GIAC Systems and Network Auditor v1.0

Page:    1 / 12   
Exam contains 166 questions
Expand All

You work as a Software Developer for Cinera Softwares Inc. You create a DHTML page that contains ten TextBox controls to get information from the users who use your application. You want all the components placed on the DHTML page to be repositioned dynamically, when a user resizes the browser window.
Which of the following will you use for this?

  • A. Use the position attribute of the Cascading Style Sheet.
  • B. Use the OnResize event for the DHTML page object.
  • C. Use the Resize event of the Document object.
  • D. Use the OnResize event of the Cascading Style Sheet.


Answer : A

position attribute of the Cascading Style Sheet. The DHTML page object modal gives access to styles and style sheets. Therefore, you can easily set and change the position of an element. Reference: MSDN, Index "Dynamic HTML(DHTML), in DHTML Applications", "Elements Positioning in DHTML Application", Search
"Positioning", "Dynamic HTML"

Which of the following are the limitations for the cross site request forgery (CSRF) attack?

  • A. The attacker must determine the right values for all the form inputs.
  • B. The attacker must target a site that doesn't check the referrer header.
  • C. The target site should have limited lifetime authentication cookies.
  • D. The target site should authenticate in GET and POST parameters, not only cookies.


Answer : AB

Following are the limitations of cross site request forgeries to be successful:
1. The attacker must target either a site that doesn't check the Referer header (which is common) or a victim with a browser or plugin bug that allows Referer spoofing (which is rare).
2. The attacker must find a form submission at the target site that does something useful to the attacker (e.g., transfers money, or changes the victim's e-mail address or password).
3. The attacker must determine the right values for all the form inputs: if any of them are required to be secret authentication values or IDs that the attacker can't guess, the attack will fail.
4. The attacker must lure the victim to a Web page with malicious code while the victim is logged in to the target site. Since, the attacker can't see what the target
Web site sends back to the victim in response to the forged requests, unless he exploits a cross- site scripting or other bug at the target Web site.
Similarly, the attacker can only "click" any links or submit any forms that come up after the initial forged request, if the subsequent links or forms are similarly predictable. (Multiple "clicks" can be simulated by including multiple images on a page, or by using JavaScript to introduce a delay between clicks). from cross site request forgeries (CSRF) by applying the following countermeasures available:
Requiring authentication in GET and POST parameters, not only cookies.
Checking the HTTP Referer header.
Ensuring there's no crossdomain.xml file granting unintended access to Flash movies.
Limiting the lifetime of authentication cookies.
Requiring a secret, user-specific token in all form submissions prevents CSRF; the attacker's site can't put the right token in its submissions.
Individual Web users can do relatively little to prevent cross-site request forgery.
Logging out of sites and avoiding their "remember me" features can mitigate CSRF risk; not displaying external images or not clicking links in "spam" or unreliable e-mails may also help.

Which of the following are attributes of the <TABLE> tag? (Choose three)

  • A. BORDER
  • B. ALIGN
  • C. TD
  • D. WIDTH


Answer : ABD

The WIDTH attribute of the <TABLE> tag is used to set the width of a table. Width can be specified in pixels and percentage. For example, if a table of the same width as that of the parent object has to be created, the WIDTH attribute must be set to 100%. The ALIGN attribute aligns the table within the text flow. By default alignment is set to left. The BORDER attribute of the <TABLE> tag is used to set the width of the table border.
Answer C is incorrect. <TD> is not an attribute of the <TABLE> tag. It is a tag used to specify cells in a table.

You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site.
Which type of style sheet will you use?

  • A. Internal Style Sheet
  • B. External Style Sheet
  • C. Inline Style Sheet
  • D. Embedded Style Sheet


Answer : B

To apply the same style consistently throughout your Web site you should use external style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects.
Cascading Style Sheets have codes, which are interpreted and applied by the browser on to the Web pages and their elements.
There are three types of cascading style sheets.

External Style Sheets -


✑ Embedded Style Sheets
✑ Inline Style Sheets
External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad.
Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page.
Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN.
Which of the following is the required information that you will need to configure the client computer? (Choose two)

  • A. SSID of the WLAN
  • B. WEP key
  • C. IP address of the router
  • D. MAC address of the router


Answer : AB

In order to connect a client computer to a secured Wireless LAN (WLAN), you are required to provide the following information:
SSID of the WLAN WEP key rticlesItemsReportsHelp

Which of the following is an example of penetration testing?

  • A. Configuring firewall to block unauthorized traffic
  • B. Implementing HIDS on a computer
  • C. Simulating an actual attack on a network
  • D. Implementing NIDS on a network


Answer : C

Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat
Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a penetration testing is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security of penetration testing.

Which of the following commands can you use to search a string 'pwd' in all text files without opening them? (Choose two)

  • A. vi
  • B. grep
  • C. sed
  • D. locate


Answer : BC

sed and grep are the two commands that can be used to search a specified string in all text files without opening them. sed is a stream editor that is used to perform basic text transformations on an input stream (a file or input from a pipeline).

