Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC GISP Practice Exam with Questions & Answers | Set: 9

Questions 121

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?

Each correct answer represents a complete solution. Choose two.

Options:
A.

Secret

B.

Asymmetric

C.

Synchronous

D.

Symmetric

GIAC GISP Premium Access
Questions 122

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

Options:
A.

Access control list (ACL)

B.

Discretionary access control entry (DACE)

C.

Security Identifier (SID)

D.

Access control entry (ACE)

Questions 123

Which methods help you to recover your data in the event of a system or hard disk failure?

Each correct answer represents a complete solution. Choose two.

Options:
A.

Install a RAID system

B.

Use data encryption

C.

Install and use a tape backup unit

D.

Install UPS systems on all important devices

Questions 124

Which of the following statements about DMZ is true?

Options:
A.

DMZ is a corporate network used as the Internet.

B.

DMZ is a firewall that lies in between two corporate networks.

C.

DMZ is a network that is not connected to the Internet.

D.

DMZ is a network that lies in between a corporate network and the Internet.

Questions 125

Which of the following statements about a host-based intrusion prevention system (HIPS) are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It can detect events scattered over the network.

B.

It is a technique that allows multiple computers to share one or more IP addresses.

C.

It cannot detect events scattered over the network.

D.

It can handle encrypted and unencrypted traffic equally.

Questions 126

Which of the following statements about Diffie-Hellman encryption are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It uses only a private key.

B.

It uses both a public key and a private key.

C.

It does not authenticate the parties involved.

D.

It was developed in 1976.

Questions 127

Which of the following functions are performed by a firewall?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

It hides vulnerable computers that are exposed to the Internet.

B.

It logs traffic to and from the private network.

C.

It enhances security through various methods, including packet filtering, circuit-level filtering, and application filtering.

D.

It blocks unwanted traffic.

Questions 128

Which of the following is a type of intruder detection that involves logging network events to a file for an administrator to review later?

Options:
A.

Passive detection

B.

Event detection

C.

Active detection

D.

Packet detection

Questions 129

Which of the following are the centralized administration technologies?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

TACACS+

B.

RADIUS

C.

Media Access control

D.

Peer-to-Peer

Questions 130

Which of the following processes is known as sanitization?

Options:
A.

Physically destroying the media and the information stored on it.

B.

Assessing the risk involved in discarding particular information.

C.

Verifying the identity of a person, network host, or system process.

D.

Removing the content from the media so that it is difficult to restore.

Questions 131

Which of the following steps are generally followed in computer forensic examinations?

Each correct answer represents a complete solution. Choose three.

Options:
A.

Acquire

B.

Analyze

C.

Encrypt

D.

Authenticate

Questions 132

Which of the following statements about the One Time Password (OTP) security system are true?

Each correct answer represents a complete solution. Choose two.

Options:
A.

It requires a password only once to authenticate users.

B.

It requires a new password every time a user authenticates himself.

C.

It generates passwords by using either the MD4 or MD5 hashing algorithm.

D.

It generates passwords by using Kerberos v5.

Questions 133

You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

Options:
A.

NSLOOKUP

B.

IPCONFIG

C.

PING

D.

TRACERT

Questions 134

Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?

Options:
A.

Spoofing

B.

PING attack

C.

SYN attack

D.

Hacking

Questions 135

Perfect World Inc., provides its sales managers access to the company's network from remote locations. The sales managers use laptops to connect to the network. For security purposes, the company's management wants the sales managers to log on to the network using smart cards over a remote connection. Which of the following authentication protocols should be used to accomplish this?

Options:
A.

Challenge Handshake Authentication Protocol (CHAP)

B.

Extensible Authentication Protocol (EAP)

C.

Open Shortest Path First (OSPF)

D.

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

Exam Code: GISP
Certification Provider: GIAC
Exam Name: GIAC Information Security Professional
Last Update: Sep 12, 2025
Questions: 659

GIAC Related Exams

How to pass GIAC G2700 - GIAC Certified ISO-2700 Specialist Practice Test Exam
How to pass GIAC GCFW - GIAC Certified Firewall Analyst Exam
How to pass GIAC GCPM - GIAC Certified Project Manager Certification Practice Test Exam
How to pass GIAC GISF - GIAC Information Security Fundamentals Exam
How to pass GIAC GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET Exam
How to pass GIAC GSSP-Java - GIAC Secure Software Programmer – Java Exam
How to pass GIAC GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET Exam
GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test
GPYC - GIAC Python Coder (GPYC)
GSLC - GIAC Security Leadership Certification (GSLC)
GCFR - GIAC Cloud Forensics Responder (GCFR)
GASF - GIAC Advanced Smartphone Forensics
GSEC - GIAC Security Essentials
GCIH - GIAC Certified Incident Handler
GICSP - Global Industrial Cyber Security Professional (GICSP)
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.