Symantec pdf vraies questions et réponses: GIAC

显示标签为“GIAC”的博文。显示所有博文

2014年7月23日星期三

GIAC meilleur examen GCPM GPEN GCFA, questions et réponses

Pour l'instant, vous pouvez télécharger le démo gratuit de Q&A GIAC GCPM dans Pass4Test pour se former avant le test GIAC GCPM.

Choisir le produit fait avec tous efforts des experts de Pass4Test vous permet à réussir 100% le test Certification IT. Le produit de Pass4Test est bien certifié par les spécialistes dans l'Industrie IT. La haute qualité du produit Pass4Test ne vous demande que 20 heures pour préparer, et vous allez réussir le test GIAC GPEN à la première fois. Vous ne refuserez jamais pour le choix de Pass4Test, parce qu'il symbole le succès.

Finalement, la Q&A GIAC GCFA plus nouvelle est lancé avec tous efforts des experts de Pass4Test. Aujourd'hui, dans l'Industrie de IT, si on veut se renforcer sa place, il faut se preuve la professionnalité aux les autres. Le test GIAC GCFA est une bonne examination des connaissances professionnelles. Avec le passport de la Certification GIAC, vous aurez un meilleur salaire et une plus grande space à se développer.

Si vous traviallez dur encore pour préparer le test de GIAC GCPM et réaliser votre but plus vite, Pass4Test peut vous donner une solution plus pratique. Choisir la Q&As de Pass4Test qui vous assure que c'est pas un rêve à réussir le test GIAC GCPM.

Code d'Examen: GCPM
Nom d'Examen: GIAC (GIAC Certified Project Manager Certification Practice Test)
Questions et réponses: 397 Q&As

Code d'Examen: GPEN
Nom d'Examen: GIAC (GIAC Certified Penetration Tester)
Questions et réponses: 384 Q&As

Code d'Examen: GCFA
Nom d'Examen: GIAC (GIAC Certified Forensics Analyst)
Questions et réponses: 318 Q&As

Pass4Test a une grande équipe composée des experts d'expérience dans l'industrie IT. Leurs connaissances professionnelles et les recherches font une bonne Q&A, qui vous permet à passer le test GIAC GCFA. Dans Pass4Test, vous pouvez trouver une façon plus convenable à se former. Les resources de Pass4Test sont bien fiable. Choisissez Pass4Test, choisissez un raccourci à réussir le test GIAC GCFA.

GCFA Démo gratuit à télécharger: http://www.pass4test.fr/GCFA.html

NO.1 Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of
Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and
database files from the computer. After performing these malicious tasks, Adam finally runs the following
command on the Linux command box before disconnecting. for (( i =
0;i<11;i++ )); do
dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
A. Making a bit stream copy of the entire hard disk for later download.
B. Deleting all log files present on the system.
C. Wiping the contents of the hard disk with zeros.
D. Infecting the hard disk with polymorphic virus strings.
Answer: C

certification GIAC   certification GCFA   GCFA examen

NO.2 Which of the following encryption methods uses AES technology?
A. Dynamic WEP
B. Static WEP
C. TKIP
D. CCMP
Answer: D

GIAC examen   certification GCFA   certification GCFA   certification GCFA   GCFA

NO.3 You work as a Network Administrator for Blue Bell Inc. You want to install Windows XP
Professional on your computer, which already has Windows Me installed. You want to configure your
computer to dual boot between Windows Me and Windows XP Professional. You have a single 40GB
hard disk.
Which of the following file systems will you choose to dual-boot between the two operating
systems?
A. NTFS
B. FAT32
C. CDFS
D. FAT
Answer: B

GIAC   GCFA examen   GCFA examen   GCFA examen

NO.4 Which of the following type of file systems is not supported by Linux kernel?
A. vFAT
B. NTFS
C. HFS
D. FAT32
Answer: D

GIAC examen   GCFA examen   certification GCFA   GCFA examen

NO.5 Mark works as a security manager for SofTech Inc. He is using a technique for monitoring what the
employees are doing with corporate resources. Which of the following techniques is being used by Mark
to gather evidence of an ongoing computer crime if a member of the staff is e-mailing company's secrets
to an opponent?
A. Electronic surveillance
B. Civil investigation
C. Physical surveillance
D. Criminal investigation
Answer: A

certification GIAC   GCFA examen   GCFA examen   GCFA examen   GCFA examen

NO.6 You want to upgrade a partition in your computer's hard disk drive from FAT to NTFS. Which of the
following DOS commands will you use to accomplish this?
A. FORMAT C: /s
B. CONVERT C: /fs:ntfs
C. SYS C:
D. FDISK /mbr
Answer: B

GIAC examen   GCFA examen   certification GCFA   certification GCFA

NO.7 You company suspects an employee of sending unauthorized emails to competitors. These emails are
alleged to contain confidential company data. Which of the following is the most important step for you to
take in preserving the chain of custody?
A. Preserve the email server including all logs.
B. Make copies of that employee's email.
C. Seize the employee's PC.
D. Place spyware on the employee's PC to confirm these activities.
Answer: A

GIAC   certification GCFA   GCFA examen

NO.8 Adam works as a Computer Hacking Forensic Investigator for a garment company in the United States.
A project has been assigned to him to investigate a case of a disloyal employee who is suspected of
stealing design of the garments, which belongs to the company and selling those garments of the same
design under different brand name. Adam investigated that the company does not have any policy related
to the copy of design of the garments. He also investigated that the trademark under which the employee
is selling the garments is almost identical to the original trademark of the company. On the grounds of
which of the following laws can the employee be prosecuted.?
A. Trademark law
B. Cyber law
C. Copyright law
D. Espionage law
Answer: A

certification GIAC   GCFA   GCFA examen   GCFA examen   certification GCFA

2014年4月11日星期五

Les meilleures GIAC GCIH examen pratique questions et réponses

Si vous choisissez notre l'outil formation, Pass4Test peut vous assurer le succès 100% du test GIAC GCIH. Votre argent sera tout rendu si vous échouez le test.

En quelques années, le test de certification de GIAC GCIH faisait un grand impact sur la vie quotidienne pour pas mal de gens. Voilà le problème, comme on peut réussir facilement le test de GIAC GCIH? Notre Pass4Test peut vous aider à tout moment à résourdre ce problème rapidement. Pass4Test peut vous offrir une bonne formation particulière à propos du test de certification GCIH. Notre outil de test formation est apporté par les IT experts. Chez Pass4Test, vous pouvez toujours trouver une formations à propos du test Certification GCIH, plus nouvelle et plus proche d'un test réel. Tu choisis le Pass4Test aujourd'hui, tu choisis le succès de test Certification demain.

Les spécialiste profitant leurs expériences et connaissances font sortir les documentations particulière ciblées au test GIAC GCIH pour répondre une grande demande des candidats. Maintenant, la Q&A plus nouvelle, la version plus proche de test GIAC GCIH réel est lancée. C'est possible à réussir 100% avec le produit de GIAC GCIH. Si malheureusement, vous ne passez pas le test, votre argent sera tout rendu. Vous pouvez télécharger le démo gratuit en Internet pour examiner la qualité de Q&A. N'hésitez plus d'ajouter le produit au panier, Pass4Test peut vous aider à réussir le rêve.

Si vous travaillez quand même très dur et dépensez beaucoup de temps pour préparer le test GIAC GCIH, mais ne se savez pas du tout c'est où le raccourci pour passer le test certification, Pass4Test peut vous donner une solution efficace. Vous vous sentirez magiquement jouer un effet multiplicateur.

Code d'Examen: GCIH
Nom d'Examen: GIAC (GIAC Certified Incident Handler)
Questions et réponses: 335 Q&As

La Q&A de Pass4Test vise au test Certificat GIAC GCIH. L'outil de formation GIAC GCIH offert par Pass4Test comprend les exercices de pratique et le test simulation. Vous pouvez trouver les autres sites de provider la Q&A, en fait vous allez découvrir que c'est l'outil de formation de Pass4Test qui offre les documentaions plus compètes et avec une meilleure qualité.