You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes.
Which of the following files store a copy of the data dictionary? (Choose two)

  • A. Online redo log files
  • B. Operating system flat file
  • C. Dump file
  • D. Control file


Answer : AB

LogMiner requires a dictionary to translate object IDs into object names when it returns redo data to you. You have the following three options to retrieve the data dictionary:
The Online catalog: It is the most easy and efficient option to be used. It is used when a database user have access to the source database from which the redo log files were created. The other condition that should qualify is that there should be no changes to the column definitions in the desired tables.
The Redo Log Files: This option is used when a database user does not have access to the source database from which the redo log files were created and if there are any chances of changes to the column definitions of the desired tables.
An operating system flat file: Oracle does not recommend to use this option, but it is retained for backward compatibility. The reason for not preferring the option is that it does not guarantee transactional consistency. LogMiner is capable to access the Oracle redo logs. It keeps the complete record of all the activities performed on the database, and the associated data dictionary, which is used to translate internal object identifiers and types to external names and data formats.
For offline analysis, LogMiner can be run on a separate database, using archived redo logs and the associated dictionary from the source database.

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server
2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:

Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required.
What is the most likely cause?

  • A. A protocol rule that allows the use of HTTP has not been created.
  • B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
  • C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
  • D. A protocol rule that allows the use of HTTPS has not been created.


Answer : C

The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.

Which of the following statements about packet filtering is true?

  • A. It allows or restricts the flow of specific types of packets to provide security.
  • B. It is used to send confidential data on the public network.
  • C. It allows or restricts the flow of encrypted packets to provide security.
  • D. It is used to store information about confidential data.


Answer : A

Packet filtering is a method that allows or restricts the flow of specific types of packets to provide security. It analyzes the incoming and outgoing packets and lets them pass or stops them at a network interface based on the source and destination addresses, ports, or protocols. Packet filtering provides a way to define precisely which type of IP traffic is allowed to cross the firewall of an intranet. IP packet filtering is important when users from private intranets connect to public networks, such as the Internet.

You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You have implemented four VPN connections in the network. You use the Cisco IOS on the network.
Which feature will you enable to maintain a separate routing and forwarding table for each VPN?

  • A. Intrusion Prevention System
  • B. VRF-aware firewall
  • C. Virtual Private Network
  • D. Stateful firewall


Answer : B

In this scenario, the company's network has a vast majority of Cisco Systems routers and Cisco network switches. The security administrator of the company has implemented four VPN connections in the network and uses the Cisco IOS on the network. He needs to maintain a separate routing and forwarding table for each
VPN in order to provide more secure communication. To accomplish this task, he should enable the VRF-aware firewall feature on the Cisco IOS routers.

Which of the following commands can be used to intercept and log the Linux kernel messages?

  • A. syslogd
  • B. klogd
  • C. sysklogd
  • D. syslog-ng


Answer : BC

The klogd and sysklogd commands can be used to intercept and log the Linux kernel messages.

Which of the following are the reasons for implementing firewall in any network?

  • A. Create a choke point
  • B. Log Internet activity
  • C. Log system activity
  • D. Limit access control
  • E. Implementing security policy
  • F. Limit network host exposure


Answer : ABEF

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria. The four important roles of a firewall are as follows:
1. Implement security policy: A firewall is a first step in implementing security policies of an organization. Different policies are directly implemented at the firewall.
A firewall can also work with network routers to implement Types-Of-Service (ToS) policies.
2. Creating a choke point: A firewall can create a choke point between a private network of an organization and a public network. With the help of a choke point the firewall devices can monitor, filter, and verify all inbound and outbound traffic.
3. Logging Internet activity: A firewall also enforces logging of the errors and faults. It also provides alarming mechanism to the network.
4. Limiting network host exposure: A firewall can create a perimeter around the network to protect it from the Internet. It increases the security by hiding internal information.

Samantha works as a Web Developer for XYZ CORP. She is designing a Web site for the company. In a Web page, she uses the HTTP-EQUIV attribute to control the page cache.
Which of the following HTTP-EQUIV values controls the page cache in the browser folder?

  • A. Window-target
  • B. Status-code
  • C. Content-type
  • D. Pragma


Answer : D

HTTP-EQUIV is an attribute of the META tag. It sets or retrieves information used to bind the META tag's content to an HTTP response header. The pragma value of HTTP-EQUIV controls the page cache.

You work as a Software Developer for Mansoft Inc. You create an application and use it to create users as members of the local Users group.
Which of the following code snippets imperatively demands that the current user is a member of the local Users group?

  • A. System.AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); PrincipalPermission MyPermission = new PrincipalPermission(null, @"BUILTIN\Users", true); MyPermission.Demand();
  • B. PrincipalPermission MyPermission = new PrincipalPermission(null, @"BUILTIN\Users", true); MyPermission.Demand();
  • C. System.AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); PrincipalPermission MyPermission = newPrincipalPermission(null, @"Users", true); MyPermission.Demand();
  • D. PrincipalPermission MyPermission = new PrincipalPermission(null, @"Users", true); MyPermission.Demand();


Answer : AC

The PrincipalPermission class allows security checks against the active principal. This is done by using the language constructs that are defined for both imperative and declarative security actions. To perform an imperative security demand for membership in a built-in Microsoft Windows group, you must first set the default principal policy to the Windows principal by calling the SetPrincipalPolicy (PrincipalPolicy.WindowsPrincipal) statement. Construct a PrincipalPermission object specifying the group name. To specify the group name, you can provide just the group name, or you can preface the group name with either "BUILTIN\" or the computer name and a backslash. Finally, call the PrincipalPermission.Demand method. There is another method of identifying group membership, i.e. by using the PrincipalPermissionclass or the PrincipalPermissionAttribute attribute derived from the System.Security.Permissions namespace. The PrincipalPermission object identifies that the identity of the active principal should match its information with the identity information that is passed to its constructor. The identity information contains the user's identity name and role.

Page:    1 / 12   
Exam contains 166 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy