GIAC Security Leadership Certification (GSLC) v6.0

Page:    1 / 38   
Exam contains 567 questions

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows
Server 2008 network environment. The network is configured as a Windows Active
Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another.
Which of the following actions will you perform to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Implement the IEEE 802.1X authentication for the wireless network.
  • B. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
  • C. Implement the open system authentication for the wireless network.
  • D. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
  • E. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.


Answer : ABD

You are a Network Administrator in an enterprise. You have been assigned the task of installing Windows 2000 and some other applications, on each computer on the network.
But in the enterprise environment, it is not cost effective to install Windows 2000 and other applications, using the standard interactive setup on each computer. You plan to perform automated installation on multiple computers. Which of the following installation tasks can be automated?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Service Packs for Windows 2000 Server.
  • B. Any application that does not run as a service.
  • C. Additional language support for Windows 2000 Server, through the installation of various language packs.
  • D. Any application that runs as a service.
  • E. The core operating system of Windows 2000 Server.


Answer : A,B,C,E

Which of the following heights of fence deters only casual trespassers?

  • A. 3 to 4 feet
  • B. 2 to 2.5 feet
  • C. 8 feet
  • D. 6 to 7 feet


Answer : A

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure
Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

  • A. Eavesdropping
  • B. Fingerprinting
  • C. Web ripping
  • D. TCP FTP proxy scanning


Answer : C

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

  • A. Attacker can use the Ping Flood DoS attack if WZC is used.
  • B. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
  • C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
  • D. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.


Answer : BC

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000
Active Directory domain-based network. The domain contains one hundred Windows XP
Professional client computers. Mark is deploying an 802.11 wireless LAN on the network.
The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections.
According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.

  • A. Configure the authentication type for the wireless LAN to Open system.
  • B. Install a firewall software on each wireless access point.
  • C. Configure the authentication type for the wireless LAN to Shared Key.
  • D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
  • E. Broadcast SSID to connect to the access point (AP).
  • F. On each client computer, add the SSID for the wireless LAN as the preferred network.


Answer : C,D,F

You and your project team are just starting the risk identification activities for a project that is scheduled to last for 18 months. Your project team has already identified a long list of risks that need to be analyzed. How often should you and the project team do risk identification?

  • A. Identify risks is an iterative process.
  • B. At least once per month
  • C. It depends on how many risks are initially identified.
  • D. Several times until the project moves into execution


Answer : A

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

  • A. Qualitative analysis
  • B. Quantitative analysis
  • C. Risk identification
  • D. Estimate activity duration


Answer : A

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows
Server 2008 Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2008. The company's headquarters is located at Los
Angeles. A branch office of the company is located at Denver. You are about to send a message to Rick who is a Network Administrator at Denver. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys will you use to encrypt the message?

  • A. Your public key
  • B. The recipient's private key
  • C. The recipient's public key
  • D. Your private key


Answer : C

Which of the following standards is used in wireless local area networks (WLANs)?

  • A. IEEE 802.4
  • B. IEEE 802.3
  • C. IEEE 802.11b
  • D. IEEE 802.5


Answer : C

The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just packets addressed to it.
Which of the following tools works by placing the host system network card into the promiscuous mode?

  • A. Sniffer
  • B. THC-Scan
  • C. NetStumbler
  • D. Snort


Answer : A

Which system is designed to analyze, detect, and report on security-related events?

  • A. HIPS
  • B. NIPS
  • C. NIDS
  • D. HIDS


Answer : B

Which of the following viruses/worms uses the buffer overflow attack?

  • A. Code red worm
  • B. Klez worm
  • C. Nimda virus
  • D. Chernobyl (CIH) virus


Answer : A

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

  • A. Authentication
  • B. Integrity
  • C. Non-repudiation
  • D. Confidentiality


Answer : D

Which of the following types of attacks entices a user to disclose personal information such as social security number, bank account details, or credit card number?

  • A. Spoofing
  • B. Phishing
  • C. Password guessing attack
  • D. Replay attack


Answer : B

Page:    1 / 38   
Exam contains 567 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy