A Review Of Verified GSNA Exam Topics

NEW QUESTION 1

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

• A. WPA-EAP
• B. WEP
• C. WPA-PSK
• D. WPA2

Answer: D

Explanation:

WPA2 is an updated version of WPA. This standard is also known as IEEE 802.11i. WPA2 offers enhanced protection to wireless networks than WPA and WEP standards. It is also available as WPA2-PSK and WPA2-EAP for home and enterprise environment respectively. Answer B is incorrect. than WEP (Wired Equivalent Protection).
Windows Vista supports both WPA-PSK and WPA-EAP. Each of these is described as follows: WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client. The WPA converts the passphrase into a 256-bit key. WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end server that runs Remote Authentication Dial-In User Service for user authentication. Note: Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network.

NEW QUESTION 2

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to run a command that forces all the unwritten blocks in the buffer cache to be written to the disk. Which of the following Unix commands can you use to accomplish the task?

• A. swapon
• B. tune2fs
• C. swapoff
• D. sync

Answer: D

Explanation:

The sync command is used to flush filesystem buffers. It ensures that all disk writes have been completed before the processor is halted or rebooted. Generally, it is preferable to use reboot or halt to shut down a system, as they may perform additional actions such as resynchronizing the hardware clock and flushing internal caches before performing a final sync. Answer B is incorrect. In Unix, the tune2fs command is used to adjust tunable filesystem parameters on the second extended filesystems. Answer A is incorrect. In Unix, the swapon command is used to activate a swap partition. Answer C is incorrect. In Unix, the swapoff command is used to de-activate a swap partition.

NEW QUESTION 3

The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol. Which of the following is supported by the LEAP protocol?

• A. Dynamic key encryption
• B. Public key certificate for server authentication
• C. Strongest security level
• D. Password hash for client authentication

Answer: AD

Explanation:

LEAP can use only password hash as the authentication technique. Not only LEAP, but EAP-TLS, EAP-TTLS, and PEAP also support dynamic key encryption and mutual authentication. Answer C is incorrect. LEAP provides only a moderate level of security. Answer B is incorrect. LEAP uses password hash for server authentication.

NEW QUESTION 4

Mark works as a project engineer in Tech Perfect Inc. His office is configured with Windows XP-based computers. The computer that he uses is not configured with a default gateway. He is able to access the Internet, but is not able to use e-mail services via the Internet. However, he is able to access e-mail services via the intranet of the company. Which of the following could be the reason of not being able to access e-mail services via the Internet?

• A. Proxy server
• B. IP packet filter
• C. Router
• D. Protocols other than TCP/IP

Answer: A

Explanation:

A proxy server exists between a client's Web-browsing program and a real Internet server. The purpose of the proxy server is to enhance the performance of user requests and filter requests. A proxy server has a database called cache where the most frequently accessed Web pages are stored. The next time such pages are requested, the proxy server is able to suffice the request locally, thereby greatly reducing the access time. Only when a proxy server is unable to fulfill a request locally does it forward the request to a real Internet server. The proxy server can also be used for filtering user requests. This may be done in order to prevent the users from visiting non-genuine sites. Answer D is incorrect. Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of standard protocols that govern how data passes between networks. It can be used to provide communication between the basic operating systems on local and wide-area networks (WANs). TCP/IP is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet). It is considered the primary protocol of the Internet and the World Wide Web. Answer B is incorrect. IP packet filters allow or block packets from passing through specified ports. They can filter packets based on service type, port number, source computer name, or destination computer name. When packet filtering is enabled, all packets on the external interface are dropped unless they are explicitly allowed, either statically by IP packet filters or dynamically by access policy or publishing rules. Answer C is incorrect. A router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer. A router maintains a routing table of the available routes and their conditions. By using this information, along with distance and cost algorithms, the router determines the best path to be taken by the data packets to the destination computer. A router can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) model.

NEW QUESTION 5

You work as a Network Architect for Tech Perfect Inc. The company has a TCP/IP based Enterprise network. The company uses Cisco IOS technologies in the Enterprise network. You have enabled system message logging (syslog) service on all the routers that are currently working in the network. The syslog service provides all the reports, and important error and notification messages. You want to store all the reports and messages. Choose the locations where you can store all of these.

• A. Auxiliary
• B. Buffer
• C. Syslog server
• D. tty lines
• E. Console

Answer: BCDE

Explanation:

According to the scenario, you have enabled system message logging (syslog) service on all the routers that are currently working in the network. If you want to store all the repots, important error and notification messages sent by the routers, you can store all of these in the buffer, console, syslog server, and tty lines. You can use buffer, if you want to store syslog messages for later analysis of the network. Buffer is the memory of the router. The syslog messages that you have stored in the buffer are later available for the network analysis until the router is rebooted. You can use console port of the routers to send syslog messages to the attached terminal. You can also use vty and tty lines to send syslog messages to the remote terminal. However, the messages send through the console, vty, and tty lines are not later available for network analysis. You can use syslog server to store all the reports, and important error and notification messages. It is the best option to store all these because it is easy to configure a syslog server and you can store a large volume of logs. Note: If you have configured to run an SNMP agent, the routers send all the reports, and important error and messages in the form of SNMP traps to an SNMP server. Using this you can store the reports and messages for a long period of time. Answer A is incorrect. You cannot store syslog messages in the auxiliary line.

