GIAC Certified Firewall Analyst v6.1

Page:    1 / 27   
Exam contains 394 questions

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less.
Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?

  • A. DNS cache poisoning
  • B. ARP spoofing
  • C. MAC spoofing
  • D. NAT spoofing


Answer : C

Which of the following attacks sends false ICMP packets in an attempt to cripple a system using random fake Internet source addresses?

  • A. Land attack
  • B. SYN attack
  • C. Replay attack
  • D. Twinge attack


Answer : D

This is a Windows-based tool that is used for the detection of wireless LANs using the
IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows: l It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc. l It is commonly used for the following purposes: a. War driving b. Detecting unauthorized access points c. Detecting causes of interference on a WLAN d. WEP ICV error tracking e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.

  • A. NetStumbler
  • B. Kismet
  • C. THC-Scan
  • D. Absinthe


Answer : A

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

  • A. Install a DMZ firewall
  • B. Enable verbose logging on the firewall
  • C. Install a host-based IDS
  • D. Install a network-based IDS


Answer : D

You are implementing passive OS fingerprinting in a network. Which of the following aspects are required to be configured there?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Edit signature vulnerable OS lists.
  • B. Limit the attack relevance rating calculation to a specific IP address range.
  • C. Define event action rules filters using the OS relevancy value of the target.
  • D. Enable passive analysis.
  • E. Define and import OS mappings.


Answer : A,B,C,E

You work as a Network Administrator for NetTech Inc. You want to prevent your network from Ping flood attacks. Which of the following protocols will you block to accomplish this task?

  • A. IP
  • B. PPP
  • C. ICMP
  • D. FTP


Answer : C

John works as the Security Manager for PassGuide Inc. He wants to create the Profiler database that stores information about the network activity at Layer 3, Layer 4, and Layer
7. Which of the following will he use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Ignore connection
  • B. Session creation
  • C. Protocol contexts
  • D. Session teardown


Answer : B,C,D

Which of the following firewall types operates at the Network layer of the OSI model and can filter data by port, interface address, source address, and destination address?

  • A. Proxy server
  • B. Application gateway
  • C. Packet Filtering
  • D. Circuit-level gateway


Answer : C

Sam works as a Network Administrator for Gentech Inc. He has been assigned a project to develop the rules that define the IDP policy in the rulebase. Which of the following will he define as the components of the IDP policy rule?
Each correct answer represents a complete solution. Choose all that apply.

  • A. IDP Profiler
  • B. IDP rule IP actions
  • C. IDP appliance deployment mode
  • D. IDP rule notifications


Answer : BD

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Temporary Internet Folder
  • B. History folder
  • C. Download folder
  • D. Cookies folder


Answer : ABD

When client data is encapsulated into an LWAPP header, the wireless LAN controller improves the coverage areas. Which information does the wireless LAN controller check?
Each correct answer represents a part of the solution. Choose two.

  • A. CCA
  • B. SNR
  • C. WCS
  • D. RSSI


Answer : BD

Which of the following IPv4 fields become obsolete while removing the hop-by-hop segmentation (fragmentation) procedure from the IP header?
Each correct answer represents a part of the solution. Choose three.

  • A. Fragment Offset field
  • B. Datagram Length field
  • C. Flags field
  • D. Datagram Identification Number field


Answer : ACD

Distributed Checksum Clearinghouse (DCC) is a hash sharing method of spam email detection.
Which of the following protocols does the DCC use?

  • A. ICMP
  • B. UDP
  • C. TELNET
  • D. TCP


Answer : B

You are the Network Administrator for a college. Wireless access is widely used at the college. You want the most secure wireless connections you can have. Which of the following would you use?

  • A. WEP2
  • B. WPA
  • C. WPA2
  • D. WEP


Answer : C

standard devices is least affected by interference from
domestic appliances such as microwave ovens?

  • A. 802.11b
  • B. 802.11
  • C. 802.11a
  • D. 802.11g


Answer : C

Page:    1 / 27   
Exam contains 394 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy