Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC G2700 Practice Exam with Questions & Answers | Set: 4

Questions 31

Mark works as a Security Administrator for uCertify Inc. He is responsible to update Standard Operating Procedures (SOPs) in his organization. In this process, Mark needs to update many programs and modify some registry files in the operating system. He wants to make a document of each step taken by him, so that he can come back and restore the system to its actual state if any problem occurred in the update. Which type of document should Mark create to accomplish the task?

Options:
A.

Technical documentation

B.

Change control documentation

C.

Compliance documentation

D.

Legal documentation

GIAC G2700 Premium Access
Questions 32

David works as the Network Administrator for uCertify Inc. He has been assigned the task to analyze and manage risks in the computer network of the organization. Which of the following are the stages of the CRAMM review that David will go through?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

To identify and prioritize countermeasures

B.

To identify threats and vulnerabilities and calculate risks

C.

To remove risks and install antivirus

D.

To identify and value assets

Questions 33

Which of the following are the valid reasons for the occurrence of Drive-by download?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Viewing an e-mail message

B.

Updating windows files automatically

C.

Visiting a website

D.

Clicking on a deceptive pop-up window

Questions 34

You work as an Information Security Manager for uCertify Inc. You are working on the documentation of ISMS. Which of the following steps are concerned with the development of ISMS?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Risk management

B.

HR security planning

C.

Statement of Applicability

D.

Selection of appropriate controls

Questions 35

Which of the following statements is correct about the Annual Loss Expectancy?

Options:
A.

It is the size of the damage claims resulting from not having carried out risk analyses effec tively.

B.

It is the average damage calculated by insurance companies for businesses in a country.

C.

It is the minimum amount for which a company should insure itself.

D.

It is the amount of damage that can occur as a result of an incident during the year.

Questions 36

Which of the following are the major tasks of risk management?

Each correct answer represents a complete solution. Choose two.

Options:
A.

Assuring the integrity of organizational data

B.

Building Risk free systems

C.

Risk identification

D.

Risk control

Questions 37

You work as the Network Security Administrator for uCertify Inc. You are responsible for protecting your network from unauthorized access from both inside and outside the organization. For outside attacks, you have installed a number of security tools that protect your network. For internal security, employees are using passwords more than 8 characters; however, a few of them having the same designation often exchange their passwords, making it possible for others to access their accounts.

There is already a policy to stop this practice, but still employees are doing so. Now, you want to stop this and ensure that this never happens again. Which of the following will be the best step to stop this practice?

Options:
A.

Create a policy that forces users to create a password combined with special characters.

B.

Create a new policy that forces users to change their passwords once every 15 days.

C.

Create a policy to enter their employee code while logged in to the system.

D.

Create a policy to enter their personal email id while logged in to the system.

Questions 38

Which of the following is the designing phase of the ISMS?

Options:
A.

Check

B.

Plan

C.

Act

D.

Do

Questions 39

Which of the following is a technical measure?

Options:
A.

Encryption of data

B.

Creation of a policy that defines what is and what is not permitted in the e-mail

C.

Allocation of information to an owner

D.

Storage of system management passwords

Questions 40

Which of the following provides secure online payment services?

Options:
A.

ACH

B.

ICSA

C.

CA

D.

IEEE

Exam Code: G2700
Certification Provider: GIAC
Exam Name: GIAC Certified ISO-2700 Specialist Practice Test
Last Update: Sep 12, 2025
Questions: 453

GIAC Related Exams

How to pass GIAC GCFW - GIAC Certified Firewall Analyst Exam
How to pass GIAC GCPM - GIAC Certified Project Manager Certification Practice Test Exam
How to pass GIAC GISF - GIAC Information Security Fundamentals Exam
How to pass GIAC GISP - GIAC Information Security Professional Exam
How to pass GIAC GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET Exam
How to pass GIAC GSSP-Java - GIAC Secure Software Programmer – Java Exam
How to pass GIAC GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET Exam
GSLC - GIAC Security Leadership Certification (GSLC)
GCED - GIAC Certified Enterprise Defender
GASF - GIAC Advanced Smartphone Forensics
GPYC - GIAC Python Coder (GPYC)
GCIH - GIAC Certified Incident Handler
GCFA - GIACCertified Forensics Analyst
GPPA - GIAC Certified Perimeter Protection Analyst
GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.