NEW QUESTION 6

Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

• A. Multi-Authentication
• B. Port security
• C. MAC Authentication Bypass
• D. Quality of Service (QoS)

Answer: B

Explanation:
If a switch has the ability to enable port security, this will help to protect network from both the MAC Flood and MAC Spoofing attacks. Answer D is incorrect. Quality of Service (QoS) feature is useful for prioritizing VOIP traffic. Switches are offering the ability to assign a device a Quality of Service (QoS) value or a rate limiting value based on the RADIUS response. Answer A is incorrect. Multi-Authentication feature is used to allow multiple devices to use a single port. Answer C is incorrect. MAC Authentication Bypass feature is used to allow the RADIUS server to specify the default VLAN/ACL for every device that doesn't authenticate by 802.1X.

NEW QUESTION 7

What will be the output of the following command? echo $(date %M) > date.txt

• A. The current time (Month) will be written in the date.txt file.
• B. It will create a variable $(date %M).
• C. It will print a string "date %M".
• D. The current time (Minutes) will be written in the date.txt file.

Answer: D

Explanation:

The date command with the %M specifier prints the current time (Minutes). Since the output is redirected towards the date.txt file, the current time (Minutes) will be printed in the date.txt file.

NEW QUESTION 8

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the list of the filesystems mounted automatically at startup by the mount -a command in the /etc/rc startup file. Which of the following Unix configuration files can you use to accomplish the task?

• A. /etc/named.conf
• B. /etc/groups
• C. /etc/mtab
• D. /etc/fstab

Answer: D

Explanation:

In Unix, the /etc/fstab file is used by system administrators to list the filesystems that are mounted automatically at startup by the mount –a command (in /etc/rc or its equivalent startup file). Answer C is incorrect. In Unix, the /etc/mtab file contains a list of the currently mounted file systems. This is set up by the boot scripts and updated by the mount command. Answer A is incorrect. In Unix, the /etc/named.conf file is used for domain name servers. Answer B is incorrect. In Unix, the /etc/groups file contains passwords to let a user join a group.

NEW QUESTION 9

Which of the following are the countermeasures against WEP cracking?

• A. Using the longest key supported by hardware.
• B. Changing keys often.
• C. Using a non-obvious key.
• D. Using a 16 bit SSID.

Answer: ABC

Explanation:

A user can use some countermeasures to prevent WEP cracking. Although WEP is least secure, it should not be used. However, a user can use the following methods to mitigate WEP cracking: Use a non-obvious key. Use the longest key supported by hardware. Change keys often. Use WEP in combination with other security features, such as rapid WEP key rotation and dynamic keying using 802.1x. Consider WEP a deterrent, not a guarantee. Answer D is incorrect. SSID stands for Service Set Identifier. It is used to identify a wireless network. SSIDs are case sensitive text strings and have a maximum length of 32 characters. All wireless devices on a wireless network must have the same SSID in order to communicate with each other. The SSID on computers and the devices in WLAN can be set manually and automatically. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks will create a conflict. A network administrator often uses a public SSID that is set on the access point. The access point broadcasts SSID to all wireless devices within its range. Some newer wireless access points have the ability to disable the automatic SSID broadcast feature in order to improve network security.

NEW QUESTION 10

Mark works as the Network Administrator for XYZ CORP. The company has a Unix-based network. Mark wants to scan one of the Unix systems to detect security vulnerabilities. To accomplish this, he uses TARA as a system scanner. What can be the reasons that made Mark use TARA?

• A. It has a very specific function of seeking paths to root.
• B. It is composed mostly of bash scripts
• C. It works on a wide variety of platforms.
• D. It is very modular.

Answer: BCD

Explanation:

Tiger Analytical Research Assistant (TARA) is a set of scripts that scans a Unix system for security problems. Following are the pros and cons of using TARA. Pros:
It is open source. It is very modular. It can work on a wide variety of platforms. It is composed mostly of bash scripts; hence, it can run on any Unix platform with little difficulty. Cons: It has a very specific function of seeking paths to root. Answer A is incorrect. It is a limitation of TARA that reduces its flexibility to be used for different purposes.

NEW QUESTION 11

You work as a Software Developer for Cinera Softwares Inc. You create a DHTML page that contains ten TextBox controls to get information from the users who use your application. You want all the components placed on the DHTML page to be repositioned dynamically, when a user resizes the browser window. Which of the following will you use for this?

