Improve GSNA Test Preparation For GIAC Systems And Network Auditor Certification

NEW QUESTION 1

Which of the following is a basic feature of the Unix operating system? (Choose three)

• A. It is highly portable across hardware.
• B. All files can be individually protected using read, write, and execute permissions for the user, group, and others.
• C. It allows all the modules to be loaded into memory.
• D. A user can execute multiple programs at the same time from a single terminal.

Answer: ABD

Explanation:

The basic features of Unix are as follows: Multi-user: It supports more than one user to access the system simultaneously through a set of terminals attached to a system. Multi-tasking: A user can execute multiple programs at the same time from a single terminal. Time sharing: The operating system shares CPU time among tasks. Portability: It is highly portable across hardware. Modularity: It allows only needed modules to be loaded into the memory. File structure: It has an inverted tree like file structure, with files and directories created within the file structure. Security: All files can be individually protected using read, write, and execute permissions for the user, group, and others. Network support: It uses the TCP/IP protocol. Advanced graphics: CAD-CAM applications perform the best in a Unix System with its varied support for graphics card.

NEW QUESTION 2

Audit trail or audit log is a chronological sequence of audit records, each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Under which of the following controls does audit control come?

• A. Protective controls
• B. Reactive controls
• C. Detective controls
• D. Preventive controls

Answer: C

Explanation:

Audit trail or audit log comes under detective controls. Detective controls are the audit controls that are not needed to be restricted. Any control that performs a monitoring activity can likely be defined as a Detective Control. For example, it is possible that mistakes, either intentional or unintentional, can be made. Therefore, an additional Protective control is that these companies must have their financial results audited by an independent Certified Public Accountant. The role of this accountant is to act as an auditor. In fact, any auditor acts as a Detective control. If the organization in question has not properly followed the rules, a diligent auditor should be able to detect the deficiency which indicates that some control somewhere has failed. Answer B is incorrect. Reactive or corrective controls typically work in response to a detective control, responding in such a way as to alert or otherwise correct an unacceptable condition. Using the example of account rules, either the internal Audit Committee or the SEC itself, based on the report generated by the external auditor, will take some corrective action. In this way, they are acting as a Corrective or Reactive control. Answer A, D are incorrect. Protective or preventative controls serve to proactively define and possibly enforce acceptable behaviors. As an example, a set of common accounting rules are defined and must be followed by any publicly traded company. Each quarter, any particular company must publicly state its current financial standing and accounting as reflected by an application of these rules. These accounting rules and the SEC requirements serve as protective or preventative controls.

NEW QUESTION 3

You work as a Software Developer for UcTech Inc. You are building a Web site that will contain study materials on the Java language. The company wants that members can
access all the pages, but non-members have only limited access to the Web site pages. Which of the following security mechanisms will you use to accomplish the task?

• A. Data integrity
• B. Authentication
• C. Confidentiality
• D. Authorization

Answer: D

Explanation:

Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer B is incorrect. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer C is incorrect. Confidentiality is a mechanism that ensures that only the intended and authorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it. Answer A is incorrect. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source.

NEW QUESTION 4

In which of the following CAATs (Computer Assisted Auditing Techniques) does an auditor perform tests on computer files and databases?

• A. Parallel Simulation
• B. Generalized Audit Software (GAS)
• C. Test Data
• D. Custom Audit Software (CAS)

Answer: B

Explanation:

CAATs (Computer Assisted Auditing Techniques) are used to test application controls as well as perform substantive tests on sample items. Following are the types of CAATs: Generalized Audit Software (GAS): It allows the auditor to perform tests on computer files and databases. Custom Audit Software (CAS): It is generally written by auditors for specific audit tasks. CAS is necessary when the organization's computer system is not compatible with the auditor's GAS or when the auditor wants to conduct some testing that may not be possible with the GAS. Test Data: The auditor uses test data for testing the application controls in the client's computer programs. The auditor includes simulated valid and invalid test data, used to test the accuracy of the computer system's operations. This technique can be used to check data validation controls and error detection routines, processing logic controls, and arithmetic calculations, to name a few. Parallel Simulation: The auditor must construct a computer simulation that mimics the client's production programs. Integrated Test Facility: The auditor enters test data along with actual data in a normal application run.

NEW QUESTION 5

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PD A. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

• A. Spam
• B. Blue snarfing
• C. A virus
• D. Blue jacking

Answer: D

Explanation:

Blue jacking is the process of using another bluetooth device that is within range (about 30' or less) and sending unsolicited messages to the target. Answer B is incorrect. Blue snarfing is a process whereby the attacker actually takes control of the phone. Perhaps copying data or even making calls. Answer C is incorrect. A virus would not cause unsolicited messages. Adware might, but not a virus. Answer A is incorrect. Spam would not be limited to when the person was in a crowded area.

NEW QUESTION 6

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this? (Choose two)

• A. Remove the Administrator account.
• B. Disable the Guest account.
• C. Rename the Administrator account.
• D. Enable the Guest account.

Answer: BC

Explanation:

For security, you will have to rename the Administrator account and disable the Guest account. Renaming the Administrator account will ensure that hackers do not break into the network or computer by guessing the password of the Administrator account. You can also create a fake Administrator account that has no privileges and audit its use to detect attacks. Disabling the Guest account will prevent users who do not have a domain or local user account from illegally accessing the network or computer. By default, the Guest account is disabled on systems running Windows 2000 Server. If the Guest account is enabled, you will have to disable it.

NEW QUESTION 7

You work as an Exchange Administrator for XYZ CORP. The network design of the company is given below:

Employees are required to use Microsoft Outlook Web Access to access their emails remotely. You are required to accomplish the following goals: Ensure fault tolerance amongst the servers. Ensure the highest level of security and encryption for the Outlook Web Access clients. What will you do to accomplish these goals?

• A. Install one front-end Exchange 2000 server and continue to run Microsoft Outlook Web Access on the existing serve
• B. Place the new server on the perimeter networ
• C. Configure unique URLs for each serve
• D. Configure Certificate Service
• E. Create a rule on the firewall to direct port 443 to the servers.
• F. Install two front-end Exchange 2000 server
• G. Place the new servers on the internal network and configure load balancing between the
• H. Configure Certificate Service
• I. Create a rule on the firewall to redirect port 443 to the servers.
• J. Install two front-end Exchange 2000 server
• K. Place the new servers on the perimeter network and configure load balancing between the
• L. Configure Certificate Service
• M. Create a rule on the firewall to redirect port 443 to the servers.
• N. Install two Exchange 2000 server
• O. Place the new servers on the perimeter networ
• P. Configure unique URLs for each serve
• Q. Configure Certificate Service
• R. Create a rule on the firewall to direct port 443 to the servers.

Answer: C

Explanation:

To ensure fault tolerance among the servers and to get the highest possible level of security and encryption for OWA clients, you must install two front-end Exchange 2000 servers. Place the new servers on the perimeter network and configure load balancing between them. To enhance security, you should also configure Certificate Services and create a rule on the firewall to redirect port 443 to the servers. The most secure firewall configuration is placing a firewall on either side of the front-end servers. This isolates the front-end servers in a perimeter network, commonly referred to as a demilitarized zone (DMZ). It is always better to configure more than one front-end server to get fault tolerance.

NEW QUESTION 8

Which of the following types of firewall ensures that the packets are part of the established session?

• A. Stateful inspection firewall
• B. Switch-level firewall
• C. Circuit-level firewall
• D. Application-level firewall

Answer: A

Explanation:

The stateful inspection firewall combines the circuit level and the application level firewall techniques. It assures the session or connection between the two parties is valid. It also inspects packets from the session to assure that the packets are part of the established session and not malicious. Answer C is incorrect. The circuit-level firewall regulates traffic based on whether or not a trusted connection has been established. Answer D is incorrect. The application level firewall inspects the contents of packets, rather than the source/destination or connection between the two devices. Answer B is incorrect. There is no firewall type such as switch-level firewall.

NEW QUESTION 9

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set some terminal characteristics and environment variables. Which of the following Unix configuration files can you use to accomplish the task?

• A. /etc/sysconfig/routed
• B. /proc/net
• C. /etc/sysconfig/network-scripts/ifcfg-interface
• D. /etc/sysconfig/init

Answer: D

Explanation:

In Unix, the /etc/sysconfig/init file is used to set terminal characteristics and environment variables. Answer B is incorrect. In Unix, the /proc/net file contains status information about the network protocols. Answer C is incorrect. In Unix, the /etc/sysconfig/network-scripts/ifcfg-interface file is the configuration file used to define a network interface. Answer A is incorrect. In Unix, the /etc/sysconfig/routed file is used to set up the dynamic routing policies.

NEW QUESTION 10

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the
forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Which of the following authentication techniques will you use to implement the security policy of the company?

• A. IEEE 802.1X using EAP-TLS
• B. IEEE 802.1X using PEAP-MS-CHAP
• C. Pre-shared key
• D. Open system

Answer: A

Explanation:

In order to ensure that the laptop users use smart cards for authentication, you will have to configure IEEE 802.1X authentication using the EAP-TLS protocol on the network.

NEW QUESTION 11

Which of the following controls define the direction and behavior required for technology to function properly?

• A. Detailed IS controls
• B. General controls
• C. Application controls
• D. Pervasive IS controls

Answer: D

Explanation:
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The pervasive control permeates the area by using a greater depth of control integration over a wide area of influence. Answer B is incorrect. General controls are the parent class of controls that governs all areas of a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. Answer A is incorrect. Detailed IS controls are controls used for manipulating the on-going tasks in an organization. Some of the specific tasks require additional detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as: The way system security parameters are set. How input data is verified before being accepted into an application. How to lock a user account after unsuccessful logon attempts. How the department handles acquisitions, security, delivery, implementation, and support of IS services. Answer C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in the control family. An activity should be filtered through the general controls, then the pervasive controls and detailed controls, before reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that each system meets the requirement.

