[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GSNA Dumps with VCE and PDF 211-220

CollectDumps 2017 Sep GIAC Official New Released GSNA
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GSNA.html

GIAC Systems and Network Auditor

Question No: 211 – (Topic 3)

You have detected what appears to be an unauthorized wireless access point on your network. However this access point has the same MAC address as one of your real access points and is broadcasting with a stronger signal. What is this called?

  1. Buesnarfing

  2. The evil twin attack

  3. WAP cloning

  4. DOS

Answer: B

Explanation: In the evil twin attack, a rogue wireless access point is set up that has the

same MAC address as one of your legitimate access points. That rogue WAP will often then initiate a denial of service attack on your legitimate access point making it unable to respond to users, so they are redirected to the #39;evil twin#39;. Answer: A is incorrect. Blue snarfing is the process of taking over a PDA. Answer: D is incorrect. A DOS may be used as part of establishing an evil twin, but this attack is not specifically for denial of service. Answer: C is incorrect. While you must clone a WAP MAC address, the attack is not called WAP cloning.

Question No: 212 – (Topic 3)

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company#39;s Website. Which of the following methods of investigation can you use to accomplish the task?

  1. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company#39;s site.

  2. Look at the Web servers logs and normal traffic logging.

  3. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.

  4. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

    Answer: A,B,D

    Explanation: You can use the following methods to investigate Cross-Site Scripting attack:

    1. Look at the Web servers logs and normal traffic logging.

    2. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

    3. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company#39;s site. Answer: C is incorrect. This method is not used to investigate Cross-Site Scripting attack.

      Question No: 213 – (Topic 3)

      Which of the following commands will you use to watch a log file /var/adm/messages while the log file is updating continuously?

      1. less -g /var/adm/messages

      2. tail /var/adm/messages

      3. cat /var/adm/messages

      4. tail -f /var/adm/messages

Answer: D

Explanation: The tail command is used to display the last few lines of a text file or piped data. It has a special command line option -f (follow) that allows a file to be monitored.

Instead of displaying the last few lines and exiting, tail displays the lines and then monitors the file. As new lines are added to the file by another process, tail updates the display. This is particularly useful for monitoring log files. The following command will display the last 10 lines of messages and append new lines to the display as new lines are added to messages: tail -f /var/adm/messages Answer: B is incorrect. The tail command will display the last 10 lines (default) of the log file. Answer: C is incorrect. The concatenate (cat) command is used to display or print the contents of a file. Syntax: cat filename For example, the following command will display the contents of the /var/log/dmesg file: cat

/var/log/dmesg Note: The more command is used in conjunction with the cat command to prevent scrolling of the screen while displaying the contents of a file. Answer: A is incorrect. The less command is used to view (but not change) the contents of a text file, one screen at a time. It is similar to the more command. However, it has the extended capability of allowing both forward and backward navigation through the file. Unlike most Unix text editors/viewers, less does not need to read the entire file before starting; therefore, it has faster load times with large files. The command syntax of the less command is as follows: less [options] file_name Where,

Question No: 214 – (Topic 3)

Mark works as the Network Administrator for XYZ CORP. The company has a Unix-based network. Mark wants to scan one of the Unix systems to detect security vulnerabilities. To accomplish this, he uses TARA as a system scanner. What can be the reasons that made Mark use TARA?

  1. It has a very specific function of seeking paths to root.

  2. It is composed mostly of bash scripts

  3. It works on a wide variety of platforms.

  4. It is very modular.

Answer: B,C,D

Explanation: Tiger Analytical Research Assistant (TARA) is a set of scripts that scans a Unix system for security problems. Following are the pros and cons of using TARA. Pros:

It is open source. It is very modular. It can work on a wide variety of platforms. It is composed mostly of bash scripts; hence, it can run on any Unix platform with little difficulty. Cons: It has a very specific function of seeking paths to root. Answer: A is incorrect. It is a limitation of TARA that reduces its flexibility to be used for different purposes.

Question No: 215 – (Topic 3)

Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company. The Manager of the company requires Mark to use tables instead of frames in the Web site. What is the major advantage that a table-structured Web site has over a frame-structured Web site?