GCIH Démo gratuit à télécharger: http://www.pass4test.fr/GCIH.html

NO.1 In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to
the target system?
A. Ping of death
B. Jolt
C. Fraggle
D. Teardrop
Answer: A

GIAC   GCIH examen   GCIH   certification GCIH   GCIH examen

NO.2 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The
output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server.
Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
A. This vulnerability helps in a cross site scripting attack.
B. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the
attacker.
C. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
D. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other
malicious scripts.
Answer: A, C, D

certification GIAC   certification GCIH   GCIH examen   GCIH examen   GCIH

NO.3 Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. All
computers run on Windows XP. Manager of the Sales department complains Adam about the unusual
behavior of his computer. He told Adam that some pornographic contents are suddenly appeared on his
computer overnight. Adam suspects that some malicious software or Trojans have been installed on the
computer. He runs some diagnostics programs and Port scanners and found that the Port 12345, 12346,
and 20034 are open. Adam also noticed some tampering with the Windows registry, which causes one
application to run every time when Windows start.
Which of the following is the most likely reason behind this issue?
A. Cheops-ng is installed on the computer.
B. Elsave is installed on the computer.
C. NetBus is installed on the computer.
D. NetStumbler is installed on the computer.
Answer: C

GIAC   GCIH examen   GCIH   GCIH examen

NO.4 Which of the following commands is used to access Windows resources from Linux workstation?
A. mutt
B. scp
C. rsync
D. smbclient
Answer: D

GIAC   certification GCIH   GCIH   certification GCIH

NO.5 Which of the following types of attacks is only intended to make a computer resource unavailable to its
users?
A. Denial of Service attack
B. Replay attack
C. Teardrop attack
D. Land attack
Answer: A

certification GIAC   GCIH   certification GCIH   certification GCIH   certification GCIH

NO.6 John works as a Professional Penetration Tester. He has been assigned a project to test the Website
security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a
username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure
Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve
the security of the we-are-secure Website login page from the SQL injection attack?
A. Use the escapeshellarg() function
B. Use the session_regenerate_id() function
C. Use the mysql_real_escape_string() function for escaping input
D. Use the escapeshellcmd() function
Answer: C

GIAC   GCIH examen   certification GCIH   GCIH

NO.7 You see the career section of a company's Web site and analyze the job profile requirements. You
conclude that the company wants professionals who have a sharp knowledge of Windows server 2003
and Windows active directory installation and placement. Which of the following steps are you using to
perform hacking?
A. Scanning
B. Covering tracks
C. Reconnaissance
D. Gaining access
Answer: C

GIAC   GCIH   GCIH examen   GCIH   certification GCIH   GCIH examen

NO.8 Choose and reorder the steps of an incident handling process in their correct order.
A.
Answer: A

GIAC examen   GCIH   certification GCIH   GCIH examen   GCIH   GCIH

NO.9 Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet
forum for online discussion. When a user visits the infected Web page, code gets automatically executed
and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of
Cross-Site Scripting attack Ryan intends to do?
A. Non persistent
B. Document Object Model (DOM)
C. SAX
D. Persistent
Answer: D

certification GIAC   GCIH   GCIH examen

NO.10 Adam, a novice computer user, works primarily from home as a medical professional. He just bought a
brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his
new computer, he notices that it is not running nearly as fast as it used to. Adam uses antivirus software,
anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of
working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a
window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up,
even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free
space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem.?
A. Computer is infected with the stealth kernel level rootkit.
B. Computer is infected with stealth virus.
C. Computer is infected with the Stealth Trojan Virus.
D. Computer is infected with the Self-Replication Worm.
Answer: A

GIAC examen   GCIH examen   GCIH   certification GCIH

NO.11 Which of the following are the primary goals of the incident handling team?
Each correct answer represents a complete solution. Choose all that apply.
A. Freeze the scene.
B. Repair any damage caused by an incident.
C. Prevent any further damage.
D. Inform higher authorities.
Answer: A, B, C

certification GIAC   certification GCIH   GCIH   GCIH   GCIH examen

NO.12 Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use
______ defense against buffer overflow attacks.
A. canary
Answer: A

certification GIAC   GCIH examen   GCIH   GCIH examen

NO.13 Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.
A. It disrupts services to a specific computer.
B. It changes the configuration of the TCP/IP protocol.
C. It saturates network resources.
D. It disrupts connections between two computers, preventing communications between services.
Answer: A, C, D

GIAC examen   GCIH examen   certification GCIH

NO.14 Network mapping provides a security testing team with a blueprint of the organization. Which of the
following steps is NOT a part of manual network mapping?
A. Gathering private and public IP addresses
B. Collecting employees information
C. Banner grabbing
D. Performing Neotracerouting
Answer: D

GIAC   GCIH examen   GCIH examen   GCIH   certification GCIH   GCIH

NO.15 Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.
A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running
the server program directly.
C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as
tokens to filter for access control purposes.
D. tcp wrapper protects a Linux server from IP address spoofing.
Answer: A, B, C

GIAC   GCIH   certification GCIH   GCIH examen   GCIH examen

NO.16 Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer
overflow occurs when a particular operation/function writes more data into a variable than the variable
was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.
A. Dynamic buffer overflows
B. Stack based buffer overflow
C. Heap based buffer overflow
D. Static buffer overflows
Answer: B, C

certification GIAC   GCIH   certification GCIH   certification GCIH   certification GCIH

NO.17 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and
successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a
__________.
A. Dictionary attack
B. SQL injection attack
C. Replay attack
D. Land attack
Answer: B

GIAC examen   certification GCIH   GCIH

NO.18 Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the
members of the incident response team. As a demo project he asked members of the incident response
team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN.
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system.
Which of the following steps of the incident handling process includes the above actions?
A. Identification
B. Containment
C. Eradication
D. Recovery
Answer: B

GIAC   GCIH   certification GCIH

NO.19 Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary
attack?
A. Whishker
B. Nessus
C. SARA
D. Nmap
Answer: B

GIAC examen   certification GCIH   certification GCIH   GCIH   GCIH examen

NO.20 Adam has installed and configured his wireless network. He has enabled numerous security features
such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless
router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and
sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds
out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the
router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?
A. NAT spoofing
B. DNS cache poisoning
C. MAC spoofing
D. ARP spoofing
Answer: C

GIAC examen   certification GCIH   certification GCIH

NO.21 John works as a professional Ethical Hacker. He has been assigned the project of testing the security
of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a
countermeasure, he suggests that the Network Administrator should remove the IPP printing capability
from the server. He is suggesting this as a countermeasure against __________.
A. IIS buffer overflow
B. NetBIOS NULL session
C. SNMP enumeration
D. DNS zone transfer
Answer: A

certification GIAC   certification GCIH   GCIH examen   GCIH   certification GCIH

NO.22 Which of the following types of attacks is the result of vulnerabilities in a program due to poor
programming techniques?
A. Evasion attack
B. Denial-of-Service (DoS) attack
C. Ping of death attack
D. Buffer overflow attack
Answer: D

certification GIAC   GCIH   certification GCIH   GCIH   GCIH

NO.23 Which of the following statements about buffer overflow is true?
A. It manages security credentials and public keys for message encryption.
B. It is a collection of files used by Microsoft for software updates released between major service pack
releases.
C. It is a condition in which an application receives more data than it is configured to accept.
D. It is a false warning about a virus.
Answer: C

GIAC   GCIH   certification GCIH   certification GCIH   GCIH

NO.24 Which of the following is a technique of using a modem to automatically scan a list of telephone
numbers, usually dialing every number in a local area code to search for computers, Bulletin board
systems, and fax machines?
A. Demon dialing
B. Warkitting
C. War driving
D. Wardialing
Answer: D

GIAC   GCIH   certification GCIH   certification GCIH

NO.25 You have configured a virtualized Internet browser on your Windows XP professional computer. Using
the virtualized Internet browser, you can protect your operating system from which of the following?
A. Brute force attack
B. Mail bombing
C. Distributed denial of service (DDOS) attack
D. Malware installation from unknown Web sites
Answer: D

GIAC   GCIH   GCIH   certification GCIH   GCIH examen

NO.26 Which of the following types of attack can guess a hashed password?
A. Brute force attack
B. Evasion attack
C. Denial of Service attack
D. Teardrop attack
Answer: A

GIAC   GCIH   GCIH examen

NO.27 Which of the following applications is an example of a data-sending Trojan?
A. SubSeven
B. Senna Spy Generator
C. Firekiller 2000
D. eBlaster
Answer: D

certification GIAC   GCIH   GCIH

NO.28 Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not
concerned about being stealth at this point.
Which of the following type of scans would be most accurate and reliable?
A. UDP sacn
B. TCP Connect scan
C. ACK scan
D. Fin scan
Answer: B

GIAC   GCIH   GCIH   GCIH examen   GCIH examen

NO.29 Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.
A. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or
modify files on a targeted computer.
B. Worms can exist inside files such as Word or Excel documents.
C. One feature of worms is keystroke logging.
D. Worms replicate themselves from one system to another without using a host file.
Answer: A, B, D

GIAC   GCIH   GCIH examen   GCIH

NO.30 Which of the following statements are true about a keylogger?
Each correct answer represents a complete solution. Choose all that apply.
A. It records all keystrokes on the victim's computer in a predefined log file.
B. It can be remotely installed on a computer system.
C. It is a software tool used to trace all or specific activities of a user on a computer.
D. It uses hidden code to destroy or scramble data on the hard disk.
Answer: A, B, C

GIAC   GCIH   GCIH   GCIH examen

Selon les anciens test GIAC GCIH, la Q&A offerte par Pass4Test est bien liée avec le test réel.

Dernières GIAC GSLC examen pratique questions et réponses

Le test GIAC GSLC est le premier pas pour promouvoir dans l'Industrie IT, mais aussi la seule rue ramenée au pic de succès. Le test GIAC GSLC joue un rôle très important dans cette industrie. Et aussi, Pass4Test est un chaînon inevitable pour réussir le test sans aucune doute.

Vous choisissez l'aide de Pass4Test, Pass4Test fait tous effort à vous aider à réussir le test. De plus, la mise à jour de Q&A pendant un an est gratuite pour vous. Vous n'avez plus raison à hésiter. Pass4Test est une meilleure assurance pour le succès de test GIAC GSLC. Ajoutez la Q&A au panier.

Code d'Examen: GSLC
Nom d'Examen: GIAC (GIAC Security Leadership Certification (GSLC))
Questions et réponses: 567 Q&As

La solution offerte par Pass4Test comprenant un test simulation bien proche de test réel GIAC GSLC peut vous assurer à réussir 100% le test GIAC GSLC. D'ailleur, le service de la mise à jour gratuite est aussi pour vous. Maintenant, vous pouvez télécharger le démo gratuit pour prendre un essai.

On peut télécharger quelques parties de Q&A gratuites dans le site Pass4Test à propos de test Certification GIAC GSLC. Vous pouvez tester notre fiabilité via le démo. Choisir Pass4Test, c'est-à-dire que vous êtes proche d'un pic ensuite de l'Industrie IT.

L'importance de la position de Certificat GIAC GSLC dans l'industrie IT est bien claire pour tout le monde, mais c'est pas facile à obtenir ce Certificat. Il y a beaucoup de Q&As qui manquent une haute précision des réponses. Cependant, Pass4Test peut offrir des matériaux pratiques pour toutes les personnes à participer l'examen de Certification, et il peut aussi offrir à tout moment toutes les informations que vous auriez besoin à réussir l'examen GIAC GSLC par votre première fois.

Pass4Test possède une grande équipe composée des experts IT qui travaillent dur avec leurs riches expériences et connaissances pour produire un bon outil de formation. Selon les anciens test, le test simulation de Pass4Test est bien lié avec le test réel. Pass4Test peut vous assurer à réussir le test. Maintenant vous ajoutez votre outil de formation au panier, et votre rêve réalisera bien tôt.

Être un travailleur IT, est-ce que vous vous souciez encore pour passer le test Certificat IT? Le test examiner les techniques et connaissances professionnelles, donc c'est pas facile à réussir. Pour les candidats qui participent le test à la première fois, une bonne formation est très importante. Pass4Test offre les outils de formation particulier au test et bien proche de test réel, n'hésitez plus d'ajouter la Q&A au panier.

GSLC Démo gratuit à télécharger: http://www.pass4test.fr/GSLC.html

NO.1 You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008
Active Directory-based single domain single forest network. The functional level of the forest is Windows
Server 2008. The company's headquarters is located at Los Angeles. A branch office of the company is
located at Denver. You are about to send a message to Rick who is a Network Administrator at Denver.
You want to ensure that the message cannot be read by anyone but the recipient. Which of the following
keys will you use to encrypt the message?
A. Your public key
B. The recipient's private key
C. The recipient's public key
D. Your private key
Answer: C

certification GIAC   GSLC examen   GSLC   GSLC   GSLC examen

NO.2 Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for
Internet Access. He wants to fulfill the following goals:
No external traffic should be allowed into the network.
Administrators should be able to restrict the websites which can be accessed by the internal
users.
Which of the following technologies should he use to accomplish the above goals? (Click the Exhibit
button on the toolbar to see the case study.)
A. Internet Connection Sharing (ICS)
B. Network Address Translator (NAT)
C. Firewall
D. Proxy Server
E. Routing and Remote Access Service (RRAS)
Answer: D

certification GIAC   certification GSLC   GSLC   GSLC   GSLC

NO.3 Which system is designed to analyze, detect, and report on security-related events.?
A. HIPS
B. NIPS
C. NIDS
D. HIDS
Answer: B

GIAC   GSLC   GSLC

NO.4 You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008
domain-based network. The network has three Windows Server 2008 member servers and 150 Windows
Vista client computers. According to the company's security policy, you want to apply a firewall profile to
the network.Choose the firewall profiles supported by Windows Server 2008 and Windows Vista.
A.
Answer: A

GIAC   GSLC examen   GSLC

NO.5 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The domain functional level is set to Windows Server 2003. You have configured an
Active Directory-integrated DNS zone on the network. A new security policy dictates that each incoming
DNS query should be recorded. Which of the following steps will you take to implement the new security
policy?
A. Create a GPO.
Configure Audit Object Access.
Attach the GPO to the domain.
B. Do nothing, each incoming DNS queries is recorded by default in DNS.LOG file.
C. Enable debug logging on the DNS server.
D. Create a new OU.
Move the DNS server account to the OU.
Create a GPO.
Configure Audit Logon events.
Attach the GPO to the OU.
Answer: C

GIAC   GSLC   certification GSLC   GSLC

NO.6 You work as a Network Administrator for Perfect Solutions Inc. The company has a Windows Active
Directory-based single domain single forest network. The company's network is connected to the Internet
through a T1 line. The firewall is configured on the network for securing the internal network from the
intruders on the Internet. The functional level of the forest is Windows Server 2003. You are designing a
public key infrastructure (PKI) for the network. The security policy of the company states that all users
should use smart cards for authentication. Select and place the type of certificate authority (CA) that is
required to be configured on the network to implement the security policy of the company.
A.
Answer: A

GIAC examen   GSLC   GSLC

NO.7 Which of the following protocols is used as a transport protocol for Internet dial-up connections?
A. SMTP
B. SNMP
C. DHCP
D. PPP
Answer: D

certification GIAC   GSLC   GSLC examen   certification GSLC

NO.8 Fill in the blank with the appropriate word.
A_______ is a computer system on the Internet that is expressly set up to attract and trap people who
attempt to penetrate other people's computer systems.
A. honeypot
Answer: A

GIAC   GSLC   certification GSLC

NO.9 Which of the following programs can collect various types of personal information, such as Internet
surfing habits, and Web sites that the user has visited?
A. Spyware
B. Honeypot
C. Worm
D. Malware
Answer: A

GIAC   GSLC examen   GSLC   certification GSLC

NO.10 Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active
Directory domain-based network. The domain contains one hundred Windows XP Professional client
computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired
Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client
computers must be able to automatically connect to the wireless LAN. However, the unauthorized
computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants
to configure all the wireless access points and client computers to act in accordance with the company's
security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.
A. Configure the authentication type for the wireless LAN to Open system.
B. Install a firewall software on each wireless access point.
C. Configure the authentication type for the wireless LAN to Shared Key.
D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
E. Broadcast SSID to connect to the access point (AP).
F. On each client computer, add the SSID for the wireless LAN as the preferred network.
Answer: C, D. F

NO.11 A wireless network uses multiple modulation schemes to make the signal strong so that it can travel far.
These modulation schemes work with a certain IEEE standard. Choose and drop the correct standards in
the right pane according to the modulation scheme.
A.
Answer: A

certification GIAC   GSLC   certification GSLC

NO.12 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate. You configure a public key infrastructure (PKI) on
the network. You configure a root CA and a subordinate CA on the network. For security reasons, you
want to take the root CA offline. You are required to configure the CA servers to support for certificate
revocation.
Choose the steps you will take to accomplish the task.
A.
Answer: A

GIAC   GSLC examen   GSLC   GSLC examen

NO.13 You are the project manager for your organization and are trying to determine which vendor your
organization will use. You have determined that any vendor that would like to bid on your project work will
need to have a Microsoft Certified System Engineer on staff, have eight years of Cisco experience, and
have at least two references from similar projects. What have you created in this scenario?
A. Screening system for the vendors
B. Weighting system for the vendors
C. Preferred vendors list
D. Bidders conference
Answer: A

certification GIAC   GSLC   GSLC examen   GSLC

NO.14 John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he
noted down the passwords of the employees while they were typing them on their computer screens.
Which of the following social engineering attacks did he just perform?
A. Shoulder surfing
B. Important user posing
C. Dumpster diving
D. Authorization by third party
Answer: A

GIAC   GSLC   certification GSLC   GSLC   GSLC   GSLC

NO.15 Which of the following viruses is designed to prevent antivirus researchers from examining its code by
using various methods that make tracing and disassembling difficult?
A. Armored virus
B. Stealth virus
C. Multipartite virus
D. Polymorphic virus
Answer: A

certification GIAC   GSLC   GSLC examen   GSLC examen   certification GSLC

NO.16 Drop the appropriate value to complete the formula.
A.
Answer: A

GIAC   GSLC   GSLC

NO.17 Which of the following tools is based on Linux and used to carry out the Penetration Testing?
A. JPlag
B. BackTrack
C. Vedit
D. Ettercap
Answer: B

GIAC   GSLC examen   GSLC

NO.18 Which of the following encryption algorithms is applied in the PGP encryption system?
A. TDE
B. Triple DES
C. Blowfish
D. IDEA
Answer: D

GIAC examen   GSLC   GSLC examen   GSLC   certification GSLC

NO.19 Fill in the blank with the appropriate type of router.
A ______ router performs packet-filtering and is used as a firewall.
A. screening
Answer: A

GIAC examen   certification GSLC   GSLC   GSLC

NO.20 Janet is the project manager of the NHQ Project for her company. Janet is nearly done leading the
project and there have been no cost or schedule overruns in the development of the new software for her
company. The project team has been completing their work on time and there is still $75,000 left in the
project budget. Janet decides to have the project team implement some extra features to the project
scope to use all of the $75,000 in the budget even though the customer didn't specifically ask for the
added features. This scenario is an example of which one of the following?
A. Scope creep
B. Gold plating
C. Change management
D. Value added change
Answer: B

GIAC examen   certification GSLC   GSLC   GSLC examen   GSLC

NO.21 The promiscuous mode is a configuration of a network card that makes the card pass all traffic it
receives to the central processing unit rather than just packets addressed to it. Which of the following
tools works by placing the host system network card into the promiscuous mode?
A. Sniffer
B. THC-Scan
C. NetStumbler
D. Snort
Answer: A

GIAC   GSLC   GSLC   GSLC examen   GSLC examen   GSLC

NO.22 Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.
A. Security policy
B. Auditing
C. Security awareness training
D. Data Backup
Answer: A, C

GIAC   GSLC examen   GSLC

NO.23 Which of the following is used to describe the type of FTP access in which a user does not have
permissions to list the contents of directories, but can access the contents if he knows the path and file
name?
A. Secure FTP
B. Blind FTP
C. Passive FTP
D. Hidden FTP
Answer: B

GIAC   GSLC examen   certification GSLC

NO.24 You are responsible for security at a company that uses a lot of Web applications. You are most
concerned about flaws in those applications allowing some attacker to get into your network. What
method would be best for finding such flaws?
A. Automated penetration testing
B. Code review
C. Manual penetration testing
D. Vulnerability scanning
Answer: D

certification GIAC   certification GSLC   certification GSLC   GSLC examen   certification GSLC

NO.25 Which of the following are the goals of risk management?
Each correct answer represents a complete solution. Choose three.
A. Identifying the risk
B. Finding an economic balance between the impact of the risk and the cost of the countermeasure
C. Identifying the accused
D. Assessing the impact of potential threats
Answer: A, B, D

GIAC   GSLC examen   certification GSLC

NO.26 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate.
You are configuring a public key interface (PKI) to support domain users and computers. All users will use
smart cards for logon. You have configured a global group named SCIssuer that will issue smart cards for
all domain users. A file server named SecServer is configured on the network. The certificate-based
IPSec encryption is required for all communications to and from the SecServer server. A VPN server is
configured on the network to enable sales managers to connect to the network remotely using their
laptops which run Windows Vista Ultimate. The L2TP connection is required for the VPN server. Place the
users, computers, and groups to the certificate templates that are required for implementing the PKI
infrastructure.
A.
Answer: A

certification GIAC   GSLC   GSLC   GSLC   GSLC

NO.27 Which of the following options is an approach to restricting system access to authorized users?
A. MIC
B. MAC
C. RBAC
D. DAC
Answer: C

GIAC   GSLC   GSLC examen   GSLC examen   GSLC

NO.28 Which of the following provides security by implementing authentication and encryption on Wireless
LAN (WLAN)?
A. WEP
B. WAP
C. L2TP
D. IPSec
Answer: A

GIAC   GSLC   certification GSLC   GSLC   GSLC

NO.29 Drag and Drop the layers of TCP/IP model according to their level of data encapsulation.
A.
Answer: A

GIAC   GSLC   GSLC   GSLC examen   certification GSLC

NO.30 Which of the following applications would be considered a data warehousing application?
A. Golf score tracking
B. Badge reader
C. Fraud detection
D. eCommerce site
Answer: C

certification GIAC   GSLC   certification GSLC   GSLC   GSLC

Vous pouvez trouver un meilleur boulot dans l'industrie IT à travers d'obtenir le test GIAC GSLC, la voie à la réussite de votre professionnel sera ouverte pour vous.

2014年3月27日星期四

GCFA dernières questions d'examen certification GIAC et réponses publiés

Choisir le Pass4Test vous permet non seulement à réussir le test GIAC GCFA, mais encore à enjouir le service en ligne 24h et la mise à jour gratuite pendant un an. Nous allons lancer au premier temps la Q&A GIAC GCFA plus nouvelle. Si vous ne passez pas le test, votre argent sera tout rendu.

Le test GIAC GCFA est le premier pas pour promouvoir dans l'Industrie IT, mais aussi la seule rue ramenée au pic de succès. Le test GIAC GCFA joue un rôle très important dans cette industrie. Et aussi, Pass4Test est un chaînon inevitable pour réussir le test sans aucune doute.

Pass4Test est un site web de vous offrir particulièrement les infos plus chaudes à propos de test Certification GIAC GCFA. Pour vous assurer à nous choisir, vous pouvez télécharger les Q&As partielles gratuites. Pass4Test vous promet un succès 100% du test GIAC GCFA.

Code d'Examen: GCFA
Nom d'Examen: GIAC (GIAC Certified Forensics Analyst)
Questions et réponses: 318 Q&As

Si vous voulez se prouver une compétition et s'enraciner le statut dans l'industrie IT à travers de test Certification GIAC GCFA, c'est obligatoire que vous devez avior les connaissances professionnelles. Mais il demande pas mal de travaux à passer le test Certification GIAC GCFA. Peut-être d'obtenir le Certificat GIAC GCFA peut promouvoir le tremplin vers l'Industrie IT, mais vous n'avez pas besoin de travailler autant dur à préparer le test. Vous avez un autre choix à faire toutes les choses plus facile : prendre le produit de Pass4Test comme vos matériaux avec qui vous vous pratiquez avant le test réel. La Q&A de Pass4Test est recherchée particulièrement pour le test IT.

Dans n'importe quelle industrie, tout le monde espère une meilleure occasion de se promouvoir, surtout dans l'industrie de IT. Les professionnelles dans l'industrie IT ont envie d'une plus grande space de se développer. Le Certificat GIAC GCFA peut réaliser ce rêve. Et Pass4Test peut vous aider à réussir le test GIAC GCFA.

Si vous voulez ne se soucier plus à passer le test GIAC GCFA, donc vous devez prendre la Q&A de Pass4Test comme le guide d'étude pendant la préparation de test GIAC GCFA. C'est une bonne affaire parce que un petit invertissement peut vous rendre beaucoup. Utiliser la Q&A GIAC GCFA offerte par Pass4Test peut vous assurer à réussir le test 100%. Pass4Test a toujours une bonne réputation dans l'Industrie IT.

GCFA Démo gratuit à télécharger: http://www.pass4test.fr/GCFA.html

NO.1 Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the
server of the marketing department has been affected by a malicious hacking attack. Supervisors are also
claiming that some sensitive data are also stolen. Adam immediately arrived to the server room of the
marketing department and identified the event as an incident. He isolated the infected network from the
remaining part of the network and started preparing to image the entire system. He captures volatile data,
such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?
A. Recovery
B. Eradication
C. Identification
D. Containment
Answer: D

GIAC   GCFA examen   GCFA   GCFA   GCFA

NO.2 The MBR of a hard disk is a collection of boot records that contain disk information such as disk
architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating
system files that are required to run a hard disk. In the context of the operating system,
MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.
A. Stealth
B. Boot sector
C. Multipartite
D. File
Answer: B,C

GIAC   certification GCFA   GCFA

NO.3 Which of the following Acts enacted in United States allows the FBI to issue National Security Letters
(NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?
A. Wiretap Act
B. Computer Fraud and Abuse Act
C. Economic Espionage Act of 1996
D. Electronic Communications Privacy Act of 1986
Answer: D

certification GIAC   GCFA   GCFA   GCFA

NO.4 Which of the following is the process of overwriting all addressable locations on a disk?
A. Drive wiping
B. Spoofing
C. Sanitization
D. Authentication
Answer: A

GIAC   GCFA examen   GCFA examen   GCFA   GCFA examen

NO.5 A firewall is a combination of hardware and software, used to provide security to a network. It is used
to protect an internal network or intranet against unauthorized access from the Internet or other outside
networks. It restricts inbound and outbound access and can analyze all traffic between an internal
network and the Internet. Users can configure a firewall to pass or block packets from specific IP
addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
A. OpenSSH
B. IPTables
C. IPChains
D. Stunnel
Answer: B

GIAC   GCFA   GCFA   certification GCFA

NO.6 You work as a Network Administrator for Perfect Solutions Inc. You install Windows 98 on a computer.
By default, which of the following folders does Windows 98 setup use to keep the registry tools?
A. $SYSTEMROOT$REGISTRY
B. $SYSTEMROOT$WINDOWS
C. $SYSTEMROOT$WINDOWSREGISTRY
D. $SYSTEMROOT$WINDOWSSYSTEM32
Answer: B

certification GIAC   GCFA   GCFA examen   GCFA   certification GCFA

NO.7 Adam works as a Computer Hacking Forensic Investigator for a garment company in the United States.
A project has been assigned to him to investigate a case of a disloyal employee who is suspected of
stealing design of the garments, which belongs to the company and selling those garments of the same
design under different brand name. Adam investigated that the company does not have any policy related
to the copy of design of the garments. He also investigated that the trademark under which the employee
is selling the garments is almost identical to the original trademark of the company. On the grounds of
which of the following laws can the employee be prosecuted.?
A. Trademark law
B. Cyber law
C. Copyright law
D. Espionage law
Answer: A

GIAC   GCFA examen   certification GCFA   GCFA

NO.8 Which of the following attacks saturates network resources and disrupts services to a specific
computer?
A. Teardrop attack
B. Polymorphic shell code attack
C. Denial-of-Service (DoS) attack
D. Replay attack
Answer: C

GIAC examen   GCFA examen   GCFA   GCFA

NO.9 You work as a Web developer for ABC Inc. You want to investigate the Cross-Site Scripting attack on
your company's Web site. Which of the following methods of investigation can you use to accomplish the
task?
Each correct answer represents a complete solution. Choose all that apply.
A. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL
to the company's site.
B. Look at the Web server's logs and normal traffic logging.
C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the
input page, which may give log of the malicious traffic and the IP address of the source.
D. Use a Web proxy to view the Web server transactions in real time and investigate any
communication with outside servers.
Answer: A,B,D

GIAC   GCFA examen   GCFA   GCFA examen

NO.10 Which of the following methods is used by forensic investigators to acquire an image over the network
in a secure manner?
A. DOS boot disk
B. Linux Live CD
C. Secure Authentication for EnCase (SAFE)
D. EnCase with a hardware write blocker
Answer: C

GIAC   GCFA examen   GCFA examen   GCFA examen   GCFA   GCFA

NO.11 You work as a Network Administrator for Blue Bell Inc. You want to install Windows XP
Professional on your computer, which already has Windows Me installed. You want to configure your
computer to dual boot between Windows Me and Windows XP Professional. You have a single 40GB
hard disk.
Which of the following file systems will you choose to dual-boot between the two operating
systems?
A. NTFS
B. FAT32
C. CDFS
D. FAT
Answer: B

certification GIAC   GCFA examen   GCFA

NO.12 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The network is configured on IP version 6 protocol. All the computers on the network are
connected to a switch device. One day, users complain that they are unable to connect to a file server.
You try to ping the client computers from the server, but the pinging fails. You try to ping the server's own
loopback address, but it fails to ping. You restart the server, but the problem persists.
What is the most likely cause?
A. The cable that connects the server to the switch is broken.
B. Automatic IP addressing is not working.
C. The switch device is not working.
D. The server is configured with unspecified IP address.
E. The server's NIC is not working.
Answer: E

GIAC   GCFA   certification GCFA   GCFA

NO.13 Which of the following encryption methods uses AES technology?
A. Dynamic WEP
B. Static WEP
C. TKIP
D. CCMP
Answer: D

GIAC   GCFA   GCFA   GCFA   GCFA examen   certification GCFA

NO.14 Which of the following tools can be used to perform tasks such as Windows password cracking,
Windows enumeration, and VoIP session sniffing?
A. John the Ripper
B. L0phtcrack
C. Obiwan
D. Cain
Answer: D

GIAC   GCFA   GCFA   certification GCFA

NO.15 John works as a professional Ethical Hacker. He has been assigned the project of testing the security of
www.we-are-secure.com. He receives the following e-mail:
The e-mail that John has received is an example of __________.
A. Virus hoaxes
B. Spambots
C. Social engineering attacks
D. Chain letters
Answer: D

GIAC   GCFA examen   certification GCFA   certification GCFA   certification GCFA

NO.16 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. Bluesnarfing
C. PDA Hijacking
D. Privilege Escalation
Answer: B

GIAC   GCFA   GCFA   GCFA   certification GCFA   GCFA

NO.17 Adam works as a Security Administrator for Umbrella Inc. He is responsible for securing all 15 servers
of the company. To successfully accomplish the task, he enables the hardware and software firewalls and
disables all unnecessary services on all the servers. Sales manager of the company asks Adam to run
emulation software on one of the servers that requires the telnet service to function properly. Adam is
concerned about the security of the server, as telnet can be a very large security risk in an organization.
Adam decides to perform some footprinting, scanning, and penetration testing on the server to checkon
the server to check the security. Adam telnets into the server and writes the following command:
HEAD / HTTP/1.0
After pressing enter twice, Adam gets the following results:
Which of the following tasks has Adam just accomplished?
A. Poisoned the local DNS cache of the server.
B. Submitted a remote command to crash the server.
C. Grabbed the banner.
D. Downloaded a file to his local computer.
Answer: C

certification GIAC   GCFA   GCFA   certification GCFA   GCFA examen

NO.18 Which of the following type of file systems is not supported by Linux kernel?
A. vFAT
B. NTFS
C. HFS
D. FAT32
Answer: D

certification GIAC   GCFA examen   GCFA   GCFA

NO.19 Which of the following file systems provides file-level security?
A. CDFS
B. FAT
C. FAT32
D. NTFS
Answer: D

GIAC   GCFA   GCFA examen   GCFA   GCFA

NO.20 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning?
A. Solaris
B. Red Hat
C. Knoppix
D. Windows
Answer: D

certification GIAC   GCFA examen   certification GCFA   certification GCFA

NO.21 Which of the following is the first computer virus that was used to infect the boot sector of storage
media formatted with the DOS File Allocation Table (FAT) file system?
A. Melissa
B. Tequila
C. Brain
D. I love you
Answer: C

GIAC   certification GCFA   GCFA examen   GCFA

NO.22 Fill in the blank with the appropriate name.
_____is a list, which specifies the order of volatility of data in a Windows based system.
A. RFC 3227
Answer: A

GIAC examen   GCFA   GCFA   certification GCFA   GCFA

NO.23 Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of
Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and
database files from the computer. After performing these malicious tasks, Adam finally runs the following
command on the Linux command box before disconnecting. for (( i =
0;i<11;i++ )); do
dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
A. Making a bit stream copy of the entire hard disk for later download.
B. Deleting all log files present on the system.
C. Wiping the contents of the hard disk with zeros.
D. Infecting the hard disk with polymorphic virus strings.
Answer: C

certification GIAC   GCFA   certification GCFA   certification GCFA   GCFA   GCFA

NO.24 You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to
investigate e-mail information of an employee of the company. The suspected employee is using an
online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will
you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. History folder
B. Temporary Internet Folder
C. Download folder
D. Cookies folder
Answer: A,B,D

GIAC examen   certification GCFA   certification GCFA

NO.25 Which of the following modules of OS X kernel (XNU) provides the primary system program interface?
A. BSD
B. LIBKERN
C. I/O Toolkit
D. Mach
Answer: A

certification GIAC   GCFA   GCFA

NO.26 Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to
investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer
runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He
knows that in Windows operating system, the data is searched in pre-defined steps for proper and
efficient analysis. Which of the following is the correct order for searching data on a Windows based
system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces
B. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
D. Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces
Answer: D

GIAC examen   certification GCFA   GCFA examen   GCFA   GCFA

NO.27 You want to upgrade a partition in your computer's hard disk drive from FAT to NTFS. Which of the
following DOS commands will you use to accomplish this?
A. FORMAT C: /s
B. CONVERT C: /fs:ntfs
C. SYS C:
D. FDISK /mbr
Answer: B

certification GIAC   GCFA examen   GCFA examen   certification GCFA

NO.28 Mark works as a security manager for SofTech Inc. He is using a technique for monitoring what the
employees are doing with corporate resources. Which of the following techniques is being used by Mark
to gather evidence of an ongoing computer crime if a member of the staff is e-mailing company's secrets
to an opponent?
A. Electronic surveillance
B. Civil investigation
C. Physical surveillance
D. Criminal investigation
Answer: A

certification GIAC   GCFA   GCFA

NO.29 Which of the following is the correct order of loading system files into the main memory of the system,
when the computer is running on Microsoft's Windows XP operating system?
A. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
B. NTLDR, BOOT.ini, NTDETECT.com, HAL.dll, NTOSKRNL.exe
C. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
D. BOOT.ini, HAL.dll, NTDETECT.com, NTLDR, NTOSKRNL.exe
Answer: B

GIAC   GCFA   GCFA examen

NO.30 You company suspects an employee of sending unauthorized emails to competitors. These emails are
alleged to contain confidential company data. Which of the following is the most important step for you to
take in preserving the chain of custody?
A. Preserve the email server including all logs.
B. Make copies of that employee's email.
C. Seize the employee's PC.
D. Place spyware on the employee's PC to confirm these activities.
Answer: A

certification GIAC   GCFA   GCFA   certification GCFA

Pass4Test est un seul site web qui peut offrir toutes les documentations de test GIAC GCFA. Ce ne sera pas un problème à réussir le test GIAC GCFA si vous préparez le test avec notre guide d'étude.

