Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

GIAC G2700 Exam - Cheat-Test.com

Free G2700 Sample Questions:

Q: 1
You work as the Network Administrator for a defense contractor. Your company works with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that one individual could perhaps compromise the network (intentionally or unintentionally) by setting up improper or unauthorized remote access. What is the best way to avoid this problem?
A. Implement least privileges.
B. Implement RBAC.
C. Implement three way authentication.
D. Implement separation of duties.
Answer: D

Q: 2
You work as an Information Security Manager for XXYY Inc. You are working on a software asset management plan to provide backup for Active Directory. Which of the following data is required to be backed up for this purpose?
A. System state data
B. Users manual
C. DNS record
D. Cache memory
Answer: A

Q: 3
Which of the following laws or acts enforces the prohibition against cyber stalking?
A. Malicious Communications Act (1998)
B. Anti-Cyber-Stalking law (1999)
C. Stalking Amendment Act (1999)
D. Stalking by Electronic Communications Act (2001)
Answer: C

Q: 4
Which of the following are the various domains in the ISO/IEC 27002?
Each correct answer represents a complete solution. Choose all that apply.
A. Management policy
B. Security policy
C. Access security
D. Compliance
Answer: B, C, D

Q: 5
Which of the following needs to be documented to preserve evidences for presentation in court?
A. Account lockout policy
B. Chain of custody
C. Incident response policy
D. Separation of duties
Answer: B

Q: 6
You work as a Security Administrator for XXYY Inc. You are concerned about the password security. Therefore, you have decided to apply a policy that will be helpful for others to create strong passwords. Which of the following are the important things that should be remembered to create a strong password?
Each correct answer represents a complete solution. Choose all that apply.
A. It should be of eight characters.
B. It should be a known word.
C. It should contain at least one number or punctuation character.
D. It should contain at least one capital letter.
Answer: A, C, D

Q: 7
Which of the following are features of protocol and spectrum analyzers?
Each correct answer represents a complete solution. Choose all that apply.
A. A protocol analyzer can be used to analyze network traffic to trace specific transactions.
B. A protocol analyzer can identify physical layer errors in a network switch.
C. A packet analyzer can be used to capture real-time packets and can monitor the network packets on the LAN and the Internet.
D. A spectrum analyzer should have the sensitive measuring equipment capability for detecting waveform frequencies and can identify and locate the interfering transmitter.
Answer: A, C, D

Q: 8
A helpdesk technician received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account on UNIX servers and asked for it. Although the technician didn't know any administrator at the branch office, the guy sounded really friendly and since he knew the root password himself, he supplied the caller with the password.
What type of attack has just occurred?
A. Brute Force attack
B. War dialing attack
C. Social Engineering attack
D. Replay attack
Answer: C

Q: 9
You work as an Information Security Manager for XXYY Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset?
A. Equipment
B. Electricity
C. Reputation of the company
D. Personal data
Answer: C

Q: 10
You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
A. RAID-10
B. RAID-1
C. RAID-5
D. RAID-0
Answer: B

Q: 11
You work as an Information Security Manager for XXYY Inc. The company has made a contract with a third party software company to make a software program for personal use. You have been assigned the task to share the organization's personal requirements regarding the tool to the third party. Which of the following documents should be first signed by the third party?
A. Acknowledgement papers
B. Legal disclaimer
C. Non disclosure agreement (NDA)
D. Copyright papers
Answer: C

Q: 12
Which of the following are the primary rules defined for RBAC?
Each correct answer represents a complete solution. Choose all that apply.
A. Transaction authorization
B. Role authorization
C. Role assignment
D. Transaction assignment
Answer: A, B, C

Q: 13
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?
A. Risk transfer
B. Risk mitigation
C. Risk avoidance
D. Risk acceptance
Answer: A

Q: 14
Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response?
A. Risk owner
B. Project sponsor
C. Diane
D. Subject matter expert
Answer: A

Q: 15
Mark works as a Software Developer for TechNet Inc. He has recently been fired, as he was caught doing some illegal work in the organization. Before leaving the organization, he decided to retaliate against the organization. He deleted some of the system files and made some changes in the registry files created by him. Which of the following types of attacks has Mark performed?
A. DDoS
B. Logic bomb
C. Sabotage
D. Smurf
Answer: B

