[Free] 2017(Sep) EnsurePass Pass4sure GIAC GSNA Dumps with VCE and PDF 171-180

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GSNA
100% Free Download! 100% Pass Guaranteed!

GIAC Systems and Network Auditor

Question No: 171 – (Topic 2)

What does a firewall check to prevent certain ports and applications from getting the packets into an Enterprise?

  1. The network layer headers and the session layer port numbers

  2. The transport layer port numbers and the application layer headers

  3. The application layer port numbers and the transport layer headers

  4. The presentation layer headers and the session layer port numbers

Answer: B

Explanation: A firewall stops delivery of packets that are not marked safe by the Network Administrator. It checks the transport layer port numbers and the application layer headers to prevent certain ports and applications from getting the packets into an Enterprise.

Answer: A, C, D are incorrect. These information are not checked by a firewall.

Question No: 172 – (Topic 2)

You work as a Network Administrator for XYZ CORP. The company#39;s Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:

Ensurepass 2017 PDF and VCE

Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

  1. A protocol rule that allows the use of HTTP has not been created.

  2. An IP packet filter that allows the use of network traffic on port 80 has not been created.

  3. An IP packet filter that allows the use of network traffic on port 443 has not been created.

  4. A protocol rule that allows the use of HTTPS has not been created.

Answer: C

Explanation: The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.

Question No: 173 – (Topic 2)

You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes. Which of the following files store a copy of the data dictionary? (Choose two)

  1. Online redo log files

  2. Operating system flat file

  3. Dump file

  4. Control file

Answer: A,B

Explanation: LogMiner requires a dictionary to translate object IDs into object names when it returns redo data to you. You have the following three options to retrieve the data dictionary: The Online catalog: It is the most easy and efficient option to be used. It is used when a database user have access to the source database from which the redo log files were created. The other condition that should qualify is that there should be no changes to the column definitions in the desired tables. The Redo Log Files: This option is used when a database user does not have access to the source database from which the redo log files were created and if there is any chances of changes to the column definitions of the desired tables. An operating system flat file: Oracle does not recommend to use this option, but it is retained for backward compatibility. The reason for not preferring the option is that

it does not guarantee transactional consistency. LogMiner is capable to access the Oracle redo logs. It keeps the complete record of all the activities performed on the database, and the associated data dictionary, which is used to translate internal object identifiers and types to external names and data formats. For offline analysis, LogMiner can be run on a separate database, using archived redo logs and the associated dictionary from the source database.

Question No: 174 – (Topic 2)

Which of the following policies helps reduce the potential damage from the actions of one person?

  1. CSA

  2. Separation of duties

  3. Internal audit

  4. Risk assessment

Answer: B

Explanation: Separation of duties (SoD) is the concept of having more than one person required to complete a task. It is alternatively called segregation of duties or, in the political realm, separation of powers. Segregation of duties helps reduce the potential damage from the actions of one person. IS or end-user department should be organized in a way to achieve adequate separation of duties. According to ISACA#39;s Segregation of Duties Control matrix, some duties should not be combined into one position. This matrix is not an industry standard, just a general guideline suggesting which positions should be separated and which require compensating controls when combined. Answer: A is incorrect. Cisco Security Agent (CSA) is an endpoint intrusion prevention system. It is rule-based and examines system activity and network traffic, determining which behaviors are normal and which may indicate an attack. CSA uses a two or three-tier client- server architecture. The Management Center #39;MC#39; (or Management Console) contains the program logic; an MS SQL database backend is used to store alerts and configuration information; the MC and SQL database may be co-resident on the same system. The Agent is installed on the desktops and/or servers to be protected. The Agent communicates with the Management Center, sending logged events to the Management Center and receiving updates in rules when they occur. Answer: C is incorrect. Internal auditing is a profession and activity involved in helping organizations achieve their stated objectives. It does this by using a systematic methodology for analyzing business processes, procedures and activities with

the goal of highlighting organizational problems and recommending solutions. Answer: D is incorrect. Risk assessment is a step in a risk management process.

Question No: 175 – (Topic 2)

Web mining allows a user to look for patterns in data through content mining, structure mining, and usage mining. What is the function of structure mining?

  1. To examine data collected by search engines

  2. To examine data collected by Web spiders

  3. To examine data related to the structure of a particular Web site

  4. To examine data related to a particular user#39;s browser

Answer: C

Explanation: Structure mining is used to examine data related to the structure of a particular Web site. Answer: D is incorrect. Usage mining is used to examine data related to a particular user#39;s browser as well as data gathered by forms the user may have submitted during Web transactions.

Question No: 176 – (Topic 2)

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

  1. Eavesdropping

  2. Fingerprinting

  3. Web ripping

  4. TCP FTP proxy scanning

Answer: C

Explanation: Web ripping is a technique in which the attacker copies the whole structure of a Web site to the local disk and obtains all files of the Web site. Web ripping helps an

attacker to trace the loopholes of the Web site. Answer: A is incorrect. Eavesdropping is the intentional interception of data (such as e-mail, username, password, credit card, or calling card number) as it passes from a user#39;s computer to a server, or vice versa. There are high-tech methods of eavesdropping. It has been demonstrated that a laser can be bounced off a window and vibrations caused by the sounds inside the building can be collected and turned back into those sounds. The cost of high-tech surveillance has made such instruments available only to the professional information gatherer, however. But as with all high-tech electronics, falling prices are making these more affordable to a wider audience.

