[Free] 2017(Sep) EnsurePass Pass4sure GIAC GSNA Dumps with VCE and PDF 81-90

EnsurePass
2017 Sep GIAC Official New Released GSNA
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GSNA.html

GIAC Systems and Network Auditor

Question No: 81 – (Topic 1)

You work as the Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are a root user on the Red Hat operating system. You want to keep an eye on the system log file /var/adm/messages. Which of the following commands should you use to read the file in real time?

  1. tail -n 3 /var/adm/messages

  2. tail -f /var/adm/messages

  3. cat /var/adm/messages

  4. tail /var/adm/messages

Answer: B

Explanation: Using the -f option causes tail to continue to display the file in real time, showing added lines to the end of the file as they occur.

Question No: 82 – (Topic 1)

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

  1. Safeguards

  2. Detective controls

  3. Corrective controls

  4. Preventive controls

Answer: C

Explanation: Corrective controls are used after a security breach. After security has been breached, corrective controls are intended to limit the extent of any damage caused by the incident, e.g. by recovering the organization to normal working status as efficiently as possible. Answer: D is incorrect. Before the event, preventive controls are intended to prevent an incident from occurring, e.g. by locking out unauthorized intruders. Answer: B is incorrect. During the event, detective controls are intended to identify and characterize an

incident in progress, e.g. by sounding the intruder alarm and alerting the security guards or the police. Answer: A is incorrect. Safeguards are those controls that provide some amount of protection to an asset.

Question No: 83 – (Topic 1)

Which of the following wireless security features provides the best wireless security mechanism?

  1. WEP

  2. WPA with 802.1X authentication

  3. WPA

  4. WPA with Pre Shared Key

Answer: B

Explanation: WPA with 802.1X authentication provides best wireless security mechanism. 802.1X authentication, also known as WPA-Enterprise, is a security mechanism for wireless networks. 802.1X provides port-based authentication, which involves communications between a supplicant, authenticator, and authentication server. The supplicant is often software on a client device, the authenticator is a wired Ethernet switch or wireless access point, and an authentication server is generally a RADIUS database.

The authenticator acts like a security guard to a protected network. The supplicant (client device) is not allowed access through the authenticator to the protected side of the network until the supplicant#39;s identity is authorized. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

Ensurepass 2017 PDF and VCE

C:\Documents and Settings\user-nwz\Desktop\1.JPG

Answer: A is incorrect. Wired equivalent privacy (WEP) uses the stream cipher RC4 (Rivest Cipher). WEP uses the Shared Key Authentication, since both the access point and the wireless device possess the same key. Attacker with enough Initialization Vectors can crack the key used and gain full access to the network. Answer: D is incorrect. WPA-PSK is a strong encryption where encryption keys are automatically changed (called rekeying) and authenticated between devices after a fixed period of time, or after a fixed number of packets has been transmitted. Answer: C is incorrect. WAP uses TKIP (Temporal Key Integrity Protocol) to enhance data encryption, but still vulnerable to different password cracking attacks.

Question No: 84 – (Topic 1)

You work as a Network Administrator for TechPerfect Inc. The company has a secure wireless network. Since the company#39;s wireless network is so dynamic, it requires regular auditing to maintain proper security. For this reason, you are configuring NetStumbler as a wireless auditing tool. Which of the following statements are true about NetStumbler?

  1. It can be integrated with the GPS.

  2. It cannot identify the channel being used.

  3. It can identify the SSIDs.

  4. It works with a wide variety of cards.

Answer: A,C,D

Explanation: NetStumbler is one of the most famous wireless auditing tools. It works with a wide variety of cards. If it is loaded on a computer, it can be used to detect 802.11 networks. It can easily identify the SSIDs and security tools. It can even identify the channel being used. This tool can also be integrated with the GPS to identify the exact location of AP for plotting onto a map. Answer: B is incorrect. It can identify the channel being used. NetStumbler can be used for a variety of services: For wardriving To verify network configurations To find locations with poor coverage in a WLAN To detect causes of wireless interference To detect unauthorized (quot;roguequot;) access points To aim directional antennas for long-haul WLAN links

Question No: 85 – (Topic 1)

You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based routed network. Two segments have been configured on the network as shown below:

Ensurepass 2017 PDF and VCE

One day, the switch in Subnet B fails. What will happen?

  1. Communication between the two subnets will be affected.

  2. The whole network will collapse.

  3. Workstations on Subnet A will become offline

  4. Workstations on Subnet B will become offline.

    Answer: A,D

    Explanation: According to the question, the network is a routed network where two segments have been divided and each segment has a switch. These switches are connected to a common router. All workstations in a segment are connected to their respective subnet#39;s switches. Failure of the switch in Subnet B will make all workstations connected to it offline. Moreover, communication between the two subnets will be affected, as there will be no link to connect to Subnet B.

