GISP Sample Questions Answers

Which of the following provides the best protection against a man-in-the-middle attack?

Which of the following needs to be documented to preserve evidences for presentation in court?

Which of the following statements about the bridge are true?

Each correct answer represents a complete solution. Choose two.

Which of the following is used by attackers to obtain an authenticated connection on a network?

Which of the following statements about Network Address Translation (NAT) is true?

Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?

Which of the following protocols implements VPN using IPSec?

Which of the following are examples of passive attacks?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following are based on malicious code?

Each correct answer represents a complete solution. Choose two.

You work as a Web Administrator for Perfect World Inc. The company is planning to host an Ecommerce Web site. You are required to design a security plan for it. Client computers with different operating systems will access the Web server. How will you configure the Web server so that it is secure and only authenticated users are able to access it?

Each correct answer represents a part of the solution. Choose two.

Fill in the blanks with the appropriate values.

International Data Encryption Algorithm (IDEA) is a _____ -bit block cipher that uses a ________-bit key.

Which of the following are considered Bluetooth security violations?

Each correct answer represents a complete solution. Choose two.

Which of the following viruses masks itself from applications or utilities to hide itself by detection of anti-virus software?

Which of the following classes of fire comes under Class C fire?

Fill in the blank with the appropriate value.

Twofish symmetric key block cipher operates on 128-bits block size using key sizes up to______ bits.

Which of the following methods is a behavior-based IDS detection method?

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

Which of the following types of evidence is considered as the best evidence?

Which of the following is NOT a countermeasure against a spoofing attack?

Which of the following types of coaxial cable is used for cable TV and cable modems?

Which of the following encryption strengths is used to secure NTLM version 2 passwords?

Which of the following port numbers is used by the HTTPS protocol for secure Web transmission?

Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

Which of the following is the rating for electronic or computer fires?

Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?

Which of the following are the major tasks of risk management?

Each correct answer represents a complete solution. Choose two.

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.

Which of the following will you use to accomplish this?

Which of the following statements about certification authority (CA) are true?

Each correct answer represents a complete solution. Choose two.

Which of the following access control models requires centralize database of user accounts?

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain-based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?

John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?

Which of the following VPN protocols offer encryption?

Each correct answer represents a complete solution. Choose two.

Which of the following statements about Dynamic Host Configuration Protocol (DHCP) are true?

Each correct answer represents a complete solution. Choose two.

Which of the following is ensured by the concept of availability in information system security?

Which of the following statements about asymmetric encryption are true?

Each correct answer represents a complete solution. Choose two.

Which of the following protocols are used to provide secure communication between a client and a server over the Internet?

Each correct answer represents a part of the solution. Choose two.

Which of the following protocols work at the Network layer of the OSI model?

Which of the following is a reason to implement security logging on a DNS server?

Which of the following are the common roles with regard to data in an information classification program?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is the default port for TACACS?

Identify whether the given statement is true or false.

"Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords."

Which of the following protocols is used to send e-mails on the Internet?

Which of the following types of activities can be audited for security?

Each correct answer represents a complete solution. Choose three.

Brutus is a password cracking tool that can be used to crack the following authentications:

•HTTP (Basic Authentication)

•HTTP (HTML Form/CGI)

•POP3 (Post Office Protocol v3)

•FTP (File Transfer Protocol)

•SMB (Server Message Block)

•Telnet

Which of the following attacks can be performed by Brutus for password cracking?

Each correct answer represents a complete solution. Choose all that apply.

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the _____ layer of the OSI model.

Which of the following is known as a message digest?

Which of the following is the default port for Secure Shell (SSH)?

Which of the following technologies are forms of single sign-on (SSO)?

Each correct answer represents a complete solution. Choose three.

Which of the following are the centralized administration technologies?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

Key escrow is a method of __________.

Which of the following classes of fire comes under Class C fire?

Which of the following are politically motivated threats that an organization faces?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following are the ways of sending secure e-mail messages over the Internet?

Each correct answer represents a complete solution. Choose two.

Which of the following protocols is used with a tunneling protocol to provide security?

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.

A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?

An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?

Which of the following is a term that refers to unsolicited e-mails sent to a large number of e-mail users?

