate

Answer: D

Question No: 212 – (Topic 2)

Which of the following are the levels of public or commercial data classification system? Each correct answer represents a complete solution. Choose all that apply.

  1. Sensitive

  2. Unclassified

  3. Confidential

  4. Public

  5. Secret

  6. Private

Answer: A,C,D,F

Question No: 213 – (Topic 2)

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

  1. Configuration Status Accounting

  2. Configuration Item Costing

  3. Configuration Identification

  4. Configuration Verification and Auditing

Answer: B

Question No: 214 – (Topic 2)

Which of the following can be used to prevent routing loops in distance vector routing protocols?

Each correct answer represents a complete solution. Choose two.

  1. Split horizon

  2. Link-state advertisement

  3. Spanning Tree Protocol

  4. Hold-down timers

Answer: A,D

Question No: 215 – (Topic 2)

Which of the following firewalls operates at three layers- Layer3, Layer4, and Layer5?

  1. Circuit-level firewall

  2. Application layer firewall

  3. Proxy firewall

  4. Dynamic packet-filtering firewall

Answer: D

Question No: 216 – (Topic 2)

How should you configure USSOWA1 and USSTIME1 to allow secure access for remote employees?

(Click the Exhibit button on the toolbar to see the case study.)

Each correct answer represents a complete solution. Choose three.

  1. Place USSTIME1 on the internal network

  2. Place USSOWA1 on the internal network

  3. Enable all connections from external network

  4. Place USSTIME1 in a DMZ

  5. Place USSOWA1 in a DMZ

  6. Allow only TCP port 443 connections from the external network

  7. Allow only TCP port 80 connections from the external network

Answer: D,E,F

Question No: 217 – (Topic 2)

You work as a Network administrator for Infonet Inc. The company has 135 Windows XP Professional computers and twenty Windows 2003 Server computers. You want to specify the number of invalid logon attempts allowed before a user account is locked out. What will you do to accomplish the task?

  1. Reset Account Lockout Counter After policy

  2. Set Account Lockout Threshold policy

  3. Enforce Password Must Meet Complexity Requirements policy

  4. Set Account Lockout Duration policy

Answer: B

Question No: 218 – (Topic 2)

Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three.

A. 18 U.S.C. 1029

B. 18 U.S.C. 1028

C. 18 U.S.C. 1030

D. 18 U.S.C. 2510

Answer: A,C,D

Question No: 219 – (Topic 2)

You work as a Software Developer for uCertify Inc. You have developed a Data Access Logic (DAL) component that will be part of a distributed application. You are conducting integration testing with other components of the distributed application. Which of the following types of testing methods will you need to perform to identify potential security- related issues? Each correct answer represents a part of the solution. Choose two.

  1. Unit testing

  2. Stress testing

  3. Load testing

  4. Black box testing

  5. White box testing

Answer: D,E

Question No: 220 – (Topic 2)

Which of the following refers to the process of verifying the identity of a person, network host, or system process?

  1. Hacking

  2. Authentication

  3. Packet filtering

  4. Auditing

Answer: B

100% Free Download!
Download Free Demo:GISF Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GISF Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE