GCIA Exam - GIAC Certified Intrusion Analyst

  1. Home
  2. GIAC
  3. GCIA Dumps

certleader.com

Master the GCIA GIAC Certified Intrusion Analyst content and be ready for exam day success quickly with this Passleader GCIA exam question. We guarantee it!We make it a reality and give you real GCIA questions in our GIAC GCIA braindumps.Latest 100% VALID GIAC GCIA Exam Questions Dumps at below page. You can use our GIAC GCIA braindumps and pass your exam.

Check GCIA free dumps before getting the full version:

NEW QUESTION 1
Which of the following is NOT the primary type of firewall?

  • A. Network firewall
  • B. Proxy based firewall
  • C. Stateful inspection firewall
  • D. Packet filter firewall

Answer: A

NEW QUESTION 2
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. Active Directory integrated zone has been configured on the network. You want to create a text file that lists the resource records of a specified zone for your record. Which of the following commands will you use to accomplish the task?

  • A. DNSCMD /createdirectorypartition
  • B. DNSCMD /copydns
  • C. DNSCMD /zoneexport
  • D. DNSCMD /config

Answer: C

NEW QUESTION 3
You work as a Network Administrator for McNeil Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You want to configure intrusion detection on the server. You find that the different types of attacks on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box are disabled. What is the most likely cause?

  • A. The PPTP through ISA firewall check box on the PPTP tab page of the IP Packet Filters Properties dialog box is not enable
  • B. The Enable IP routing check box on the General tab page of the IP Packet Filters Properties dialog box is not selecte
  • C. The Log packets from Allow filters check box on the Packet Filters tab page of the IP Packet Filters Properties dialog box is not enable
  • D. The Enable Intrusion detection check box on the General tab page of the IP Packet Filters Properties dialog box is not selecte

Answer: D

NEW QUESTION 4
Which of the following statements best describes the string matching method of signature analysis?

  • A. String matching searches specific strings that may indicate an attac
  • B. String matching examines multiple fields from different protocols, such as source address, destination port, or TCP flag
  • C. In string matching, each packet is wrapped in predefined layers of different protocol
  • D. In string matching, an incoming packet is compared, byte by byte, with a single signature, a string of cod

Answer: D

NEW QUESTION 5
Which of the following is a form of cheating or copying someone else's work or idea without acknowledging the source?

  • A. Patent
  • B. Turnitin
  • C. Copyright
  • D. Plagiarism

Answer: D

NEW QUESTION 6
Which of the following can be applied as countermeasures against DDoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Limiting the amount of network bandwidth
  • B. Blocking IP address
  • C. Using LM hashes for passwords
  • D. Using Intrusion detection systems
  • E. Using the network-ingress filtering

Answer: ABDE

NEW QUESTION 7
Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?

  • A. Propagating Cipher Block Chaining (PCBC) Mode
  • B. Cipher Block Chaining (CBC) Mode
  • C. Electronic Codebook (ECB) Mode
  • D. Cipher Feedback (CFB) Mode

Answer: B

NEW QUESTION 8
Which of the following is the correct order of loading system files into the main memory of the system, when the computer is running on Microsoft's Windows XP operating system?

  • A. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
  • B. BOOT.ini, HAL.dll, NTDETECT.com, NTLDR, NTOSKRNL.exe
  • C. NTLDR, BOOT.ini, HAL.dll, NTDETECT.com, NTOSKRNL.exe
  • D. NTLDR, BOOT.ini, NTDETECT.com, HAL.dll, NTOSKRNL.exe

Answer: D

NEW QUESTION 9
You work as a Network Administrator for McRobert Inc. Your company has a TCP/IP-based network.
You want to know the statistics of each protocol installed on your computer. Which of the following commands will you use?