    Question No: 86 – (Topic 1)

    John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to

    1. Original cookie values: ItemID1=2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1=2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price. Which of the following hacking techniques is John performing?

      1. Cross site scripting

      2. Man-in-the-middle attack

      3. Cookie poisoning

      4. Computer-based social engineering

Answer: C

Explanation: John is performing cookie poisoning. In cookie poisoning, an attacker modifies the value of cookies before sending them back to the server. On modifying the cookie values, an attacker can log in to any other user account and can perform identity theft. The following figure explains how cookie poisoning occurs:

Ensurepass 2017 PDF and VCE

C:\Documents and Settings\user-nwz\Desktop\1.JPG

For example: The attacker visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the

price of the item to 1. Original cookie values: ItemID1= 2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1= 2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, the attacker clicks the Buy button and the prices are sent to the server that calculates the total price. Another use of a Cookie Poisoning attack is to pretend to be another user after changing the username in the cookie values: Original cookie values: LoggedIn= True Username = Mark Modified cookie values: LoggedIn= True Username = Admin Now, after modifying the cookie values, the attacker can do the admin login.

Answer: A is incorrect. A cross site scripting attack is one in which an attacker enters malicious data into a Website. For example, the attacker posts a message that contains malicious code to any newsgroup site. When another user views this message, the browser interprets this code and executes it and, as a result, the attacker is able to take control of the user#39;s system. Cross site scripting attacks require the execution of client-side languages such as JavaScript, Java, VBScript, ActiveX, Flash, etc. within a user#39;s Web environment. With the help of a cross site scripting attack, the attacker can perform cookie stealing, sessions hijacking, etc.

Question No: 87 – (Topic 1)

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory- based single forest network. You configure a new Windows Server 2008 server in the network. The new server is not yet linked to Active Directory. You are required to accomplish the following tasks: Add a new group named quot;Salesquot;. Copy the quot;Returnsquot; group from the older server to the new one. Rename the quot;Returnsquot; group to quot;Revenuequot;. View all group members, including for multiple groups/entire domain. You use Hyena to simplify and centralize all of these tasks. Which of the assigned tasks will you be able to accomplish?

  1. Copy the quot;Returnsquot; group to the new server.

  2. Rename the quot;Returnsquot; group to quot;Revenuequot;.

  3. Add the new group named quot;Salesquot;.

  4. View and manage all group members, including for multiple groups/entire domain.

Answer: A,B,C

Explanation: Hyena supports the following group management functions: Full group administration such as add, modify, delete, and copy Rename groups Copy groups from one computer to another View both direct and indirect (nested) group members for one or more groups [only for Active Directory] View all group members, including for multiple groups/entire domain [only for Active Directory] Answer: D is incorrect. All group members

can neither be viewed nor managed until the new server is linked to Active Directory.

Question No: 88 – (Topic 1)

Which of the following tools can be used to read NetStumbler#39;s collected data files and present street maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal strength?

  1. Kismet

  2. StumbVerter

  3. WEPcrack

  4. NetStumbler

Answer: B

Explanation: StumbVerter tool is used to read NetStumbler#39;s collected data files and present street maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal strength. Answer: C is incorrect. WEPcrack is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters. Answer: A is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Answer: D is incorrect. NetStumbler is a Windows- based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. It detects wireless networks and marks their relative position with a GPS.

Question No: 89 – (Topic 1)

eBox Platform is an open source unified network server (or a Unified Network Platform) for SMEs. In which of the following forms can eBox Platform be used?

  1. Unified Communications Server

  2. Network Infrastructure Manager

  3. Gateway

  4. Sandbox

Answer: A,B,C

Explanation: eBox Platform is an open source unified network server (or a Unified Network Platform) for SMEs. eBox Platform can act as a Gateway, Network Infrastructure Manager, Unified Threat Manager, Office Server, Unified Communications Server or a combination of them. Besides, eBox Platform includes a development framework to ease the development of new Unix-based services. Answer: D is incorrect. eBox Platform cannot act as a sandbox. A sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs, from unverified third-parties, suppliers, and untrusted users.

Question No: 90 – (Topic 1)

Which of the following encryption encoding techniques is used in the basic authentication method?

  1. HMAC_MD5

  2. Md5

  3. DES (ECB mode)

  4. Base64

Answer: D

Explanation: Base64 encryption encoding, which can easily be decoded, is used in the basic authentication method. Answer: B is incorrect. The Md5 hashing technique is used in the digest authentication method. Answer: A is incorrect. The HMAC_MD5 hashing technique is used in the NTLMv2 authentication method. Answer: C is incorrect. DES (ECB mode) is used in the NTLMv1 authentication method.

100% Free Download!
Download Free Demo:GSNA Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass GSNA Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE