Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC G2700 Practice Exam with Questions & Answers | Set: 8

Questions 71

Which of the following policies defines the acceptable methods of remotely connecting a system to the internal network?

Options:
A.

Remote access policy

B.

Computer security policy

C.

Network security policy

D.

User Account Policy

GIAC G2700 Premium Access
Questions 72

Which of the following statements is true about annualized rate of occurrence?

Options:
A.

It is defined as the cost related to a single realized risk against a particular asset.

B.

It is defined as the yearly cost of all instances of a particular threat against a particular ass et.

C.

It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year.

D.

It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk.

Questions 73

Which of the following paragraphs of the Turnbull Report stated that a company's internal control system encompasses the policies, processes, tasks, behaviors, and other aspects of the company?

Options:
A.

Paragraph 20

B.

Paragraph 21

C.

Paragraph 28

D.

Paragraph 22

Questions 74

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

Options:
A.

Snooping

B.

Copyright

C.

Patent

D.

Utility model

Questions 75

You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

The owner is allowed to delegate accountability of the asset.

B.

The owner should have a document describing the security controls for the asset.

C.

The owner is allowed to delegate responsibility for maintaining the asset.

D.

The owner has property rights to the asset.

Questions 76

You work as a Network Security Administrator for uCertify Inc. Your organization has set up a new Internet connection in place of the previous one. It is your responsibility to ensure that employees use the Internet only for official purposes. While reviewing Internet usages, you find that a few people have traversed and downloaded some inappropriate and illegal information. You want to make a policy to stop all these activities in the future. Which of the following policies will you implement to accomplish the task?

Options:
A.

Security policy

B.

Privacy policy

C.

Acceptable use policy

D.

Due care policy

Questions 77

By gaining full control of a router, hackers often acquire full control of the network. Which of the following methods are commonly used to attack routers?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Launching a Max Age attack

B.

Route table poisoning

C.

Launching a Sequence++ attack

D.

Launching a social engineering attack

Questions 78

In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem.

Options:
A.

Impersonation attack

B.

Reverse social engineering attack

C.

Important user posing attack

D.

In person attack

Questions 79

David works as the Network Administrator for uCertify Inc. He has been asked to perform risk analysis. He decides to do it by using CRAMM. The CEO wants to know the negative points of CRAMM which is going to be used by David. Which of the following points will David tell the CEO of the organization?

Options:
A.

It maintains consistency that results from similar solutions for similar risk profiles.

B.

It regularly updates extensive hierarchical countermeasure databases covering non-technical areas.

C.

It requires qualified and experienced practitioners to use it.

D.

It helps in developing full reviews and rapid reviews.

Questions 80

Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors?

Options:
A.

Utility model

B.

Cookie

C.

Trade secret

D.

Copyright

Exam Code: G2700
Certification Provider: GIAC
Exam Name: GIAC Certified ISO-2700 Specialist Practice Test
Last Update: Sep 12, 2025
Questions: 453

GIAC Related Exams

How to pass GIAC GCFW - GIAC Certified Firewall Analyst Exam
How to pass GIAC GCPM - GIAC Certified Project Manager Certification Practice Test Exam
How to pass GIAC GISF - GIAC Information Security Fundamentals Exam
How to pass GIAC GISP - GIAC Information Security Professional Exam
How to pass GIAC GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET Exam
How to pass GIAC GSSP-Java - GIAC Secure Software Programmer – Java Exam
How to pass GIAC GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET Exam
GASF - GIAC Advanced Smartphone Forensics
GCFA - GIACCertified Forensics Analyst
GSLC - GIAC Security Leadership Certification (GSLC)
GCCC - GIAC Critical Controls Certification (GCCC)
GPYC - GIAC Python Coder (GPYC)
GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test
GCFR - GIAC Cloud Forensics Responder (GCFR)
GICSP - Global Industrial Cyber Security Professional (GICSP)
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.