Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams


Free GISF Sample Questions:

Q: 1
The security of a computer against the unauthorized usage largely depends upon the efficiency of the applied access control method. Which of the following statements are true about a computer access control method?
Each correct answer represents a complete solution. Choose all that apply.
A. It checks the authenticity of a person.
B. It provides security against the virus attacks.
C. It provides security against Eavesdropping.
D. It is used to encrypt a message before transmitting it on a network.
E. It can be based upon fingerprint or eye recognition.
F. It can be time-synchronous.
Answer: A, E, F

Q: 2
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?
A. Containment
B. Preparation
C. Eradication
D. Identification
Answer: B

Q: 3
Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?
A. OODA loop
B. Risk analysis
C. Firewall security
D. Cryptography
Answer: D

Q: 4
Hardening a system is one of the practical methods of securing a computer system. Which of the following techniques is used for hardening a computer system?
A. Disabling all user accounts
B. Applying Access Control List (ACL)
C. Applying egress filtering
D. Applying a patch to the OS kernel
Answer: D

Q: 5
Web applications play a vital role in deploying different databases with user accessibility on the Internet. Which of the following allows an attacker to get unauthorized access to the database of a Web application by sending (attacking) user-supplied data to an interpreter as part of a command or query?
A. Cross Site Request Forgery (CSRF)
B. Injection flaw
C. Malicious File Execution
D. Cross Site Scripting
Answer: B

Q: 6
You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?
A. Packet manipulation
B. Eavesdropping
C. Denial-of-Service
D. Spoofing
Answer: C

Q: 7
You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security policies and management to enhance the safety of your information systems. Which of the following is the best practice to initiate the renewal process from the lowest level with the least managerial effort?
A. Start the Incident handling process.
B. Switch to a new network infrastructure.
C. Perform an IT audit.
D. Change the entire security policy.
Answer: C

Q: 8
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?
A. Recovery
B. Identification
C. Containment
D. Preparation
Answer: C

Q: 9
You work as an executive manager for Mariotx.Inc. You entered into a business contract with a firm called Helfixnet.Inc. You passed on the contract details to Helfixnet.Inc and also got an acceptance approval. You later find that Helfixnet.Inc is violating the rules of the contract and they claim that they had never entered into any contract with Mariotx.Inc when asked. Which of the following directives of Information Assurance can you apply to ensure prevention from such issues?
A. Non-repudiation
B. Confidentiality
C. Data availability
D. Data integrity
Answer: A

Q: 10
John works as a security manager in Mariotx.Inc. He has been tasked to resolve a network attack issue. To solve the problem, he first examines the critical information about the attacker's interaction to the network environment. He prepares a past record and behavioral document of the attack to find a direction of the solution. Then he decides to perform an action based on the previous hypothesis and takes the appropriate action against the attack.
Which of the following strategies has John followed?
A. OODA loop
B. SWOT Analysis
C. Maneuver warfare
D. Control theory
Answer: A

Q: 11
You are working on your computer system with Linux Operating system. After working for a few hours, the hard disk goes to the inactive state (sleep). You try to restart the system and check the power circuits. You later discover that the hard disk has crashed. Which of the following precaution methods should you apply to keep your computer safe from such issues?
A. Use SMART model.
B. Use Information assurance.
C. Use OODA loop.
D. Use Incident handling.
Answer: A

Q: 12
Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address. He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam?
Each correct answer represents a complete solution. Choose all that apply.
A. Forward a copy of the spam to the ISP to make the ISP conscious of the spam.
B. Report the incident to the FTC (The U.S. Federal Trade Commission) by sending a copy of the spam message.
C. Send an email to the domain administrator responsible for the initiating IP address.
D. Close existing email account and open new email account
Answer: A, B

Q: 13
You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:
The information has proved beneficial to an other company.
The other company is located about 340 feet away from your office.
The other company is also using wireless network.
The bandwidth of your network has degraded to a great extent.
Which of the following methods of attack has been used?
A. A DOS attack has been performed.
B. A worm has exported the information.
C. The information is traced using Bluebugging.
D. A piggybacking attack has been performed.
Answer: D

Q: 14
You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network.
You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?
A. Autonomous system area (AS)
B. Site network area
C. Border network area
D. Demilitarized zone (DMZ)
Answer: C

© 2014, All Rights Reserved