L'avènement de la certification GIAC pratique d'examen GSLC questions et réponses

Les experts de Pass4Test ont fait sortir un nouveau guide d'étude de Certification GIAC GSLC, avec ce guide d'étude, réussir ce test a devenu une chose pas difficile. Pass4Test vous permet à réussir 100% le test GIAC GSLC à la première fois. Les questions et réponses vont apparaître dans le test réel. Pass4Test peut vous donner une Q&A plus complète une fois que vous choisissez nous. D'ailleurs, la mise à jour gratuite pendant un an est aussi disponible pour vous.

Dans cette société bien intense, c'est avantage si quelque'un a une technique particulère, donc c'est pourquoi beaucoup de gens ont envie de dépnenser les efforts et le temps à préparer le test GIAC GSLC, mais ils ne peuvaient pas réussir finalement. C'est juste parce que ils ont pas bien choisi une bonne formation. L'outil de formation lancé par les experts de Pass4Test vous permet à passer le test GIAC GSLC coûtant un peu d'argent.

Généralement, les experts n'arrêtent pas de rechercher les Q&As plus proches que test Certification. Les documentations offertes par les experts de Pass4Test peuvent vous aider à passer le test Certification. Les réponses de nos Q&As ont une précision 100%. C'est facile à obtenir le Certificat de GIAC après d'utiliser la Q&A de Pass4Test. Vous aurez une space plus grande dans l'industrie IT.

Code d'Examen: GSLC
Nom d'Examen: GIAC (GIAC Security Leadership Certification (GSLC))
Questions et réponses: 567 Q&As

Pass4Test est un bon catalyseur du succès pour les professionnels IT. Beaucoup de gens passer le test GIAC GSLC avec l'aide de l'outil formation. Les experts profitent leurs expériences riches et connaissances à faire sortir la Q&A GIAC GSLC plus nouvelle qui comprend les exercices de pratiquer et le test simulation. Vous pouvez passer le test GIAC GSLC plus facilement avec la Q&A de Pass4Test.

Le test GIAC GSLC est test certification très répandu dans l'industrie IT. Vous pourriez à améliorer votre niveau de vie, l'état dans l'industrie IT, etc. C'est aussi un test très rentable, mais très difficile à réussir.

Le produit de Pass4Test est réputée par une bonne qualité et fiabilité. Vous pouvez télécharger le démo grantuit pour prendre un essai, nons avons la confiance que vous seriez satisfait. Vous n'aurez plus de raison à s'hésiter en face d'un aussi bon produit. Ajoutez notre Q&A au panier, vous aurez une meilleure préparation avant le test.

GSLC Démo gratuit à télécharger: http://www.pass4test.fr/GSLC.html

NO.1 Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for
Internet Access. He wants to fulfill the following goals:
No external traffic should be allowed into the network.
Administrators should be able to restrict the websites which can be accessed by the internal
users.
Which of the following technologies should he use to accomplish the above goals? (Click the Exhibit
button on the toolbar to see the case study.)
A. Internet Connection Sharing (ICS)
B. Network Address Translator (NAT)
C. Firewall
D. Proxy Server
E. Routing and Remote Access Service (RRAS)
Answer: D

GIAC   GSLC   GSLC   GSLC   GSLC examen   certification GSLC

NO.2 Which system is designed to analyze, detect, and report on security-related events.?
A. HIPS
B. NIPS
C. NIDS
D. HIDS
Answer: B

GIAC   certification GSLC   certification GSLC   GSLC

NO.3 The promiscuous mode is a configuration of a network card that makes the card pass all traffic it
receives to the central processing unit rather than just packets addressed to it. Which of the following
tools works by placing the host system network card into the promiscuous mode?
A. Sniffer
B. THC-Scan
C. NetStumbler
D. Snort
Answer: A

GIAC   GSLC   GSLC

NO.4 Which of the following options is an approach to restricting system access to authorized users?
A. MIC
B. MAC
C. RBAC
D. DAC
Answer: C

GIAC   GSLC examen   certification GSLC   GSLC   GSLC examen

NO.5 Drag and Drop the layers of TCP/IP model according to their level of data encapsulation.
A.
Answer: A

GIAC   GSLC   GSLC   GSLC   certification GSLC   GSLC examen

NO.6 Fill in the blank with the appropriate type of router.
A ______ router performs packet-filtering and is used as a firewall.
A. screening
Answer: A

certification GIAC   certification GSLC   GSLC examen   GSLC examen   GSLC   GSLC examen

NO.7 Which of the following provides security by implementing authentication and encryption on Wireless
LAN (WLAN)?
A. WEP
B. WAP
C. L2TP
D. IPSec
Answer: A

GIAC   GSLC   GSLC examen

NO.8 Drop the appropriate value to complete the formula.
A.
Answer: A

certification GIAC   certification GSLC   GSLC

NO.9 Which of the following applications would be considered a data warehousing application?
A. Golf score tracking
B. Badge reader
C. Fraud detection
D. eCommerce site
Answer: C

GIAC examen   GSLC   certification GSLC   GSLC

NO.10 Which of the following encryption algorithms is applied in the PGP encryption system?
A. TDE
B. Triple DES
C. Blowfish
D. IDEA
Answer: D

GIAC   GSLC examen   certification GSLC   GSLC   GSLC

NO.11 You are responsible for security at a company that uses a lot of Web applications. You are most
concerned about flaws in those applications allowing some attacker to get into your network. What
method would be best for finding such flaws?
A. Automated penetration testing
B. Code review
C. Manual penetration testing
D. Vulnerability scanning
Answer: D

certification GIAC   GSLC   GSLC examen   GSLC examen

NO.12 A wireless network uses multiple modulation schemes to make the signal strong so that it can travel far.
These modulation schemes work with a certain IEEE standard. Choose and drop the correct standards in
the right pane according to the modulation scheme.
A.
Answer: A

certification GIAC   GSLC   GSLC

NO.13 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate. You configure a public key infrastructure (PKI) on
the network. You configure a root CA and a subordinate CA on the network. For security reasons, you
want to take the root CA offline. You are required to configure the CA servers to support for certificate
revocation.
Choose the steps you will take to accomplish the task.
A.
Answer: A

certification GIAC   certification GSLC   GSLC examen   GSLC

NO.14 You work as a Network Administrator for Perfect Solutions Inc. The company has a Windows Active
Directory-based single domain single forest network. The company's network is connected to the Internet
through a T1 line. The firewall is configured on the network for securing the internal network from the
intruders on the Internet. The functional level of the forest is Windows Server 2003. You are designing a
public key infrastructure (PKI) for the network. The security policy of the company states that all users
should use smart cards for authentication. Select and place the type of certificate authority (CA) that is
required to be configured on the network to implement the security policy of the company.
A.
Answer: A

certification GIAC   GSLC examen   certification GSLC

NO.15 You work as a Network Administrator for Net World International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based single
domain single forest network. The functional level of the forest is Windows Server 2008. All client
computers on the network run Windows Vista Ultimate.
You are configuring a public key interface (PKI) to support domain users and computers. All users will use
smart cards for logon. You have configured a global group named SCIssuer that will issue smart cards for
all domain users. A file server named SecServer is configured on the network. The certificate-based
IPSec encryption is required for all communications to and from the SecServer server. A VPN server is
configured on the network to enable sales managers to connect to the network remotely using their
laptops which run Windows Vista Ultimate. The L2TP connection is required for the VPN server. Place the
users, computers, and groups to the certificate templates that are required for implementing the PKI
infrastructure.
A.
Answer: A

certification GIAC   GSLC   GSLC examen   GSLC examen   GSLC

NO.16 Which of the following tools is based on Linux and used to carry out the Penetration Testing?
A. JPlag
B. BackTrack
C. Vedit
D. Ettercap
Answer: B

GIAC examen   certification GSLC   GSLC   GSLC examen   certification GSLC

NO.17 Which of the following are the goals of risk management?
Each correct answer represents a complete solution. Choose three.
A. Identifying the risk
B. Finding an economic balance between the impact of the risk and the cost of the countermeasure
C. Identifying the accused
D. Assessing the impact of potential threats
Answer: A, B, D

certification GIAC   certification GSLC   GSLC examen

NO.18 John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he
noted down the passwords of the employees while they were typing them on their computer screens.
Which of the following social engineering attacks did he just perform?
A. Shoulder surfing
B. Important user posing
C. Dumpster diving
D. Authorization by third party
Answer: A

certification GIAC   certification GSLC   GSLC examen   certification GSLC   GSLC examen

NO.19 Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.
A. Security policy
B. Auditing
C. Security awareness training
D. Data Backup
Answer: A, C

GIAC   GSLC examen   certification GSLC

NO.20 Which of the following viruses is designed to prevent antivirus researchers from examining its code by
using various methods that make tracing and disassembling difficult?
A. Armored virus
B. Stealth virus
C. Multipartite virus
D. Polymorphic virus
Answer: A

certification GIAC   GSLC   GSLC examen   GSLC examen

NO.21 Which of the following is used to describe the type of FTP access in which a user does not have
permissions to list the contents of directories, but can access the contents if he knows the path and file
name?
A. Secure FTP
B. Blind FTP
C. Passive FTP
D. Hidden FTP
Answer: B

