Free GIAC GSEC Practice Exam with Questions & Answers | Set: 2

Name: How to Pass GSEC Exams
Brand: Examstrack
SKU: gsec
Price: 42 USD
Availability: InStock

Questions 11

Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

Options:

Hardening

Authentication

Cryptography

Sanitization

GIAC GSEC Premium Access

Questions 12

Which of the following items are examples of preventive physical controls? Each correct answer represents a complete solution. Choose three.

Options:

Biometric access controls

Closed-circuit television monitors

Fire extinguishers

Locks and keys

Questions 13

Which of the following best describes the level of risk associated with using proprietary crypto algorithms.?

Options:

Proprietary cryptographic algorithms are required by law to use shorter key lengths in the United States, so the risk is high.

Proprietary algorithms have not been subjected to public scrutiny, so they have been checked less throughly for vulnerabilities.

Proprietary algorithms are less likely be vulnerable than algorithms that have been publicly disclosed because of enhanced secrecy of the algorithm.

Proprietary algorithms are not known to generally be any more or less vulnerable than publicly scrutinized algorithms.

Questions 14

Which file would the entry below be found in?

net.ipv6.conf.all.acctpt-ra=0

Options:

/etcsysctl.conf

/etc/crontab

/etc/shadow

/etc/hosts

/etc/pam.d/system-auth

Questions 15

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. You have configured a firewall on the network. A filter has been applied to block all the ports. You want to enable sending and receiving of emails on the network. Which of the following ports will you open?

Each correct answer represents a complete solution. Choose two.

Options:

110

Questions 16

An IT security manager is trying to quickly assess the risks associated with not implementing a corporate firewall system. What sort of risk assessment is most appropriate?

Options:

Annualized Risk Assessment

Qualitative risk assessment

Quantitative risk assessment

Technical Risk Assessment

Iterative Risk Assessment

Questions 17

What is the main problem with relying solely on firewalls to protect your company's sensitive data?

Options:

Their value is limited unless a full-featured Intrusion Detection System is used.

Their value is limited because they cannot be changed once they are configured.

Their value is limited because operating systems are now automatically patched.

Their value is limited because they can be bypassed by technical and non-technical means.

Questions 18

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.uCertify.com. What is the most likely cause?

Options:

DNS entry is not available for the host name.

The site's Web server is offline.

The site's Web server has heavy traffic.

WINS server has no NetBIOS name entry for the server.

Questions 19

Which of the following is an Implementation of PKI?

Options:

SSL

3DES

Kerberos

SHA-1

Questions 20

You have reason to believe someone with a domain user account has been accessing and modifying sensitive spreadsheets on one of your application servers. You decide to enable auditing for the files to see who is accessing and changing them. You enable the Audit Object Access policy on the files via Group Policy. Two weeks later, when you check on the audit logs, you see they are empty. What is the most likely reason this has happened?

Options:

You cannot enable auditing on files, just folders

You did not enable auditing on the files

The person modifying the files turned off auditing

You did not save the change to the policy