[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GISF Dumps with VCE and PDF 41-50

CollectDumps 2017 Sep GIAC Official New Released GISF
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GISF.html

GIAC Information Security Fundamentals

Question No: 41 – (Topic 1)

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

  1. Cross-Site Request Forgery

  2. Code injection attack

  3. Cross-Site Scripting attack

  4. Command injection attack

Answer: B

Question No: 42 – (Topic 1)

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

  1. Electronic Communications Privacy Act of 1986

  2. Economic Espionage Act of 1996

  3. Computer Fraud and Abuse Act

  4. Wiretap Act

Answer: A

Question No: 43 – (Topic 1)

Which of the following does an anti-virus program update regularly from its manufacturer#39;s Web site?

  1. Hotfixes

  2. Definition

  3. Service packs

  4. Permissions

Answer: B

Question No: 44 – (Topic 1)

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domainbased network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company#39;s security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

  1. Configure Network address translation (NAT).

  2. Disable Windows firewall logging.

  3. Configure Internet Protocol Security (IPSec).

  4. Enable Windows firewall logging.

Answer: D

Question No: 45 – (Topic 1)

Hardening a system is one of the practical methods of securing a computer system. Which of the following techniques is used for hardening a computer system?

  1. Disabling all user accounts

  2. Applying egress filtering

  3. Applying Access Control List (ACL)

  4. Applying a patch to the OS kernel

Answer: D

Question No: 46 – (Topic 1)

You work as a security manager in Mariotiss Inc. Your enterprise has been facing network

and software security threats since a few months. You want to renew your current security policies and management to enhance the safety of your information systems. Which of the following is the best practice to initiate the renewal process from the lowest level with the least managerial effort?

  1. Start the Incident handling process.

  2. Change the entire security policy.

  3. Perform an IT audit.

  4. Switch to a new network infrastructure.

Answer: C

Question No: 47 – (Topic 1)

You and your project team have identified the project risks and now are analyzing the probability and impact of the risks. What type of analysis of the risks provides a quick and high-level review of each identified risk event?

  1. A risk probability-impact matrix

  2. Quantitative risk analysis

  3. Qualitative risk analysis

  4. Seven risk responses

Answer: C

Question No: 48 – (Topic 1)

You are concerned about outside attackers penetrating your network via your company Web server.

You wish to place your Web server between two firewalls One firewall between the Web server and the outside world The other between the Web server and your network

What is this called?

  1. IDS

  2. SPI firewall

  3. DMZ

  4. Application Gateway firewall

Answer: C

Question No: 49 – (Topic 1)

In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?

  1. Discretionary Access Control (DAC)

  2. Role Based Access Control (RBAC)

  3. Access Control List (ACL)

  4. Mandatory Access Control (MAC)

Answer: D

Question No: 50 – (Topic 1)

According to the case study, what protocol should be used to protect a customer#39;s privacy and credit card information?

(Click the Exhibit button on the toolbar to see the case study.)

  1. L2TP

  2. FTP

  3. HTTP

  4. MS-CHAP

  5. HTTPS

  6. PPTP

Answer: E

100% Free Download!
Download Free Demo:GISF Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GISF Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE