Ucertify offers free demo for GISF exam. "GIAC Information Security Fundamentals", also known as GISF exam, is a GIAC Certification. This set of posts, Passing the GIAC GISF exam, will help you answer those questions. The GISF Questions & Answers covers all the knowledge points of the real exam. 100% real GIAC GISF exams and revised by experts!

Online GIAC GISF free dumps demo Below:


Based on the information given in the case study, which two authentication methods should you use to allow customers to access their photos on the Web site?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a part of the solution. Choose two.

  • A. Basic authentication without SSL
  • B. Digest authentication with SSL
  • C. Integrated Windows authentication
  • D. Anonymous access
  • E. Basic authentication with SSL
  • F. Digest authentication without SSL

Answer: BE


The Information assurance pillars provide the surety of data availability to the users of an Information system. Which of the following network infrastructure techniques accomplishes the objective of an efficient data availability management on a network?
Each correct answer represents a complete solution. Choose all that apply.

  • A. SAN
  • B. EFS
  • C. NAS
  • D. RAID

Answer: ACD


You work as a Software Developer for uCertify Inc. The company has several branches worldwide. The company uses Visual Studio.NET 2005 as its application development platform. You have recently finished the development of an application using .NET Framework 2.0. The application can be used only for cryptography. Therefore, you have implemented the application on a computer. What will you call the computer that implemented cryptography?

  • A. Cryptographer
  • B. Cryptographic toolkit
  • C. Cryptosystem
  • D. Cryptanalyst

Answer: C


Which project management risk event would you be using if you changed the sequence of activities to reduce the probability of the project being delayed?

  • A. Enhancing
  • B. Withdrawal
  • C. Exploiting
  • D. Avoidance

Answer: D


You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

  • A. Set long session timeouts.
  • B. Open up all the unused management ports.
  • C. Set similar passwords for each management port.
  • D. Ignore usage of the default account settings.

Answer: D


Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

  • A. Packet filter firewall
  • B. Proxy-based firewall
  • C. Stateful firewall
  • D. Endian firew

Answer: B


Which of the following security applications is used to secure a database from unauthorized accesses in a network infrastructure?

  • A. Antivirus
  • B. Anti-Malware
  • C. Anti-Spoofing
  • D. Firewall

Answer: D


You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network.
You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?

  • A. Autonomous system area (AS)
  • B. Demilitarized zone (DMZ)
  • C. Border network area
  • D. Site network area

Answer: C


Which of the following protocols can help you get notified in case a router on a network fails?

  • A. SMTP
  • B. SNMP
  • C. TCP
  • D. ARP

Answer: B


Which of the following statements is not true about a digital certificate?

  • A. It is used with both public key encryption and private key encryption.
  • B. It is used with private key encryption.
  • C. It is neither used with public key encryption nor with private key encryption.
  • D. It is used with public key encryption.

Answer: D


Which of the following attacks saturates network resources and disrupts services to a
specific computer?

  • A. Teardrop attack
  • B. Replay attack
  • C. Denial-of-Service (DoS) attack
  • D. Polymorphic shell code attack

Answer: C


Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

  • A. Public key
  • B. Digital certificates
  • C. Twofish
  • D. RSA

Answer: AB


Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

  • A. Packet filtering
  • B. Firewall
  • C. Intrusion detection system (IDS)
  • D. Demilitarized zone (DMZ)

Answer: C


You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases.
The email header of the suspicious email is given below:
GISF dumps exhibit
What is the IP address of the sender of this email?

  • A.
  • B.
  • C.
  • D.

Answer: D


You want to ensure that everyone who sends you an email should encrypt it. However you do not wish to exchange individual keys with all people who send you emails. In order to accomplish this goal which of the following should you choose?

  • A. DES
  • B. AES
  • C. Symmetric Encryption
  • D. Public Key encryption

Answer: D


Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

  • A. Attacker can use the Ping Flood DoS attack if WZC is used.
  • B. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
  • C. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
  • D. It will not allow the configuration of encryption and MAC filterin
  • E. Sending information is not secure on wireless network.

Answer: BC


Which of the following provides a credential that can be used by all Kerberos-enabled servers and applications?

  • A. Remote Authentication Dial In User Service (RADIUS)
  • B. Internet service provider (ISP)
  • C. Network Access Point (NAP)
  • D. Key Distribution Center (KDC)

Answer: D


You have been tasked with finding an encryption methodology for your company's network. The solution must use public key encryption which is keyed to the users email address. Which of the following should you select?

  • A. AES
  • B. 3DES
  • C. PGP
  • D. Blowfish

Answer: C


100% Valid and Newest Version GISF Questions & Answers shared by Thedumpscentre.com, Get Full Dumps HERE: https://www.thedumpscentre.com/GISF-dumps/ (New 333 Q&As)