[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GISP Dumps with VCE and PDF 211-220

CollectDumps 2017 Sep GIAC Official New Released GISP
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GISP.html

GIAC Information Security Professional

Question No: 211 – (Topic 2)

Which of the following statements about buffer overflow are true?

Each correct answer represents a complete solution. Choose two.

  1. It is a situation that occurs when a storage device runs out of space.

  2. It can terminate an application.

  3. It can improve application performance.

  4. It is a situation that occurs when an application receives more data than it is configured to accept

Answer: B,D

Question No: 212 – (Topic 2)

Which of the following ports is used by a BOOTP server?

  1. UDP port 389

  2. UDP port 67

  3. TCP port 80

  4. TCP port 110

Answer: B

Question No: 213 – (Topic 2)

Which of the following protocols uses TCP port 22 as the default port and operates at the application layer?

  1. Secure Sockets Layer (SSL)

  2. Secure Shell (SSH)

  3. Post Office Protocol version 3 (POP3)

  4. Trivial File Transfer Protocol (TFTP)

Answer: B

Question No: 214 – (Topic 2)

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

  1. ARP

  2. TCP

  3. ICMP

  4. IGMP

Answer: D

Question No: 215 – (Topic 2)

Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?

  1. EAP

  2. CHAP

  3. MS-CHAP v2

  4. PAP

Answer: A

Question No: 216 – (Topic 2)

Which of the following performs packet screening for security on the basis of port numbers?

  1. Switch

  2. DNS

  3. Hub

  4. Firewall

Answer: D

Question No: 217 – (Topic 2)

Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

  1. Frauds

  2. Strikes

  3. Employee errors

  4. Theft

Answer: A,C,D

Question No: 218 – (Topic 2)

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone#39;s DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

  1. Dig

  2. NSLookup

  3. DSniff

  4. Host

Answer: A,B,D

Question No: 219 – (Topic 2)

Which of the following security models deal only with integrity? Each correct answer represents a complete solution. Choose two.

  1. Biba

  2. Bell-LaPadula

  3. Biba-Wilson

  4. Clark-Wilson

Answer: A,D

Question No: 220 – (Topic 2)

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

  1. Fragmentation overlap attack

  2. Evasion attack

  3. Fragmentation overwrite attack

  4. Insertion attack

Answer: D

100% Free Download!
Download Free Demo:GISP Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GISP Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE