Printable of GSNA free question materials and preparation exams for GIAC certification for IT candidates, Real Success Guaranteed with Updated GSNA pdf dumps vce Materials. 100% PASS GIAC Systems and Network Auditor exam Today!

Online GIAC GSNA free dumps demo Below:

NEW QUESTION 1

You have recently joined as a Network Auditor in XYZ CORP. The company has a Windows-based network. You have been assigned the task to determine whether or not the company's goal is being achieved. As an auditor, which of the following tasks should you perform before conducting the data center review? Each correct answer represents a complete solution. Choose three.

  • A. Review the future IT organization chart.
  • B. Meet with IT management to determine possible areas of concern.
  • C. Review the company's IT policies and procedures.
  • D. Research all operating systems, software applications, and data center equipment operating within the data center.

Answer: BCD

Explanation:

The auditor should be adequately educated about the company and its critical business activities before conducting a data center review. The objective of the data center is to align data center activities with the goals of the business while maintaining the security and integrity of critical information and processes. To adequately determine if whether or not the client's goal is being achieved, the auditor should perform the following before conducting the review: Meet with IT management to determine possible areas of concern. Review the current IT organization chart. Review job descriptions of data center
employees. Research all operating systems, software applications, and data center equipment operating within the data center. Review the company's IT policies and procedures. Evaluate the company's IT budget and systems planning documentation. Review the data center's disaster recovery plan. Answer A is incorrect. An auditor should review the current organization chart. Reviewing the future organization chart would not help in finding the current threats to the organization.

NEW QUESTION 2

With reference to the given case study, one of the security goals requires to configure a secure connection between the Boston distribution center and the headquarters. You want to implement IP filter to fulfill the security requirements. How should you implement IP filters at the headquarters? (Click the Exhibit button on the toolbar to see the case study.)

  • A. Add source filters for the headquarters for UDP port 1701 and IP protocol 50.Add destination filters for the Boston distribution center for UDP port 1701 and IP protocol 50.
  • B. Add source filters for the Boston distribution center for UDP port 80 and IP protocol 50. Add destination filters for headquarters for UDP port 80 and IP protocol 50.
  • C. Add source filters for the headquarters for UDP port 80 and IP protocol 50.Add destination filters for the Boston distribution center for UDP port 80 and IP protocol 50.
  • D. Add source filters for the Boston distribution center for UDP port 1701 and IP protocol 50.Add destination filters for the headquarters for UDP port 1701 and IP protocol 50.

Answer: D

Explanation:

To implement IP filters at the headquarters, add source filters for the Boston distribution center for UDP port 1701 and IP protocol 50. Also, add destination filters for the headquarters for UDP port 1701 and IP protocol 50. The Windows 2000 Router service provides routing services in the LAN and WAN environments, and over the Internet, using secure virtual private network (VPN) connections. The VPN connections are based on the Point-to-Point Tunneling Protocol (PPTP) and the Layer 2 Tunneling Protocol (L2TP) L2TP is very similar to PPTP but uses UDP, and therefore can be used over asynchronous transfer mode (ATM), Frame Relay, and X.25 networks as well. When L2TP is used over IP networks, it uses a UDP port 1701 packet format for both a control channel and a data channel. L2TP can also be used with IPSec to provide a fully secured network link. Further, IP packet filtering provides an ability to restrict the traffic into and out of each interface. Packet filtering is based on filters defined by the values of source and destination IP addresses, TCP, and UDP port numbers, and IP protocol numbers. Inbound filters that are
applied to the receiving traffic allow the receiving computer to match the traffic with the IP Filter List for the source IP address. Similarly, the outbound filters that are applied to the traffic leaving a computer towards a destination trigger a security negotiation for the destination IP address. That is why, to implement the IP filtering at the headquarters, you have to add a source address for the filters at the Boston center and a destination address for the filters at the headquarters.

