Most Recent GIAC Certified Intrusion Analyst GCIA Braindumps

NEW QUESTION 1
Which of the following monitors program activities and modifies malicious activities on a system?

• A. RADIUS
• B. NIDS
• C. Back door
• D. HIDS

Answer: D

NEW QUESTION 2
John enters a URL http://www.cisco.com/web/learning in the web browser. A web page appears after he enters the URL. Which of the following protocols is used to resolve www.cisco.com into the correct IP address?

• A. DNS
• B. SMTP
• C. DHCP
• D. ARP

Answer: A

NEW QUESTION 3
Which of the following IP packet elements is responsible for authentication while using IPSec?

• A. Internet Key Exchange (IKE)
• B. Authentication Header (AH)
• C. Layer 2 Tunneling Protocol (L2TP)
• D. Encapsulating Security Payload (ESP)

Answer: B

NEW QUESTION 4
Which of the following is the default port for File Transport Protocol (FTP)?

• A. 21
• B. 25
• C. 23
• D. 80

Answer: A

NEW QUESTION 5
In which of the following IDS evasion techniques does an attacker deliver data in multiple small sized packets, which makes it very difficult for an IDS to detect the attack signatures of such attacks?

• A. Insertion
• B. Session splicing
• C. Fragmentation overlap
• D. Fragmentation overwrite

Answer: B

NEW QUESTION 6
Which of the following is NOT the functional area of a forensic laboratory?

• A. Network facilities
• B. Evidence storage
• C. Administrative area
• D. Research area

Answer: D

NEW QUESTION 7
Which of the following statements about a host-based intrusion prevention system (HIPS) are true?
Each correct answer represents a complete solution. Choose two.

• A. It can detect events scattered over the networ
• B. It can handle encrypted and unencrypted traffic equall
• C. It cannot detect events scattered over the networ
• D. It is a technique that allows multiple computers to share one or more IP addresse

Answer: BC

NEW QUESTION 8
Which of the following password cracking attacks is implemented by calculating all the possible hashes for a set of characters?

• A. Brute force attack
• B. Dictionary attack
• C. Rainbow attack
• D. SQL injection attack

Answer: C

NEW QUESTION 9
Which of the following DNS resource records is used to resolve a host name to an IPv6 address?

• A. AAAA
• B. HINFO
• C. CNAME
• D. A

Answer: A

NEW QUESTION 10
Which of the following is not a valid Failed Logon EventID?

• A. 535
• B. 536
• C. 534
• D. 533

Answer: B

NEW QUESTION 11
Which of the following is an exact duplicate of computer's hard drive?

• A. system image
• B. bit-stream image
• C. data image
• D. drive image

Answer: B

NEW QUESTION 12
You work as a technician for Tech Perfect Inc. You are troubleshooting an Internet name resolution issue. You ping your ISP's DNS server address and find that the server is down. You want to continuously ping the DNS address until you have stopped the command. Which of the following commands will you use?

• A. ping -a
• B. ping -l
• C. ping -t
• D. ping –n

Answer: C

NEW QUESTION 13
What is the function of TRACERT utility?

• A. Trace the path taken by TCP/IP packets to a remote compute
• B. Provide the host name of the routing devic
• C. Trace the MAC address of the target host's network adapte
• D. Provide DNS server addres

Answer: A

NEW QUESTION 14
Which of the following wireless security features provides the best wireless security mechanism?

• A. WPA
• B. WPA with Pre Shared Key
• C. WPA with 802.1X authentication
• D. WEP

Answer: C

NEW QUESTION 15
Which of the following techniques is used to log network traffic?

• A. Cracking
• B. IP address spoofing
• C. Tunneling
• D. Sniffing

Answer: D

NEW QUESTION 16
You work as a Network Administrator for McRobert Inc. Your company has a TCP/IP-based network. You want to get the protocol statistics and the active TCP/IP network connections of your computer. Which of the following will you use?

• A. IPSTAT
• B. SNMP
• C. ARP
• D. NBTSTAT
• E. NETSTAT

Answer: E

NEW QUESTION 17
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?

• A. DriveSpy
• B. Ontrack
• C. Device Seizure
• D. Forensic Sorter

Answer: A

NEW QUESTION 18
You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside server
• B. Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's sit
• C. Use Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the sourc
• D. Look at the Web servers logs and normal traffic loggin

Answer: ABD

NEW QUESTION 19
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based network. You are configuring an Internet connection on a server. Which of the following servers filters outbound Web traffic on the network?

• A. DHCP server
• B. DNS server
• C. Proxy server
• D. WINS server

Answer: C

NEW QUESTION 20
John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?

• A. Rainbow attack
• B. DoS attack
• C. ARP spoofing
• D. Replay attack

Answer: B

NEW QUESTION 21
......