  1. Easy maintenance

  2. Speed

  3. Better navigation

  4. Capability of being bookmarked or added to the Favorites folder

Answer: D

Explanation: The major advantage that a table-structured Web site has over a frame- structured Web site is that users can bookmark the pages of a table- structured Web site, whereas pages of a frame-structured Web site cannot be bookmarked or added to the Favorites folder. Non-frame Web sites also give better results with search engines. Better navigation: Web pages can be divided into multiple frames and each frame can display a separate Web page. It helps in providing better and consistent navigation. Easy maintenance: Fixed elements, such as a navigation link and company logo page, can be created once and used with all the other pages. Therefore, any change in these pages is required to be made only once.

Question No: 216 – (Topic 3)

Samantha works as a Web Developer for XYZ CORP. She develops a Web application using Visual InterDev. She wants to group a series of HTML elements together so that an action can be performed collectively on them. Which of the following tags will Samantha use to accomplish this?

  1. DIV

  2. GROUP

  3. BODY

  4. SPAN

Answer: A

Explanation: DIV is an HTML tag that groups a series of elements into a larger group. It can be used when an action needs to be performed collectively on the grouped elements. The DIV tag acts as a container for other elements. Answer: D is incorrect. The SPAN tag is used within an element to group a part of it. For example, this tag can be used to group a few sentences from within a paragraph, so that a particular action can be performed only on them. Answer: C is incorrect. The BODY tag is used to specify the beginning and end of the document body. Answer: B is incorrect. There is no tag such as GROUP in HTML.

Question No: 217 – (Topic 3)

Which of the following are the disadvantages of Dual-Homed Host Firewall Architecture?

  1. It can provide services by proxying them.

  2. It can provide a very low level of control.

  3. User accounts may unexpectedly enable services a user may not consider secure.

  4. It provides services when users log on to the dual-homed host directly.

    Answer: A,C,D

    Explanation: A dual-homed host is one of the firewall architectures for implementing preventive security. It provides the first-line defense and protection technology for keeping untrusted bodies from compromising information security by violating trusted network space as shown in the image below: A dual-homed host (or bastion host) is a system fortified with two network interfaces (NICs) that sits between an un-trusted network (like the Internet) and trusted network (such as a corporate network) to provide secure access.

    Dual-homed, or bastion, is a general term for proxies, gateways, firewalls, or any server that provides secured applications or services directly to an untrusted network.

    A dual-homed host also has some disadvantages, which are as follows:

    1. It can provide services by proxying them.

    2. User accounts may unexpectedly enable services a user may not consider secure.

    3. It provides services when users log on to the dual-homed host directly.

      Answer: B is incorrect. Dual-Homed Host Firewall Architecture can provide a very high level of control.

      Question No: 218 – (Topic 3)

      What are the purposes of audit records on an information system? (Choose two)

      1. Upgradation

      2. Backup

      3. Troubleshooting

      4. Investigation

Answer: C,D

Explanation: The following are the purposes of audit records on an information system: Troubleshooting Investigation An IT audit is the process of collecting and evaluating records of an organization#39;s information systems, practices, and operations. The evaluation of records provides evidence to determine if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently enough to achieve the organization#39;s goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. Audit records are also used to troubleshoot system issues. Answer: A, B are incorrect. The audit records cannot be used for backup and upgradation purposes.

Question No: 219 – (Topic 3)

Which of the following statements are true about WPA?

  1. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a

    wireless client.

  2. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.

  3. WPA-PSK converts the passphrase into a 256-bit key.

  4. WPA provides better security than WEP.

Answer: A,B,C,D

Explanation: WPA stands for Wi-Fi Protected Access. It is a wireless security standard. It provides better security than WEP (Wired Equivalent Protection). Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows: WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit key. WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote Authentication Dial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network. Shared- key WPA is vulnerable to password cracking attacks if a weak passphrase is used. To protect against a brute force attack, a truly random passphrase of 13 characters (selected from the set of 95 permitted characters) is probably sufficient.

Question No: 220 – (Topic 3)

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to do RARP mapping from hardware mapping addresses to IP addresses. Which of the following Unix configuration files can you use to accomplish the task?

  1. /etc/dhcpd.conf

  2. /etc/motd

  3. /etc/exports

  4. /etc/ethers

Answer: D

Explanation: In Unix, the /etc/ethers file is used by system administrators for RARP mapping from hardware mapping addresses to IP addresses.

Answer: A is incorrect. In Unix, the /etc/dhcpd.conf file is the configuration file for the DHCP server daemon. Answer: C is incorrect. In Unix, the /etc/exports file describes exported file systems for NFS services. Answer: B is incorrect. In Unix, the /etc/motd file automatically

displays the message of the day after a successful login.

100% Free Download!
Download Free Demo:GSNA Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GSNA Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE