GIAC Certified Firewall Analyst (GCFW) Free Practice Test

Question 1

Which of the following is known as DNS spoofing?

A. Social engineering

B. Trojan horse

C. Smurf attack

D. Malicious cache poisoning

Correct Answer: D

Question 2

Which of the following applications cannot proactively detect anomalies related to a computer?

A. HIDS

B. Firewall installed on the computer

C. NIDS

D. Anti-virus scanner

Correct Answer: C

Question 3

A scenario involves a pool of users with private IP addresses who need to access the Internet; however, the company has a limited number of IP addresses and needs to ensure users occupy only one public IP address.
Which technology is used to allow a pool of users to share one global IP address for Internet access?

A. Pool Address Translation

B. Per-user Address Translation

C. Port Address Translation

D. Private Address Translation

Correct Answer: C

Question 4

You are the Network Administrator for a college. Wireless access is widely used at the college. You want the most secure wireless connections you can have. Which of the following would you use?

A. WEP2

B. WPA

C. WPA2

D. WEP

Correct Answer: C

Question 5

You work as a Network Administrator for NetTech Inc. Your manager needs to access a particular server on the network from outside the company network. You have a registered IP address assigned to a router on the company network. Which of the following will be useful for accessing the server from outside the network?

A. Dynamic VLAN

B. Switch

C. Static NAT

D. Overloading

Correct Answer: C

Question 6

Which of the following can be used in an extended access list to filter traffic?
Each correct answer represents a part of the solution. Choose all that apply.

A. TCP or UDP port number

B. Source IP address

C. Destination MAC address

D. Protocol

E. Destination IP address

Correct Answer: A,B,D,E

Question 7

Which of the following attacks can be mitigated by providing proper training to the employees in an organization?

A. Smurf

B. Social engineering

C. Denial-of-Service

D. Man-in-the-middle

Correct Answer: B

Question 8

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

A. Install a DMZ firewall

B. Install a network-based IDS

C. Install a host-based IDS

D. Enable verbose logging on the firewall

Correct Answer: B

Question 9

Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?
Each correct answer represents a complete solution. Choose all that apply.

A. scanlogd

B. libnids

C. portsentry

D. nmap

Correct Answer: A,B,C

Question 10

Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?

A. Host Intrusion Detection System (HIDS)

B. Network Intrusion Detection System (NIDS)

C. Man trap

D. Biometric device

Correct Answer: C

Question 11

The general form of the Cisco IOS is a.b.c.de. Which of the following indicates the major version number of the Cisco IOS?

A. b

B. d

C. e

D. a

Correct Answer: D

Question 12

Audit trail or audit log is a chronological sequence of audit records, each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Under which of the following controls does audit control come?

A. Reactive controls

B. Detective controls

C. Protective controls

D. Preventive controls

Correct Answer: B

Question 13

Which of the following ports cannot be used to access the router from a computer?

A. Serial port

B. Vty

C. Aux port

D. Console port

Correct Answer: A

Welcome to TestSimulate

GIAC Certified Firewall Analyst (GCFW) Free Practice Test