GCIA Online Practice Questions and Answers

Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats? Each correct answer represents a complete solution. Choose three.

A. These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access.

B. These are the threats that originate from within the organization.

C. These are the threats intended to flood a network with large volumes of access requests.

D. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet.

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

A. Command injection attack

B. Code injection attack

C. Cross-Site Request Forgery

D. Cross-Site Scripting attack

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

A. IPTables

B. OpenSSH

C. IPChains

D. Stunnel

Which of the following statements are true about routers? Each correct answer represents a complete solution. Choose all that apply.

A. Routers do not limit physical broadcast traffic.

B. Routers organize addresses into classes, which are used to determine how to move packets from one network to another.

C. Routers act as protocol translators and bind dissimilar networks.

D. Routers are responsible for making decisions about which of several paths network (or Internet) traffic will follow.

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single forest multiple domain IPv4 network. All the DNS servers on the network run Windows Server 2008. The users in the network use NetBIOS name to connect network application on the network. You have migrated the network to IPv6-enabled network. Now you want to enable DNS Server to perform lookups in GlobalNames Zone. Which of the following commands will you use to accomplish the task?

A. Dnscmd /config /enableglobalnames 1

B. Dnscmd /config /enableglobalnamessupport 0

C. Dnscmd /config /enableglobalnamessupport 1

D. Dnscmd /config /globalnamesqueryorder 0

Mark has been assigned a project to configure a wireless network for a company. The network should contain a Windows 2003 server and 30 Windows XP client computers. Mark has a single dedicated Internet connection that has to be shared among all the client computers and the server. The configuration needs to be done in a manner that the server should act as a proxy server for the client computers. Which of the following programs can Mark use to fulfill this requirement?

A. Microsoft Internet Security and Acceleration Server (ISA)

B. Wingate

C. Sniffer

D. SOCKS

Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notice that hops 19 and 20 both show the same IP address.

1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176- 1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176- 1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0- 1.nv.nv. cox.net (68.100.0.1)

16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms 5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0- 0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "PassGuide" - 8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1. NewYork1.Level3.net (64.159.1.182) 20.334 ms

19.440 ms 17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3. net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3- oc48.NewYork1.Level3.net (209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-00.XL1.NYC4.ALTER.NET (152.63.21.78) 21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms

23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms 33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms 49.466 ms 16 0.so-3-0- 0.XR1.MIA4.ALTER. NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6- 0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 passguidegw1.

customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19 www.passguide.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20 www.passguide.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms

Which of the following is the most like cause of this issue?

A. Intrusion Detection System

B. An application firewall

C. Network Intrusion system

D. A stateful inspection firewall

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate computer of an unfaithful employee of SecureEnet Inc. Suspect's computer runs on Windows operating system. Which

of the following sources will Adam investigate on a Windows host to collect the electronic evidences?

Each correct answer represents a complete solution. Choose all that apply.

A. Allocated cluster

B. Swap files

C. Slack spaces

D. Unused and hidden partition

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

A. Fragmentation overlap attack

B. Evasion attack

C. Fragmentation overwrite attack

D. Insertion attack

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

A. Signature-based

B. Network-based

C. File-based

D. Anomaly-based

For a host to have successful Internet communication, which of the following network protocols are required? You should assume that the users will not manually configure the computer in anyway and that the measure of success will be

whether the user can access Web sites after powering the computer and logging on.

Each correct answer represents a complete solution. Choose all that apply.

A. NTP

B. HTTP/HTTPS

C. DNS

D. DHCP

Which of the following tools allows an attacker to intentionally craft the packets to gain unauthorized access? Each correct answer represents a complete solution. Choose two.

A. Fragroute

B. Ettercap

C. Mendax

D. Tcpdump

Which of the following IP packet elements is responsible for authentication while using IPSec?

A. Authentication Header (AH)

B. Layer 2 Tunneling Protocol (L2TP)

C. Internet Key Exchange (IKE)

D. Encapsulating Security Payload (ESP)

Which of the following is a checksum algorithm?

A. Hash buster

B. Snort

C. Adler-32

D. Dsniff

Which of the following proxy servers can be used for spamming?

A. Caching proxy server

B. Web proxy server

C. Open proxy server

D. Anonymizing proxy server