NEW QUESTION 3

You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes. Which of the following files store a copy of the data dictionary? (Choose two)

  • A. Online redo log files
  • B. Operating system flat file
  • C. Dump file
  • D. Control file

Answer: AB

Explanation:

LogMiner requires a dictionary to translate object IDs into object names when it returns redo data to you. You have the following three options to retrieve the data dictionary: The Online catalog: It is the most easy and efficient option to be used. It is used when a database user have access to the source database from which the redo log files were created. The other condition that should qualify is that there should be no changes to the column definitions in the desired tables. The Redo Log Files: This option is used when a database user does not have access to the source database from which the redo log files were created and if there is any chances of changes to the column definitions of the desired tables. An operating system flat file: Oracle does not recommend to use this option, but it is retained for backward compatibility. The reason for not preferring the option is that it does not guarantee transactional consistency. LogMiner is capable to access the Oracle redo logs. It keeps the complete record of all the activities performed on the database, and the associated data dictionary, which is used to translate internal object identifiers and types to external names and data formats. For offline analysis, LogMiner can be run on a separate database, using archived redo logs and the associated dictionary from the source database.

NEW QUESTION 4

You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized access in your Wi-Fi network. Therefore, you analyze a log that has been
recorded by your favorite sniffer, Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string in the log file: (Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001) When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool is being used for the unauthorized access. Which of the following tools have you ascertained?

  • A. AiroPeek
  • B. AirSnort
  • C. Kismet
  • D. NetStumbler

Answer: D

Explanation:

NetStumbler, a war driving tool, uses an organizationally unique identifier (OID) of 0x00601A, D protocol identifier (PID) of 0x0001. Each version has a typical payload string. For example, NetStumbler 3.2.3 has a payload string: 'All your 802.11b are belong to us'. Therefore, when you see the OID and PID values, you discover that the attacker is using NetStumbler, and when you see the payload string, you are able to ascertain that the attacker is using NetStumbler 3.2.3.

NEW QUESTION 5

Which of the following statements about system hardening are true? (Choose two)

  • A. It is used for securing the computer hardware.
  • B. It can be achieved by installing service packs and security updates on a regular basis.
  • C. It can be achieved by locking the computer room.
  • D. It is used for securing an operating system.

Answer: BD

Explanation:

System hardening is a term used for securing an operating system. It can be achieved by installing the latest service packs, removing unused protocols and services, and limiting the number of users with administrative privileges.

NEW QUESTION 6

You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router. You run the following command for a router interface: show interface serial0 You get the following output: Serial0 is administratively down, line protocol is down What will be your conclusion after viewing this output?

  • A. There is a physical problem either with the interface or the cable attached to it.
  • B. The router has no power.
  • C. There is a problem related to encapsulation.
  • D. The interface is shut down.

Answer: D

Explanation:

According to the question, the output displays that the interface is administratively down. Administratively down means that the interface is shut down. In order to up the interface, you will have to open the interface with the no shutdown command. Answer A is incorrect. Had there been a physical problem with the interface, the output would not have displayed "administratively down". Instead, the output would be as follows: serial0 is down, line protocol is down Answer B is incorrect. You cannot run this command on a router that is powered off. Answer C is incorrect. Encapsulation has nothing to do with the output displayed in the question.

NEW QUESTION 7

You work as a Network Administrator for InfraTech Inc. You have been assigned the task of designing the firewall policy for the company. Which of the following statements can be considered acceptable in the 'contracted worker statement' portion of the firewall policy?

  • A. No contractors shall have access to the authorized resources.
  • B. No contractors shall be permitted to scan the network.
  • C. No contractors shall have access to the unauthorized resources.
  • D. No contractors can access FTP unless specifically granted permissions to use it.

Answer: BCD

Explanation:

There are different portions that can be included in the firewall policy. These portions include the acceptable use statement, the network connection statement, the contracted worker statement, and the firewall administrator statement. The contracted worker statement portion of the policy is related to the contracted or the temporary workers. It states the rights and permissions for these workers. Some of the items hat can be included in this portion are as follows: No contractors can use FTP unless specifically granted to use it. No contractors shall have access to TELNET unless specifically granted to use it. No contractors shall have access to unauthorized resources. No contractors shall have access to scan the network. Answer A is incorrect. Only authorized resources should be accessed by the contractors.

NEW QUESTION 8

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:
GSNA dumps exhibit
Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

  • A. A protocol rule that allows the use of HTTP has not been created.
  • B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
  • C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
  • D. A protocol rule that allows the use of HTTPS has not been created.

Answer: C

Explanation:

The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.

NEW QUESTION 9

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to print the super block and block the group information for the filesystem present on a system. Which of the following Unix commands can you use to accomplish the task?

  • A. e2fsck
  • B. dump
  • C. dumpe2fs
  • D. e2label

Answer: C

Explanation:

In Unix, the dumpe2fs command dumps the filesystem superblock and blocks the group information. Answer B is incorrect. In Unix, the dump command is used to back up an ext2 filesystem. Answer A is incorrect. The e2fsck command is used to check the second extended file system (E2FS) of a Linux computer. Syntax: e2fsck [options]
<device> Where, <device> is the file name of a mounted storage device (for example,
/dev/hda1). Several options are used with the e2fsck command. Following is a list of some important options:
GSNA dumps exhibit
Answer D is incorrect. In Unix, the e2label command is used to change the label of an ext2 filesystem.

NEW QUESTION 10

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

  • A. DSniff
  • B. Dig
  • C. Host
  • D. NSLookup

Answer: BCD

Explanation:

An attacker can use Host, Dig, and NSLookup to perform a DNS zone transfer. Answer A is incorrect. DSniff is a sniffer that can be used to record network traffic. Dsniff is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of the tools of Dsniff include dsniff, arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. Dsniff is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

NEW QUESTION 11

In 1947, the American Institute of Certified Public Accountants (AICPA) adopted GAAS to establish standards for audits. Which of the following categories of audit standards established by GAAS are related to professional and technical competence, independence, and professional due care?

  • A. Reporting standards
  • B. Risk Analysis standards
  • C. General standards
  • D. Field work standards

Answer: C

Explanation:
In 1947, the American Institute of Certified Public Accountants (AICPA) adopted Generally Accepted Auditing Standards (GAAS) to establish standards for audits. The standards cover the following three categories: General Standards: They relate to professional and technical competence, independence, and professional due care. Field Work Standards: They relate to the planning of an audit, evaluation of internal control, and obtaining sufficient evidential matter upon which an opinion is based. Reporting Standards: They relate to the compliance of all auditing standards and adequacy of disclosure of opinion in the audit reports. If an opinion cannot be reached, the auditor is required to explicitly state their assertions. Answer B is incorrect. There was no such category of standard established by GAAS.

NEW QUESTION 12

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: Which of the following tools is John using to crack the wireless encryption keys?

  • A. Cain
  • B. PsPasswd
  • C. Kismet
  • D. AirSnort

Answer: D

Explanation:

AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer C is incorrect. Kismet is an IEEE 802.11 wireless network sniffer and intrusion detection system.

NEW QUESTION 13

John works as a Network Administrator for Perfect Solutions Inc. The company has a Debian Linux-based network. He is working on the bash shell in which he creates a variable VAR1. After some calculations, he opens a new ksh shell. Now, he wants to set VAR1 as an environmental variable so that he can retrieve VAR1 into the ksh shell. Which of the following commands will John run to accomplish the task?

  • A. echo $VAR1
  • B. touch VAR1
  • C. export VAR1
  • D. env -u VAR1

Answer: C

Explanation:
Since John wants to use the variable VAR1 as an environmental variable, he will use the export command to accomplish the task.

NEW QUESTION 14

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? (Choose two)

  • A. Using WPA encryption
  • B. MAC filtering the router
  • C. Not broadcasting SSID
  • D. Using WEP encryption

Answer: AD

Explanation:

With either encryption method (WEP or WPA) you can give the password to customers who need it, and even change it frequently (daily if you like). So this won't be an inconvenience for customers.

NEW QUESTION 15

You work as a Software Developer for XYZ CORP. You create a SQL server database named DATA1 that will manage the payroll system of the company. DATA1 contains two tables named EmployeeData, Department. While EmployeeData records detailed information of the employees, Department stores information about the available departments in the company. EmployeeData consists of columns that include EmpID, EmpName, DtOBrth, DtOJoin, DeptNo, Desig, BasicSal, etc. You want to ensure that each employee ID is unique and is not shared between two or more employees. You also want to ensure that the employees enter only valid department numbers in the DeptNo column. Which of the following actions will you perform to accomplish the task?

  • A. Define triggers in the EmployeeData table.
  • B. Add stored procedures by using Transact-SQL queries.
  • C. Add constraints to the EmployeeData table.
  • D. Define indexes in the EmployeeData table.
  • E. Define views in the database.