GIAC   GSLC   GSLC   GSLC

NO.22 You are the project manager for your organization and are trying to determine which vendor your
organization will use. You have determined that any vendor that would like to bid on your project work will
need to have a Microsoft Certified System Engineer on staff, have eight years of Cisco experience, and
have at least two references from similar projects. What have you created in this scenario?
A. Screening system for the vendors
B. Weighting system for the vendors
C. Preferred vendors list
D. Bidders conference
Answer: A

GIAC   GSLC examen   certification GSLC   GSLC

NO.23 Which of the following programs can collect various types of personal information, such as Internet
surfing habits, and Web sites that the user has visited?
A. Spyware
B. Honeypot
C. Worm
D. Malware
Answer: A

GIAC examen   GSLC   GSLC   GSLC examen

NO.24 Fill in the blank with the appropriate word.
A_______ is a computer system on the Internet that is expressly set up to attract and trap people who
attempt to penetrate other people's computer systems.
A. honeypot
Answer: A

certification GIAC   GSLC   GSLC examen   certification GSLC   GSLC

NO.25 You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest single
domain network. The domain functional level is set to Windows Server 2003. You have configured an
Active Directory-integrated DNS zone on the network. A new security policy dictates that each incoming
DNS query should be recorded. Which of the following steps will you take to implement the new security
policy?
A. Create a GPO.
Configure Audit Object Access.
Attach the GPO to the domain.
B. Do nothing, each incoming DNS queries is recorded by default in DNS.LOG file.
C. Enable debug logging on the DNS server.
D. Create a new OU.
Move the DNS server account to the OU.
Create a GPO.
Configure Audit Logon events.
Attach the GPO to the OU.
Answer: C

GIAC examen   GSLC examen   GSLC examen   certification GSLC   GSLC examen

NO.26 You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008
Active Directory-based single domain single forest network. The functional level of the forest is Windows
Server 2008. The company's headquarters is located at Los Angeles. A branch office of the company is
located at Denver. You are about to send a message to Rick who is a Network Administrator at Denver.
You want to ensure that the message cannot be read by anyone but the recipient. Which of the following
keys will you use to encrypt the message?
A. Your public key
B. The recipient's private key
C. The recipient's public key
D. Your private key
Answer: C

certification GIAC   GSLC examen   GSLC examen

NO.27 Which of the following protocols is used as a transport protocol for Internet dial-up connections?
A. SMTP
B. SNMP
C. DHCP
D. PPP
Answer: D

GIAC   certification GSLC   GSLC   GSLC   GSLC   GSLC

NO.28 You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008
domain-based network. The network has three Windows Server 2008 member servers and 150 Windows
Vista client computers. According to the company's security policy, you want to apply a firewall profile to
the network.Choose the firewall profiles supported by Windows Server 2008 and Windows Vista.
A.
Answer: A

GIAC examen   certification GSLC   GSLC   GSLC   GSLC   certification GSLC

NO.29 Janet is the project manager of the NHQ Project for her company. Janet is nearly done leading the
project and there have been no cost or schedule overruns in the development of the new software for her
company. The project team has been completing their work on time and there is still $75,000 left in the
project budget. Janet decides to have the project team implement some extra features to the project
scope to use all of the $75,000 in the budget even though the customer didn't specifically ask for the
added features. This scenario is an example of which one of the following?
A. Scope creep
B. Gold plating
C. Change management
D. Value added change
Answer: B

GIAC   GSLC   GSLC   GSLC   GSLC examen

NO.30 Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active
Directory domain-based network. The domain contains one hundred Windows XP Professional client
computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired
Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client
computers must be able to automatically connect to the wireless LAN. However, the unauthorized
computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants
to configure all the wireless access points and client computers to act in accordance with the company's
security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.
A. Configure the authentication type for the wireless LAN to Open system.
B. Install a firewall software on each wireless access point.
C. Configure the authentication type for the wireless LAN to Shared Key.
D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
E. Broadcast SSID to connect to the access point (AP).
F. On each client computer, add the SSID for the wireless LAN as the preferred network.
Answer: C, D. F

Dans cette époque glorieuse, l'industrie IT est devenue bien intense. C'est raisonnable que le test GIAC GSLC soit un des tests plus populaires. Il y a de plus en plus de gens qui veulent participer ce test, et la réussite de test GIAC GSLC est le rêve pour les professionnels ambitieux.

Pass4Test offre une formation sur GIAC GSSP-NET-CSHARP matériaux examen

Selon les feedbacks offerts par les candidats, c'est facile à réussir le test GIAC GSSP-NET-CSHARP avec l'aide de la Q&A de Pass4Test qui est recherché particulièrement pour le test Certification GIAC GSSP-NET-CSHARP. C'est une bonne preuve que notre produit est bien effective. Le produit de Pass4Test peut vous aider à renforcer les connaissances demandées par le test GIAC GSSP-NET-CSHARP, vous aurez une meilleure préparation avec l'aide de Pass4Test.

L'importance de la position de Certificat GIAC GSSP-NET-CSHARP dans l'industrie IT est bien claire pour tout le monde, mais c'est pas facile à obtenir ce Certificat. Il y a beaucoup de Q&As qui manquent une haute précision des réponses. Cependant, Pass4Test peut offrir des matériaux pratiques pour toutes les personnes à participer l'examen de Certification, et il peut aussi offrir à tout moment toutes les informations que vous auriez besoin à réussir l'examen GIAC GSSP-NET-CSHARP par votre première fois.

Code d'Examen: GSSP-NET-CSHARP
Nom d'Examen: GIAC (GIAC Secure Software Programmer - C#.NET)
Questions et réponses: 550 Q&As

Pass4Test est un site de provider les chances à se former avant le test Certification IT. Il y a de différentes formations ciblées aux tous candidats. C'est plus facile à passer le test avec la formation de Pass4Test. Parmi les qui ont déjà réussi le test, la majorité a fait la préparation avec la Q&A de Pass4Test. Donc c'est pourquoi, Pass4Test a une bonne réputation dansn l'Industrie IT.

Nous sommes clairs que ce soit necessaire d'avoir quelques certificats IT dans cette industrie de plus en plus intense. Le Certificat IT est une bonne examination des connaissances démandées. Dans l'Industrie IT, le test GIAC GSSP-NET-CSHARP est une bonne examination. Mais c'est difficile à passer le test GIAC GSSP-NET-CSHARP. Pour améliorer le travail dans le future, c'est intélligent de prendre une bonne formation en coûtant un peu d'argent. Vous allez passer le test 100% en utilisant le Pass4Test. Votre argent sera tout rendu si votre test est raté.

GSSP-NET-CSHARP Démo gratuit à télécharger: http://www.pass4test.fr/GSSP-NET-CSHARP.html

NO.1 You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2005 as its
application development platform. You have recently finished development of a Windows application
using .NET Framework. Users report that the application is not running properly. When the users try to
complete a particular action, the following error message comes out:
Unable to find assembly 'myservices, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=29b5ad26c9de9b95'.
You notice that the error occurs as soon as the application tries to call functionality in a serviced
component that was registered by using the following command:
regsvcs.exe myservices.dll
You must make sure that the application can call the functionality in the serviced component with no
exceptions being thrown. What will you do to accomplish this task?
A. Run the command line tool: regasm.exe myservices.dll.
B. Copy the serviced component assembly into the C:\Program Files\ComPlus Applications fold er.
C. Run the command line tool: gacutil.exe /i myservices.dll.
D. Copy the serviced component assembly into the C:\WINDOWS\system32\Com folder.
Answer: C

GIAC   certification GSSP-NET-CSHARP   certification GSSP-NET-CSHARP

NO.2 Andrew works as a Software Developer for Mansoft Inc. The company's network has a Web server
that hosts the company's Web site. Andrew wants to enhance the security of the Web site by
implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?
Each correct answer represents a complete solution. Choose two.
A. Symmetric
B. Secret
C. IPSec
D. Asymmetric
Answer: A,D

GIAC examen   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.3 You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its
application development platform. You create an ASP.NET Web application using .NET Framework 3.5.
You create a Web form in the application that permits users to provide personal information. You add a
DropDownList control to the Web form to retrieve the residential status of users. The default item that the
DropDownList control displays is the "Select Country" option. You have to ensure that users select a
country other than the default option. Which of the following validation controls should you use to
accomplish this task?
A. RangeValidator
B. RequiredFieldValidator
C. CustomValidator
D. RegularExpressionValidator
Answer: B

certification GIAC   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.4 You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2008 as its
application development platform. You have recently finished development of an ASP.NET Web
application using the .NET Framework 3.5. You host the application on a Web farm that consists of three
Web servers. You should configure the ASP.NET application for session state to meet the following
requirements:
l Session state data should not be lost if a server fails.
l Session state must be maintained across browser requests by the same user.
You are required to configure the Web.config file to meet these requirements. Which of the following
configurations will you use?
A. <sessionState mode="StateServer"/>
B. <sessionState mode="InProc"/>
C. <sessionState mode="Custom"/>
D. <sessionState mode="SQLServer"/>
Answer: D