• A. Use the position attribute of the Cascading Style Sheet.
• B. Use the OnResize event for the DHTML page object.
• C. Use the Resize event of the Document object.
• D. Use the OnResize event of the Cascading Style Sheet.

Answer: A

Explanation:

position attribute of the Cascading Style Sheet. The DHTML page object modal gives access to styles and style sheets. Therefore, you can easily set and change the position of an element. Reference: MSDN, Index "Dynamic HTML(DHTML), in DHTML Applications", "Elements Positioning in DHTML Application", Search "Positioning", "Dynamic HTML"

NEW QUESTION 12

Which of the following tools works both as an encryption-cracking tool and as a keylogger?

• A. Magic Lantern
• B. KeyGhost Keylogger
• C. Alchemy Remote Executor
• D. SocketShield

Answer: A

Explanation:

Magic Lantern works both as an encryption-cracking tool and as a keylogger. Answer C is incorrect. Alchemy Remote Executor is a system management tool that allows Network Administrators to execute programs on remote network computers without leaving their workplace. From the hacker's point of view, it can be useful for installing keyloggers, spyware, Trojans, Windows rootkits and such. One necessary condition for using the Alchemy Remote Executor is that the user/attacker must have the administrative passwords of the remote computers on which the malware is to be installed. Answer B is incorrect. The KeyGhost keylogger is a hardware keylogger that is used to log all keystrokes on a computer. It is a tiny device that clips onto the keyboard cable. Once the KeyGhost keylogger is attached to the computer, it quietly logs every key pressed on the keyboard into its own internal Flash memory (just as with smart cards). When the log becomes full, it overwrites the oldest keystrokes with the newest ones. Answer D is incorrect. SocketShield provides a protection shield to a computer system against malware, viruses, spyware, and various types of keyloggers. SocketShield provides protection at the following two levels: 1.Blocking: In this level, SocketShield uses a list of IP addresses that are known as purveyor of exploits. All http requests for any page in these domains are simply blocked. 2.Shielding: In this level, SocketShield blocks all the current and past IP addresses that are the cause of unauthorized access.

NEW QUESTION 13

Which of the following encryption modes are possible in WEP?

• A. 128 bit encryption
• B. No encryption
• C. 256 bit encryption
• D. 40 bit encryption

Answer: ABD

Explanation:

WEP supports three encryption modes, i.e., no encryption, 40 bit encryption, and 128 bit encryption. Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security, which is equivalent to wired networks, for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP incorporates a checksum in each frame to provide protection against the attacks that attempt to reveal the key stream. Answer C is incorrect. WEP does not support 256 bit encryption.

NEW QUESTION 14

You work as the Network Technician for XYZ CORP. The company has a Linux-based network. You are working on the Red Hat operating system. You want to view only the last 4 lines of a file named /var/log/cron. Which of the following commands should you use to accomplish the task?

• A. tail -n 4 /var/log/cron
• B. tail /var/log/cron
• C. cat /var/log/cron
• D. head /var/log/cron

Answer: A

Explanation:

The tail -n 4 /var/log/cron command will show the last four lines of the file /var/log/cron.

NEW QUESTION 15

You are responsible for a number of Windows Server 2003 DNS servers on a large
corporate network. You have decided to audit the DNS server logs. Which of the following are likely errors you could encounter in the log? (Choose two)

• A. The DNS server could not create FTP socket for address [IP address of server].
• B. The DNS server could not open socket for domain name [domain name of server].
• C. The DNS server could not create a Transmission Control Protocol (TCP) socket.
• D. The DNS server could not open socket for address [IP address of server].

Answer: CD

Explanation:

There are a number of errors one could find in a Windows Server 2003 DNS log. They are as follows: The DNS server could not create a Transmission Control Protocol. The DNS server could not open socket for address. The DNS server could not initialize the Remote Procedure Call (RPC) service. The DNS server could not bind the main datagram socket. The DNS Server service relies on Active Directory to store and retrieve information for Active Directory-integrated zones. And several active directory errors are possible. Answer A is incorrect. DNS Servers do not create FTP connections. Answer B is incorrect. A DNS server looks up a name to return an IP, it would not and cannot connect to a domain name, it must connect to an IP address.

NEW QUESTION 16

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. You want to run two programs, foo and bar. You also want to ensure that bar is executed if and
only if foo has executed successfully. Which of the following command sequences will John use to accomplish the task?

• A. foo; bar;
• B. foo || bar;
• C. foo | bar;
• D. foo && bar;

Answer: D

Explanation:

According to the scenario, John will execute the foo && bar; command. Because of the && operator, bar will execute if and only if foo completes successfully. Answer A is incorrect. The foo; bar; command sequence will run foo and bar in a sequential manner, but the successful completion of the first command does not matter. Answer B is incorrect. The foo || bar; command sequence will run the bar if and only if foo fails to complete successfully. Answer C is incorrect. In the foo | bar; command sequence, the output of the foo command will be the input for the bar command.

NEW QUESTION 17
......