Answer: D is incorrect. In TCP FTP proxy (bounce attack) scanning, a scanner connects to an FTP server and requests it to start data transfer to a third system. The scanner uses the PORT FTP command to find out whether or not the data transfer process is listening to the target system at a certain port number. It then uses the LIST FTP command to list the current directory, and the result is sent over the server. If the data transfer is successful, it clearly indicates that the port is open. If the port is closed, the attacker receives the connection refused ICMP error message. Answer: B is incorrect. Fingerprinting is the easiest way to detect the Operating System (OS) of a remote system. OS detection is important because, after knowing the target system#39;s OS, it becomes easier to hack into the system. The comparison of data packets that are sent by the target system is done by fingerprinting. The analysis of data packets gives the attacker a hint as to which operating system is being used by the remote system. There are two types of fingerprinting techniques as follows: 1.Active fingerprinting 2.Passive fingerprinting In active fingerprinting ICMP messages are sent to the target system and the response message of the target system shows which OS is being used by the remote system. In passive fingerprinting the number of hops reveals the OS of the remote system.

Question No: 177 – (Topic 2)

Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. In one of the Web pages, Peter wants to ensure that certain information is consistent and visible while the other information changes. Which of the following will he use to accomplish this?

  1. Tables

  2. Navigation links

  3. Data elements

  4. Frames

Answer: D

Explanation: Peter will use frames in the Web page. Frames are extensions of the HTML

3.2 standard introduced by Netscape. Elements such as navigation links and title graphic, can be placed in static individual frames. The lt;framegt; tag defines the contents that will appear in each frame. It is used within the lt;framesetgt; tag. Frames allow users to display multiple HTML files at a time. Answer: A is incorrect. A table is used to handle data in tabular form. Answer: B is incorrect. Navigation links are used with the navigation bar to display a page. These hyperlinks are relative to the navigational structure of a Web site. Answer: C is incorrect. Data elements are used to access data in XML format from a Web server.

Question No: 178 – (Topic 2)

In a network, a data packet is received by a router for transmitting it to another network. In order to make decisions on where the data packet should be forwarded, the router checks with its routing table. Which of the following lists does a router check in a routing table?

  1. Available networks

  2. Available packets

  3. Available protocols

  4. Available paths

Answer: A,D

Explanation: A Routing table stores the actual routes to all destinations; the routing table is populated from the topology table with every destination network that has its successor and optionally feasible successor identified (if unequal-cost load-balancing is enabled using the variance command). The successors and feasible successors serve as the next hop routers for these destinations. Unlike most other distance vector protocols, EIGRP does not rely on periodic route dumps in order to maintain its topology table. Routing information is exchanged only upon the establishment of new neighbor adjacencies, after which only changes are sent. Answer: C is incorrect. A routing table does not contain any list of protocols. Answer: B is incorrect. A routing table does not contain any list of packets.

Question No: 179 – (Topic 2)

You work as a Network Administrator for XYZ CORP. The company has a small TCP/IP- based network environment. The network contains a Cisco Catalyst 6000 family switch. A few sales people come to your outer office and use your local network to access the Internet, as well as to demonstrate their products. What will you do to prevent your network from being accessed by any outside computers?

  1. Configure port security.

  2. Configure a firewall for IP blocking on the network.

  3. Configure a firewall for MAC address blocking on the network.

  4. Configure a port scanner.

Answer: A Explanation:

According to the question, you are required to prevent outside computers from accessing your network. You should therefore configure the switch#39;s port access based on the MAC address, which can be done by configuring port security. Port security is a feature of Cisco Catalyst series switches. Port security is used to block input based on the media access control (MAC) address to an Ethernet, Fast Ethernet, or Gigabit Ethernet port. It denies the port access to a workstation when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Internet or other outside networks. Answer: D is incorrect. A port scanner is a software tool that is designed to search a network host for open ports. This tool is often used by administrators to check the security of their networks. It is also used by hackers to compromise the network and systems.

Question No: 180 – (Topic 2)

Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs? (Choose two)

  1. Using personal firewall software on your Laptop.

  2. Using a protocol analyzer on your Laptop to monitor for risks.

  3. Using portscanner like nmap in your network.

  4. Using an IPSec enabled VPN for remote connectivity.

    Answer: A,D

    Explanation: According to the scenario, you want to implement a security policy to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs. For this, you will use the following two options:

    1. Using IPSec enabled VPN for remote connectivity: Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security. IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password.

    2. Using personal firewall software on your Laptop: You can also create a firewall rule to block malicious packets so that you can secure your network. Answer: C is incorrect. Portscanner is used for scanning port and tells which ports are open. However, this tool is very much useful in information gathering step of the attacking process, it cannot be used to protect a WLAN network. Answer: B is incorrect. You cannot use the packet analyzer to protect your network. Packet analyzer is used to analyze data packets flowing in the network.

      100% Ensurepass Free Download!
      Download Free Demo:GSNA Demo PDF
      100% Ensurepass Free Guaranteed!
      Download 2017 EnsurePass GSNA Full Exam PDF and VCE

      EnsurePass ExamCollection Testking
      Lowest Price Guarantee Yes No No
      Up-to-Dated Yes No No
      Real Questions Yes No No
      Explanation Yes No No
      PDF VCE Yes No No
      Free VCE Simulator Yes No No
      Instant Download Yes No No

      2017 EnsurePass IT Certification PDF and VCE