  • A. NBTSTAT -r
  • B. NETSTAT -s
  • C. NETSTAT -r
  • D. NBTSTAT -s

Answer: B

NEW QUESTION 10
You work as a technician for Tech Perfect Inc. You are troubleshooting an Internet name resolution issue. You ping your ISP's DNS server address and find that the server is down. You want to continuously ping the DNS address until you have stopped the command. Which of the following commands will you use?

  • A. ping -a
  • B. ping -l
  • C. ping -t
  • D. ping –n

Answer: C

NEW QUESTION 11
Which of the following are well-known ports?
Each correct answer represents a complete solution. Choose two.

  • A. 443
  • B. 21
  • C. 1024
  • D. 8080

Answer: AB

NEW QUESTION 12
Which of the following is the process of categorizing attack alerts produced from IDS?

  • A. Blocking
  • B. Site policy implementation
  • C. Intrusion classify
  • D. Alarm filtering

Answer: D

NEW QUESTION 13
Adam works as a professional Computer Hacking Forensic Investigator. He has been assigned with the project of investigating an iPod, which is suspected to contain some explicit material. Adam wants to connect the compromised iPod to his system, which is running on Windows XP (SP2) operating system. He doubts that connecting the iPod with his computer may change some evidences and settings in the iPod. He wants to set the iPod to read-only mode. This can be done by changing the registry key within the Windows XP (SP2) operating system. Which of the following registry keys will Adam change to accomplish the task?

  • A. HKEY_LOCAL_MACHINE\CurrentControlset\Control\StorageDevicePolicies
  • B. HKEY_LOCAL_MACHINE\System\CurrentControlset\StorageDevicePolicies
  • C. HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\StorageDevicePolicies
  • D. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion

Answer: C

NEW QUESTION 14
Which of the following types of attacks uses ICMP to consume bandwidth and crash sites?

  • A. MITM attack
  • B. SYN flood attack
  • C. TFN attack
  • D. XSS attack

Answer: C

NEW QUESTION 15
Which of the following is a signature-based intrusion detection system (IDS) ?

  • A. Snort
  • B. StealthWatch
  • C. RealSecure
  • D. Tripwire

Answer: A

NEW QUESTION 16
Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notice that hops 19 and 20 both show the same IP address.
* 1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv. cox.net (68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms 5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "CertLeader" -8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1. NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3. net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-oc48.NewYork1.Level3.net
(209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET
(152.63.21.78)
* 21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153)
* 30.929 ms 24.858 ms
* 23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms
* 33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms
* 49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.
NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6-
* 0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 CertLeadergw1.
customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19
www.CertLeader.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20
www.CertLeader.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms
Which of the following is the most like cause of this issue?

  • A. Intrusion Detection System
  • B. An application firewall
  • C. Network Intrusion system
  • D. A stateful inspection firewall

Answer: D

NEW QUESTION 17
Which of the following is the primary TCP/IP protocol used to transfer text and binary files over the Internet?

  • A. PPTP
  • B. SNMP
  • C. FTP
  • D. SMTP

Answer: C

NEW QUESTION 18
This tool is known as __________.

  • A. Kismet
  • B. Absinthe
  • C. NetStumbler
  • D. THC-Scan

Answer: C

NEW QUESTION 19
Which of the following are the two sub-layers present in Data Link layer of the OSI Reference model?

  • A. Logical Link control and Media Access control
  • B. Logical control and Link control
  • C. Machine Link control and Logical Link control
  • D. Data control and Media Access control

Answer: A

NEW QUESTION 20
Which of the following attacks is used to hack simple alphabetical passwords?

  • A. Dictionary-based attack
  • B. Sniffing
  • C. Man-in-the-middle attack
  • D. Black hat attack

Answer: A

NEW QUESTION 21
......

P.S. Easily pass GCIA Exam with 508 Q&As Certshared Dumps & pdf Version, Welcome to Download the Newest Certshared GCIA Dumps: https://www.certshared.com/exam/GCIA/ (508 New Questions)


© All pages Copyright to by dumpslabs.com. All rights reserved. thedumpscentre.com