NEW QUESTION 12

You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. You use DumpSec as an auditing and reporting program for security issues. Which of the following statements is true about DumpSec? (Choose three)

• A. It obtains the DACLs for the registry.
• B. It dumps user and group information.
• C. It collates the DACLs for the file system.
• D. It kills the running services in the Windows environment.

Answer: ABC

Explanation:
DumpSec, a program launched by Somarsoft, is a security auditing and reporting program for Microsoft Windows. It collates and obtains the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers, and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group, and replication information, policies, as well as services (Win32) and kernel drivers loaded on the system. It can also report the current status of services (running or stopped) in the Windows environment. Answer D is incorrect. It cannot kill running services. It can only report the current status of services (running or stopped) in the Windows environment.

NEW QUESTION 13

You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires a database that can receive data from various types of operating systems. You want to design a multidimensional database to accomplish the task. Which of the following statements are true about a multidimensional database?

• A. It is used to optimize Online Analytical Processing (OLAP) applications.
• B. It is used to optimize data warehouse.
• C. It is rarely created using input from existing relational databases.
• D. It allows users to ask questions that are related to summarizing business operations and trends.

Answer: ABD

Explanation:

A multidimensional database (MDB) is a type of database that is optimized for data warehouse and Online Analytical Processing (OLAP) applications. Multidimensional databases are frequently created using input from existing relational databases. Whereas a relational database is typically accessed using a Structured Query Language (SQL) query, a multidimensional database allows a user to ask questions like "How many Aptivas have been sold in Nebraska so far this year?" and similar questions related to summarizing business operations and trends. An OLAP application that accesses data from a multidimensional database is known as a MOLAP (multidimensional OLAP) application. Answer C is incorrect. A multidimensional database is frequently created using input from existing relational databases.

NEW QUESTION 14

Which of the following is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control?

• A. Airwave Management Platform
• B. Andrisoft WANGuard Platform
• C. akk@da
• D. Aggregate Network Manager

Answer: D

Explanation:

Aggregate Network Manager is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control. Answer A is incorrect. Airwave Management Platform (AMP) is wireless network management software. It offers centralized control for Wi-Fi networks. Some of its common features are access point configuration management, reporting, user tracking, help desk views, and rogue AP discovery. Answer C is incorrect. akk@da is a simple network monitoring system. It is designed for small and middle size computer networks. Its function is to quickly detect the system or network faults and display the information about detected faults to the administrators. The information is collected by it in every single minute (a user can decrease this period to 1 second). Approximately all the services of the monitored hosts are discovered automatically. Answer B is incorrect. Andrisoft WANGuard Platform offers solutions for various network issues such as WAN links monitoring, DDoS detection and mitigation, traffic accounting, and graphing.

NEW QUESTION 15

Which of the following tools is used for port scanning?

• A. L0phtcrack
• B. NSLOOKUP
• C. NETSH
• D. Nmap

Answer: D

Explanation:

The nmap utility, also commonly known as port scanner, is used to view the open ports on a Linux computer. It is used by administrators to determine which services are available for external users. This utility helps administrators in deciding whether to disable the services that are not being used in order to minimize any security risk. Answer B is incorrect. NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems. It performs its function by sending queries to the DNS server and obtaining detailed responses at the command prompt. This information can be useful for diagnosing and resolving name resolution issues, verifying whether or not the resource records are added or updated correctly in a zone, and debugging other server-related problems. This tool is installed along with the TCP/IP protocol through the Control Panel. Answer C is incorrect. NETSH is a command line tool to configure TCP/IP settings such as the IP address, Subnet Mask, Default Gateway, DNS, WINS addresses, etc. Answer A is incorrect. L0phtcrack is a tool which identifies and remediate security vulnerabilities that result from the use of weak or easily guessed passwords. It recovers Windows and Unix account passwords to access user and administrator accounts.

NEW QUESTION 16

Pervasive IS controls can be used across all the internal departments and external contractors to define the direction and behavior required for the technology to function properly. When these controls are implemented properly, which of the following areas show the reliability improvement? (Choose three)

• A. Hardware development
• B. Software development
• C. Security administration
• D. Disaster recovery

Answer: BCD

Explanation:

Pervasive IS controls can be used across all the internal departments and external contractors. If the Pervasive IS controls are implemented properly, it improves the reliability of the following: Software development System implementation Overall service delivery Security administration Disaster recovery Business continuity planning Answer A is incorrect. Pervasive IS controls do not have any relation with the reliability of the hardware development.

NEW QUESTION 17
......