Answer: BCDE

Explanation:

In the given scenario, you will add constraints to the EmpID and DeptNo columns of the EmployeeData table, as you want EmpID to be unique, and the number entered in the DeptNo column to be valid. A constraint enforces the integrity of a database. It defines rules regarding the values allowed in the columns of a table. A constraint is the standard mechanism for enforcing integrity. Using constraints is preferred to using triggers, rules, and defaults. Most of the RDBMS databases support the following five types of constraints: NOT NULL constraint: It specifies that the column does not accept NULL values. CHECK constraint: It enforces domain integrity by limiting the values that can be placed in a column. UNIQUE constraint: It enforces the uniqueness of values in a set of columns. PRIMARY KEY constraint: It identifies the column or set of columns whose values uniquely identify a row in a table. FOREIGN KEY constraint: It establishes a foreign key relationship between the columns of the same table or different tables. Following are the functions of constraints: Constraints enforce rules on data in a table whenever a row is inserted, updated, or deleted from the table. Constraints prevent the deletion of a table if there are dependencies from other tables. Constraints enforce rules at the column level as well as at the table level. Defining indexes in the EmployeeData table will help you find employee information based on EmpID, very fast. An index is a pointer to a table. It speeds up the process of data retrieval from a table. It is stored separately from a table for which it was created. Indexes can be created or dropped without affecting the data in a table. The syntax for creating an index is as follows: CREATE INDEX <Index name> Indexes can also be used for implementing data integrity in a table. A unique index does not allow duplicate values to enter in a row if a particular column is indexed as a unique index. The syntax for creating a unique index is as follows: CREATE UNIQUE INDEX <Index name> You will also add a stored procedure named AddEmp by using Transact-SQL queries. AddEmp will accept data values for new employees and will subsequently add a row in the EmployeeData table. Stored procedures are precompiled SQL routines that are stored on a database server. They are a combination of multiple SQL statements that form a logical unit and perform a particular task. Stored procedures provide the capability of combining multiple SQL statements and improve speed due to precompiled routines. Most of the DBMS provide support for stored procedures. They usually differ in their syntax and capabilities from one DBMS to another. A stored procedure can take three parameters: IN, OUT, and INOUT. Note: Stored procedures are very similar to functions and procedures of common programming languages. You will also define a view named DeptEmpView that will combine data from the Department and EmployeeData tables and thus produce the required result. A view can be thought of as a virtual table. The data accessible through a view is not stored in the database as a distinct object. Views are created by defining a SELECT statement. The result set of the SELECT statement forms the virtual table. A user can use this virtual table by referencing the view name in SQL statements in the same way a table is referenced. Answer A is incorrect. You do not need to define any triggers in the EmployeeData table, as they are not required while making the EmpID unique, or while entering valid data values in DeptNo. A trigger is a special kind of stored procedure that automatically runs when data in a specified table is updated, inserted, or deleted. Triggers can query other tables and can include complex SQL statements.

NEW QUESTION 16

ACID (atomicity, consistency, isolation, and durability) is an acronym and mnemonic device for learning and remembering the four primary attributes ensured to any transaction by a transaction manager. Which of the following attributes of ACID confirms that the committed data will be saved by the system such that, even in the event of a failure or system restart, the data will be available in its correct state?

  • A. Durability
  • B. Atomicity
  • C. Isolation
  • D. Consistency

Answer: A

Explanation:

Durability is the attribute of ACID which confirms that the committed data will be saved by the system such that, even in the event of a failure or system restart, the data will be available in its correct state. Answer B is incorrect. Atomicity is the attribute of ACID which confirms that, in a transaction involving two or more discrete pieces of information, either all of the pieces are committed or none are. Answer D is incorrect. Consistency is the attribute of ACID which confirms that a transaction either creates a new and valid state of data, or, if any failure occurs, returns all data to its state before the transaction was started. Answer C is incorrect. Isolation is the attribute of ACID which confirms that a transaction in process and not yet committed must remain isolated from any other transaction.

NEW QUESTION 17
......

P.S. Surepassexam now are offering 100% pass ensure GSNA dumps! All GSNA exam questions have been updated with correct answers: https://www.surepassexam.com/GSNA-exam-dumps.html (368 New Questions)