Q: 16
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
A. Snooping
B. Copyright
C. Patent
D. Utility model
Answer: C

Q: 17
Which of the following standard file formats is used by Apple's iPod to store contact information?
A. vCard
B. hCard
C. HFS+
D. FAT32
Answer: A

Q: 18
You work as a Network Security Administrator for XXYY Inc. You feel that someone has accessed your computer and used your e-mail account. To check whether there is any virus installed into your computer, you scan your computer but do not find any illegal software. Which of the following types of security attacks generally runs behind the scenes on your computer?
A. Zero-day
B. Rootkit
C. Hybrid
D. Replay
Answer: B

Q: 19
You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?
A. Poor resource management.
B. The principle of maximum control.
C. The principle of least privileges.
D. Proper use of an ACL.
Answer: C

Q: 20
Sam works as a Project Manager for Blue Well Inc. He is working on a new project. He wants to access high level risks for the project. Which of the following steps should Sam take in order to accomplish the task?
A. Developing risk management plan to identify risks based on documents
B. Developing project charter and risk management plan to identify risks based on documents
C. Developing project charter to identify risks based on documents
D. Identifying and analyzing risk events using qualitative and quantitative techniques
Answer: B

Q: 21
Mark is the project manager of the NHQ project in StarTech Inc. The project has an asset valued at $195,000 and is subjected to an exposure factor of 35 percent. What will be the Single Loss Expectancy of the project?
A. $67,250
B. $92,600
C. $72,650
D. $68,250
Answer: D

Q: 22
You work as an Information Security Manager for XXYY Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner?
Each correct answer represents a complete solution. Choose all that apply.
A. The owner is allowed to delegate accountability of the asset.
B. The owner should have a document describing the security controls for the asset.
C. The owner is allowed to delegate responsibility for maintaining the asset.
D. The owner has property rights to the asset.
Answer: B, C

Q: 23
Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats?
A. Risk mitigation
B. Risk acceptance
C. Risk avoidance
D. Risk transference
Answer: A

Q: 24
Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk?
A. Risk acceptance
B. Risk mitigation
C. Risk avoidance
D. Risk transference
Answer: A

Q: 25
Which of the following statements is true about exposure factor?
A. It is defined as the cost related to a single realized risk against a particular asset.
B. It is defined as the yearly cost of all instances of a particular threat against a particular asset.
C. It is defined as the expected frequency of occurrence of a particular threat or risk in a single year.
D. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk.
Answer: D

Q: 26
Which of the following paragraphs of the Turnbull Report stated that a company's system of internal control will include information and communication processes?
A. Paragraph 28
B. Paragraph 20
C. Paragraph 21
D. Paragraph 22
Answer: C

Q: 27
You work as a System Administrator for XXYY Inc. You have been given the task to create a new corporate policy. Which of the following approaches must be followed to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Strategic approach
B. Approach to Risk Management
C. Clear and unambiguous approach
D. Industry best practice
Answer: A, B, C

Q: 28
David works as the Network Administrator for XXYY Inc. He has been asked to perform risk analysis. He decides to do it by using CRAMM. The CEO wants to know the negative points of CRAMM which is going to be used by David. Which of the following points will David tell the CEO of the organization?
A. It maintains consistency that results from similar solutions for similar risk profiles.
B. It regularly updates extensive hierarchical countermeasure databases covering non-technical areas.
C. It requires qualified and experienced practitioners to use it.
D. It helps in developing full reviews and rapid reviews.
Answer: C

Q: 29
Which of the following policies is a set of rules applied by the owner/manager of a network, Website or large computer system that restrict the ways in which the network site or system may be used?
A. Default policy
B. Certificate policy
C. Informative policy
D. Acceptable use policy
Answer: D

Q: 30
You work as a Network Security Administrator for XXYY Inc. Your organization has set up a new Internet connection in place of the previous one. It is your responsibility to ensure that employees use the Internet only for official purposes. While reviewing Internet usages, you find that a few people have traversed and downloaded some inappropriate and illegal information. You want to make a policy to stop all these activities in the future. Which of the following policies will you implement to accomplish the task?
A. Acceptable use policy
B. Privacy policy
C. Security policy
D. Due care policy
Answer: A


© 2014 Cheat-Test.com, All Rights Reserved