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP   certification GSSP-NET-CSHARP

NO.5 You work as a Software Developer for ManSoft Inc. The company uses Visual Studio.NET 2005 as its
application development platform. You have recently created an application that includes the code shown
below.
string str1 = "ABC";
string str2 = "u";
str2 += "Certify";
Console.WriteLine(str1 == str2);
Console.WriteLine((Object) str1 == (Object) str2);
Console.WriteLine(str1.Equals(str2));
What will be the output of the above code?
A. False False False
B. False True False
C. True True True
D. True False True
Answer: D

GIAC examen   GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.6 Allen works as a Software Developer for ABC Inc. The company uses Visual Studio.NET as its
application development platform. He creates an application using .NET Framework. He wants to encrypt
all his e-mails that he sends to anyone. Which of the following will he use to accomplish the task?
A. PPP
B. FTP
C. PPTP
D. PGP
Answer: D

certification GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.7 You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2005 as its
application development platform. You create an application for the company. You need to validate the
phone number passed to a class as a parameter in the application. Which of the following is the most
effective way to verify that the format of the data matches a phone number.?
A. Regular expressions
B. Nested If statements
C. Use the String.Length property
D. A try/catch block
Answer: A

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.8 Session variables can be any valid __________.
A. .NET Framework type
B. Integer type
C. SessionStateItemCollection object
D. Object type
Answer: A

certification GIAC   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP

NO.9 In .NET Framework 3.5, you can create and access values that persist from one application session to
another. What are these values called?
A. Objects
B. Settings
C. Properties
D. Attributes
Answer: B

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.10 You work as a Software Developer for ABC Inc. The company has several branches worldwide. The
company uses Visual Studio.NET 2005 as its application development platform. You have recently
finished the development of an application using .NET Framework 2.0. The application can be used only
for cryptography. Therefore, you have implemented the application on a computer. What will you call the
computer that implemented cryptography?
A. Cryptographic toolkit
B. Cryptosystem
C. Cryptographer
D. Cryptanalyst
Answer: B

GIAC   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.11 You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2008 as its
application development platform. You create an ASP.NET Web application using the .NET
Framework 3.5. You want to use a HTTP module called on each and every request made by the
application. It is called as part of the ASP.NET request pipeline. It has right to access life-cycle events
throughout the request. You also want to ensure that the HTTP module allows a user to inspect incoming
and outgoing requests and take appropriate action based on the request. What will be the correct order to
create the HTTP module?
A.
Answer: A

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.12 You can use LINQ in an ASP.NET application through the LinqDataSource control, the __________
control, or by creating LINQ queries.
A. ADO.NET DataSet
B. ObjectDataSource
C. SqlDataSource
D. XmlDataSource
Answer: B

GIAC   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP examen   certification GSSP-NET-CSHARP

NO.13 You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application
development platform. You create a class library using the .NET Framework. The library will be used to
open the NSCs of computers. Later, you will set up the class library to the GAC and provide it Full Trust
permission. You write down the following code segments for the socket connections:
SocketPermission permission = new SocketPermission(PermissionState.Unrestricted);
permission.Assert();
A number of the applications that use the class library may not have the necessary permissions to open
the network socket connections. Therefore, you are required to withdraw the assertion. Which of the
following code segments will you use to accomplish the task?
A. permission.PermitOnly();
B. CodeAccessPermission.RevertDeny();
C. permission.Deny();
D. CodeAccessPermission.RevertAssert();
E. permission.Demand();
Answer: D

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP examen

NO.14 You work as a Software Developer for ABC Inc. The company has several branches worldwide. The
company uses Visual Studio .NET 2005 as its application development platform. You are creating an
application using .NET Framework 2.0. The application will be used by all the branches of the company.
You are using the CompareInfo class for culture-sensitive string comparisons. You write the following
code in the application:
String s1 = "C rtify";
String s2 = "c rtify";
String s3 = "c rtify";
You need to compare the s1 string with the s2 string and ensure that the string comparison must ignore
case. Which of the following code segments will you use to accomplish the task?
A. CompareInfo cmp = CultureInfo.InvariantCulture.CompareInfo; Console.WriteLine(cmp.Compare(s1,
s2, CompareOptions.IgnoreCase));
B. CompareInfo cmp = CultureInfo.InvariantCulture.CompareInfo; Console.WriteLine(cmp.Compare(s1,
s2, CompareOptions.None));
C. CompareInfo cmp = CultureInfo.InvariantCulture.CompareInfo; Console.WriteLine(cmp.Compare(s1,
s2, CompareOptions.Ordinal));
D. CompareInfo cmp = CultureInfo.InvariantCulture.CompareInfo; Console.WriteLine(cmp.Compare(s1,
s2, CompareOptions.OrdinalIgnoreCase));
Answer: A

GIAC examen   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP examen

NO.15 You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its
application development platform. You are creating an ASP.NET Web application using .NET Framework
3.5. The application will be used to share any type of photos on Internet. All the photos should be
accessible in various sizes and formats. You need to add a download feature that can be easily
maintained. You also need to make sure that only a single version of all photos is stored on a SQL server
database. What will you do?
A. Create an HttpModule class to determine the request for the photo download. Process the photo
according to the given format and size, and after that return the processed photo in the response.
B. Create a user control that converts the photo to the required format and size.
C. Create an HttpHandler class to determine the request for the photo download. Process the photo
according to the given format and size, and after that return the processed photo in the response.
D. Create an ActiveX control that converts the photo to the required format and size.
Answer: C

GIAC examen   GSSP-NET-CSHARP   certification GSSP-NET-CSHARP   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP

NO.16 Which of the following techniques is used to transmit passwords during authentication?
A. Asymmetric encryption
B. Hashing
C. Salted Hash
D. Symmetric encryption
Answer: C

GIAC   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.17 You work as a Software Developer for Mansoft Inc. You create an application and use it to create code
access security policies. Which of the following tools will you use to examine and modify code access
security policies from a batch file?
A. Tlbimp.exe
B. GacUtil.exe
C. Sn.exe
D. Caspol.exe
E. StoreAdm.exe
Answer: D

GIAC examen   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.18 Which of the following session and instancing modes will you set if you require a sessionfull binding
and want to create a new instance object for each client request?
A. Set SessionMode to Allowed and IntsanceMode to PerSession.
B. Set SessionMode to Required and IntsanceMode to Single.
C. Set SessionMode to Required and IntsanceMode to PerCall.
D. Set SessionMode to Allowed and IntsanceMode to PerCall.
Answer: C

certification GIAC   GSSP-NET-CSHARP examen   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP

NO.19 You work as an Application Developer for ABC Inc. You are assigned with developing a Web site that
will handle information related to monthly sales of the company. You wish to secure the Web site so that
only employees of the Accounts department can view the Web pages. You need to create roles for the
employees of this department. The user account information will be stored in a SQL Server database
named Database. You decide to do all this by using the Web Site Administration Tool. Which of the
following types of security will you use to accomplish the task?
A. Forms-based authentication
B. Integrated Microsoft Windows authentication
C. Basic authentication
D. Digest authentication
Answer: A

GIAC   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen

NO.20 You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2008 as its
application development platform. You create an ASP.NET Web application using the .NET Framework
3.5. The application contains two HTML pages named Error.htm and
PageNotFound.htm. You want to make sure that the following requirements are met:
l When any user requests a page that does not exist, the PageNotFound.htm page is
displayed.
l When any other error occurs, the Error.htm page is displayed. Which of the following code segments will
you add to the Web.config file to accomplish this task?
A. <customErrors mode="On" defaultRedirect="Error.htm">
<error statusCode="404" redirect="PageNotFound.htm"/>
</customErrors>
B. <customErrors mode="Off">
<error statusCode="400" redirect="Error.htm"/>
<error statusCode="404" redirect="PageNotFound.htm"/>
</customErrors>
C. <customErrors mode="On">
<error statusCode="400" redirect="Error.htm"/>
<error statusCode="404" redirect="PageNotFound.htm"/> </customErrors>
D. <customErrors mode="Off" defaultRedirect="Error.htm"> <error statusCode="404"
redirect="PageNotFound.htm"/> </customErrors>
Answer: A

GIAC   certification GSSP-NET-CSHARP   GSSP-NET-CSHARP   GSSP-NET-CSHARP examen   GSSP-NET-CSHARP

Dans ce monde d'informatique, l'industrie IT est suivi par de plus en plus de ges. Dans ce domaine demandant beaucoup de techniques, il faut des Certificat à se preuver les techniques professionnelle. Les Certificats IT sont improtant pour un interviewé pendant un entretien. C'est pas facile à passer le test GIAC GSSP-NET-CSHARP, donc c'est pourquoi beaucoup de professionnels qui choisissent ce Certificat pour se preuver.

订阅：博文 (Atom)