Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium GIAC GPPA Dumps Questions Answers

Page: 1 / 11
Total 285 questions

GIAC Certified Perimeter Protection Analyst Questions and Answers

Question 1

Which of the following is the default port for POP3?

Options:

A.

80

B.

25

C.

21

D.

110

Buy Now
Question 2

Which of the following tools is used to detect spam email without checking the content?

Options:

A.

DCC

B.

Sniffer

C.

EtherApe

D.

Kismet

Question 3

You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer.

While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command.

What is the cause of the issue?

Options:

A.

Core Networking Firewall rules do not allow IPv4 or IPv6.

B.

Windows Firewall blocks the command line tools.

C.

Windows Firewall rules do not allow Core Networking Tools.

D.

Core Networking Firewall rules do not allow ICMPv4 or ICMPv6 Echo Requests.

Question 4

Paul works as a Technical Representative in a CSIRT for ABC Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Paul wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis.

Which of the following is the correct order for searching data on a Windows based system?

Options:

A.

Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system.

B.

Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces.

C.

Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces.

D.

Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps.

Question 5

You work as a Network Administrator for ABC Inc. The company has a Windows Server 2008- based network. You have created a test domain for testing IPv6 addressing.

Which of the following types of addresses are supported by IPv6?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Broadcast

B.

Multicast

C.

Anycast

D.

Unicast

Question 6

You work as a Network Administrator for ABC Inc.

The company's network contains five Windows 2003 servers and ninety Windows XP Professional client computers. You want to view all the incoming requests to an Internet Information Services (IIS) server and allow only requests that comply with a rule set, created by you, to be processed. You also want to detect the intrusion attempts by recognizing the strange characters in a URL on a Web server.

What will you do to accomplish the task?

Options:

A.

Configure a connection to the SQL database by using the RELOG command-line utility.

B.

Use the Remote Desktop Protocol (RDP).

C.

Use the HFNETCHK utility.

D.

Use the URL Scan tool.

Question 7

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

Options:

A.

Intrusion detection system (IDS)

B.

Firewall

C.

Demilitarized zone (DMZ)

D.

Packet filtering

Question 8

Which of the following vulnerability scanners is used to test Web servers for dangerous files/CGIs, outdated server software, and other problems?

Options:

A.

Hackbot

B.

Nikto

C.

Nessus

D.

Nmap

Question 9

Which of the following can be applied as countermeasures against DDoS attacks?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Blocking IP address.

B.

Using the network-ingress filtering.

C.

Using LM hashes for passwords.

D.

Using Intrusion detection systems.

E.

Limiting the amount of network bandwidth.

Question 10

Which of the following is used as a default port by the TELNET utility?

Options:

A.

21

B.

80

C.

20

D.

23

Question 11

A scenario involves a pool of users with private IP addresses who need to access the Internet; however, the company has a limited number of IP addresses and needs to ensure users occupy only one public IP address.

Which technology is used to allow a pool of users to share one global IP address for Internet access?

Options:

A.

Port Address Translation

B.

Private Address Translation

C.

Per-user Address Translation

D.

Pool Address Translation

Question 12

When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.

Options:

A.

True positive

B.

False negative

C.

False positive

D.

True negative

Question 13

Jain works as a professional Ethical Hacker. He has been assigned the project of testing the security of In order to do so, he performs the following steps of the preattack phase successfully:

• Information gathering

• Determination of network range

• Identification of active systems

• Location of open ports and applications 

Now, which of the following tasks should he perform next?

Options:

A.

Install a backdoor to log in remotely on the We-are-secure server.

B.

Map the network of We-are-secure Inc.

C.

Fingerprint the services running on the we-are-secure network.

D.

Perform OS fingerprinting on the We-are-secure network.

Question 14

Which of the following program loads IOS image into RAM?

Options:

A.

POST

B.

NVRAM

C.

Bootstrap

D.

TFTP

Question 15

Which of the following can provide security against man-in-the-middle attack?

Options:

A.

Anti-virus programs

B.

Strong data encryption during travel

C.

Strong authentication method

D.

Firewall

Question 16

Which of the following utilities provides an efficient way to give specific users permission to use specific system commands at the root level of a Linux operating system?

Options:

A.

Apache

B.

Snort

C.

SSH

D.

SUDO

Question 17

Adam works as a professional Computer Hacking Forensic Investigator, a project has been assigned to him to investigate and examine files present on suspect's computer. Adam uses a tool with the help of which he can examine recovered deleted files, fragmented files, and other corrupted data. He can also examine the data, which was captured from the network, and access the physical RAM, and any processes running in virtual memory with the help of this tool.

Which of the following tools is Adam using?

Options:

A.

HxD

B.

Vedit

C.

WinHex

D.

Evidor

Question 18

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports.

Which of the following tools works as a firewall for the Linux 2.4 kernel?

Options:

A.

OpenSSH

B.

IPChains

C.

Stunnel

D.

IPTables

Question 19

Which of the following is like a malicious cache poisoning where fake data is placed in the cache of the name servers?

Options:

A.

DNS spoofing

B.

SYN flood attack

C.

Smurf attack

D.

