GIAC Information Security Professional (GISP) Free Practice Test

Question 1

Which of the following types of attacks is only intended to make a computer resource unavailable to its users?

A. Replay attack

B. Denial of Service attack

C. Teardrop attack

D. Land attack

Correct Answer: B

Question 2

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

A. Fingerprinting

B. TCP FTP proxy scanning

C. Web ripping

D. Eavesdropping

Correct Answer: C

Question 3

Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?

A. Rainbow table

B. Rootkit

C. Backdoor

D. Access control list

Correct Answer: D

Question 4

Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?

A. Brouter

B. Switch

C. Router

D. Hub

Correct Answer: B

Question 5

Which of the following VPN protocols offer encryption?
Each correct answer represents a complete solution. Choose two.

A. PPTP

B. L2TP

C. L2F

D. IPSec

Correct Answer: A,D

Question 6

Which of the following statements about Network Address Translation (NAT) are true?
Each correct answer represents a complete solution. Choose three.

A. It hides the internal IP addressing scheme.

B. It shares public Internet addresses with a large number of internal network clients.

C. It is used to connect private networks to the public Internet.

D. It protects network from the password guessing attacks.

Correct Answer: A,B,C

Question 7

How many layers does the TCP/IP model consist of?

A. Seven

B. Five

C. Six

D. Four

Correct Answer: D

Question 8

Which of the following records is the first entry in a DNS database file?

A. SOA

B. SRV

C. CNAME

D. MX

Correct Answer: A

Question 9

Which of the following protocols is used to establish a secure TELNET session over TCP/IP?

A. PGP

B. IPSEC

C. SSH

D. SSL

Correct Answer: C

Question 10

Brutus is a password cracking tool that can be used to crack the following authentications:
*HTTP (Basic Authentication)
*HTTP (HTML Form/CGI)
*POP3 (Post Office Protocol v3)
*FTP (File Transfer Protocol)
*SMB (Server Message Block)
*Telnet
Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.

A. Hybrid attack

B. Replay attack

C. Dictionary attack

D. Brute force attack

E. Man-in-the-middle attack

Correct Answer: A,C,D

Question 11

Which of the following access control models requires centralize database of user accounts?

A. User based

B. Data based

C. Group based

D. Partitions based

Correct Answer: C

Question 12

Which of the following books deals with confidentiality?

A. Purple Book

B. Red Book

C. Brown Book

D. Orange Book

Correct Answer: D

Question 13

Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?

A. Spoofing

B. Shielding

C. System hardening

D. Auditing

Correct Answer: B

Welcome to TestSimulate

GIAC Information Security Professional (GISP) Free Practice Test