Which of the following defines the communication link between a Web server and Web applications?

Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?

Each correct answer represents a complete solution. Choose two.

Which of the following are advantages of NTFS file system over FAT32 and FAT?

Each correct answer represents a part of the solution. Choose two.

You are going to upgrade your hard disk's file system from FAT to NTFS. What are the major advantages of the NTFS file system over FAT16 and FAT32 file systems?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

Which of the following are examples of passive attacks?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following activities is used to take place after recording and registering an incident?

Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?

The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from children under __ years of age without verifiable permission of a parent?

The _______ protocol allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.

Which of the following is the rating for gasoline or oil fires?

Which of the following methods is a behavior-based IDS detection method?

International Data Encryption Algorithm (IDEA) is a __________ block cipher.

In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?

Which of the following is a type of halon?

__________ is the process of verifying the identity of a user and obtaining required evidences from the user.

Which of the following task force was formed to examine the impact of Electronic Publishing on the intellectual property rights?

Which term best describes an e-mail that contains incorrect and misleading information or warnings about viruses?

Which of the following is not a level of military data-classification system?

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS)?

Each correct answer represents a complete solution. Choose three.

Which of the following are tunneling protocols?

Each correct answer represents a complete solution. Choose two.

Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?

Which of the following IP addresses are private addresses?

Each correct answer represents a complete solution. Choose all that apply.

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Which of the following processes removes data from the media so that it is difficult to restore?

Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

Which of the following is the method of hiding data within another media type such as graphic or document?

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

Which of the following is an industry standard authentication protocol commonly used in UNIX networks?

Fill in the blank with the appropriate value.

Service Set Identifiers (SSIDs) are case sensitive text strings that have a maximum length of_______ characters.

On which of the following OSI model layers does the Point-to-Point Protocol (PPP) work?

What are the benefits of using a proxy server on a network?

Each correct answer represents a complete solution. Choose all that apply.

Fill in the blanks with the appropriate values.

International Data Encryption Algorithm (IDEA) is a _____ -bit block cipher that uses a ________-bit key.

Which of the following devices performs protocol and format translations?

Which of the following processes is known as Declassification?

On which of the following OSI model layers does IPSec operate?

Which of the following protocols provides maintenance and error reporting function?

Which of the following is used by attackers to obtain an authenticated connection on a network?

Which of the following concepts represent the three fundamental principles of information security?

Each correct answer represents a complete solution. Choose three.

Which of the following protocols work at the network layer?

Each correct answer represents a complete solution. Choose three.

John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

Which of the following protocols uses TCP port 22 as the default port and operates at the application layer?

Which of the following layers protocols handles file transfer and network management?

Which of the following are the primary components of a discretionary access control (DAC) model?

Each correct answer represents a complete solution. Choose two.

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Which of the following involves identifying and minimizing the effect of risks?

How many keys are used to encrypt data in symmetric encryption?

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

Which of the following is the new permissions model in Microsoft Exchange Server 2010, which enables you to control, at broad and granular levels, what administrators and end-users can do?

Fill in the blanks with the appropriate values.

International Data Encryption Algorithm (IDEA) is a ______ -bit block cipher that uses a _____-bit key.

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

Which of the following access control models uses a role based method to determine access rights and permission?

Which of the following is the most secure authentication method?

Which of the following types of attacks slows down or stops a server by overloading it with requests?

Which of the following are methods used for authentication?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Which of the following authentication techniques will you use to implement the security policy of the company?

Which of the following components come under the network layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

Which of the following statements about Network Address Translation (NAT) are true?

Each correct answer represents a complete solution. Choose two.

Which of the following layers of the OSI model provides end-to-end service?

Which of the following policies is set by a network administrator to allow users to keep their emails and documents for a fixed period of time?

Which of the following statements about Discretionary Access Control List (DACL) is true?

Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?

Mark the list that mentions the correct levels of classification of the military data-classification system.

Which of the following is the best way of protecting important data against virus attack?

Which of the following statements about extranet are true?

Each correct answer represents a complete solution. Choose two.

Which of the following languages enable programmers to store cookies on client computers?

Each correct answer represents a complete solution. Choose two.

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values:

ItemID1=2

ItemPrice1=900

ItemID2=1

ItemPrice2=200

Modified cookie values:

ItemID1=2

ItemPrice1=1

ItemID2=1

ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domainbased network. The company has two offices in different cities. The offices are connected through the Internet. Both offices have a Windows 2003 server named SERV1 and SERV2 respectively. Mark is required to create a secure connection between both offices. He configures a VPN connection between the offices using the two servers. He uses L2TP for VPN and also configures an IPSec tunnel. Which of the following will he achieve with this configuration?

Each correct answer represents a part of the solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?

Which of the following functions are performed by a firewall?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following statements are true about a Gantt chart?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following type of errors occurs when a legitimate user incorrectly denied access to resources by the Biometrics authentication systems?

Which of the following categories of UTP cable has maximum data transfer rate of 155 Mbps?

Which of the following are tunneling protocols?

Each correct answer represents a complete solution. Choose two.

Which of the following statements about the bridge are true?

Each correct answer represents a complete solution. Choose two.

Against which of the following does SSH provide protection?

Each correct answer represents a complete solution. Choose two.

What will be the best strategy to prevent employees on a Local Area Network from performing unauthorized activities?

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

Which of the following protocols is used to establish a secure TELNET session over TCP/IP?

Which of the following protocols is built in the Web server and browser to encrypt data traveling over the Internet?

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are-secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following are used to suppress gasoline and oil fires?

Each correct answer represents a complete solution. Choose three.

John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following terms is used for securing an operating system from an attack?

Which of the following refers to going through someone's trash to find out useful or confidential information?

Which of the following defines the communication link between a Web server and Web applications?

Which of the following are the examples of administrative controls?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following attacks involves multiple compromised systems to attack a single target?

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?

Each correct answer represents a complete solution. Choose all that apply.

Fill in the blanks with the appropriate values.

Twofish symmetric algorithm operates on _______ -bit blocks and can support a key length of up to ________ bits.

Which of the following is a term used to refer to access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge?

Which of the following safes are large enough to allow a person to enter?

Which of the following records everything a person types using the keyboard?

Which of the following layers are the sub layers of the data-link layer?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following languages is a fourth-generation language?

Which of the following are the types of access controls?

Each correct answer represents a complete solution. Choose three.

Which of the following are threats to network security?

Each correct answer represents a complete solution. Choose two.

How long are cookies in effect if no expiration date is set?

Which of the following are default ports for the FTP service?

Each correct answer represents a complete solution. Choose two.

Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?

Which of the following statements about the authentication concept of information security management is true?

Which of the following statements is true about auditing?

This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:

•It displays the signal strength of a wireless network, MAC address, SISD, channel details, etc.

•It is commonly used for the following purposes:

a. War driving

b. Detecting unauthorized access points

c. Detecting causes of interference on a WLAN

d. WEP ICV error tracking

e. Making Graphs and Alarms on 802.11 Data, including Signal Strength

This tool is known as __________.

Which of the following refers to the emulation of the identity of a network computer by an attacking computer?

Which of the following types of Network Address Translation (NAT) uses a pool of public IP addresses?

Which of the following statements about a certificate is true?

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:

Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'

This error message shows that the We-are-secure Website is vulnerable to __________.

Which of the following statements is true about a polymorphic virus?

Which of the following statement about snooping is true?

Which of the following layers of the OSI model provides non-repudiation services?

Which of the following are the basic architectures of microprocessors used in modern computers?

Each correct answer represents a complete solution. Choose two.

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.

A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?

How many keys are used to encrypt data in symmetric encryption?

Which of the following is an open source network intrusion detection system?

Which of the following protocols is responsible for requesting Web pages from a Web server and sending back the responses to the Web browser?

Which of the following access control models uses a predefined set of access privileges for an object of a system?

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

Which of the following ports is assigned by the Internet Assigned Number Authority (IANA) for RADIUS accounting?

Which of the following types of fire comes under Class K fire?

Which of the following is the default port for DNS zone transfer?

Which of the following entities are directly involved in Secure Electronic Transaction (SET)?

Each correct answer represents a complete solution. Choose three.

Which of the following is referred to as Radio Frequency Interference (RFI) and Electromagnetic Interference (EMI)?

Which of the following OSI model layers handles addressing and routing?