Host name spoofing

Question 20

Which of the following techniques allows probing firewall rule-sets and finding entry points into the targeted system or network?

Options:

A.

Packet collision

B.

Network enumerating

C.

Packet crafting

D.

Distributed Checksum Clearinghouse

Question 21

Which of the following tools is used to analyze the files produced by several popular packetcapture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

Options:

A.

Sniffer

B.

tcptraceroute

C.

Fpipe

D.

tcptrace

Question 22

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He wants to send malicious data packets in such a manner that one packet fragment overlaps data from a previous fragment so that he can perform IDS evasion on the We-are-secure server and execute malicious data.

Which of the following tools can he use to accomplish the task?

Options:

A.

Hunt

B.

Mendax

C.

Alchemy Remote Executor

D.

Ettercap

Question 23

The stateful firewalls combine the significant flows into conversations.

Which of the following properties is used to classify a flow?

Each correct answer represents a part of the solution. (Choose all that apply.)

Options:

A.

Destination port

B.

Source port

C.

Source address

D.

Protocol

E.

Destination address

Question 24

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. A firewall has been configured on the network. You configure a filter on the router. You verify that SMTP operations have stopped after the recent configuration.

Which of the following ports will you have to open on the router to resolve the issue?

Options:

A.

20

B.

21

C.

80

D.

25

Question 25

What netsh command should be run to enable IPv6 routing?

Each correct answer represents a part of the solution. (Choose two.)

Options:

A.

netsh interface IPv6 show interface

B.

netsh interface IPv6 set interface

C.

netsh interface IPv6 add address

D.

netsh interface IPv6 add routes

Question 26

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo.

Which of the following folders on the local computer will you review to accomplish the task?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Temporary Internet Folder

B.

History folder

C.

Download folder

D.

Cookies folder

Question 27

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network.

What feature of a router would accomplish this?

Options:

A.

Firewall

B.

Port forwarding

C.

NAT

D.

MAC filtering

Question 28

Which of the following is a hardware/software platform that is designed to analyze, detect and report on security related events.

NIPS is designed to inspect traffic and based on its configuration or security policy, it can drop the malicious traffic?

Options:

A.

NIDS

B.

HIDS

C.

HIPS

D.

NIPS

Question 29

John works as the Security Manager for PassGuide Inc. He wants to create the Profiler database that stores information about the network activity at Layer 3, Layer 4, and Layer 7.

Which of the following will he use to accomplish the task?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Protocol contexts

B.

Ignore connection

C.

Session creation

D.

Session teardown

Question 30

You are configuring a public access wireless connection.

Which of the following is the best way to secure this connection?

Options:

A.

Not broadcasting SSID

B.

Implementing anti-virus

C.

Using MAC filtering

D.

Using WPA encryption

Question 31

Which of the following tools performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs?

Options:

A.

Sniffer

B.

Dsniff

C.

Snort

D.

Nikto

Question 32

The simplest form of a firewall is a packet filtering firewall. Typically, a router works as a packet-filtering firewall and has the capability to filter on some of the contents of packets.

On which of the following layers of the Open System Interconnection (OSI) reference model do these routers filter information?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Transport layer

B.

Data Link layer

C.

Physical layer

D.

Network layer

Question 33

You are tasked with configuring your routers with a minimum security standard that includes the following:

• A local Username and Password configured on the router

• A strong privilege mode password

• Encryption of user passwords

• Configuring telnet and ssh to authenticate against the router user database

Choose the configuration that meets these requirements best.

Options:

A.

RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable password n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login local

B.

RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login

C.

RouterA(config)#service enable-password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login user

D.

RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login local

Question 34

Which of the following is an intrusion detection system that reads all incoming packets and tries to find suspicious patterns known as signatures or rules?

Options:

A.

IPS

B.

NIDS

C.

HIDS

D.

DMZ

Question 35

Which of the following techniques correlates information found on multiple hard drives?

Options:

A.

Live analysis

B.

Gap analysis

C.

Data analysis

D.

Cross-drive analysis

Question 36

You work as a Network Administrator for NetTech Inc. Your manager needs to access a particular server on the network from outside the company network. You have a registered IP address assigned to a router on the company network.

Which of the following will be useful for accessing the server from outside the network?

Options:

A.

Overloading

B.

Switch

C.

Static NAT

D.

Dynamic VLAN

Question 37

You work as a Network Administrator for a bank. For securing the bank's network, you configure a firewall and an IDS. In spite of these security measures, intruders are able to attack the network. After a close investigation, you find that your IDS is not configured properly and hence is unable to generate alarms when needed.

What type of response is the IDS giving?

Options:

A.

False Negative

B.

False Positive

C.

True Positive

D.

True Negative

Question 38

Which of the following IPv4 fields become obsolete while removing the hop-by-hop segmentation (fragmentation) procedure from the IP header?

Each correct answer represents a part of the solution. (Choose three.)

Options:

A.

Datagram Identification Number field

B.

Flags field

C.

Fragment Offset field

D.

Datagram Length field

Question 39

Which of the following protocols is used with a tunneling protocol to provide security?

Options:

A.

EAP

B.

IPSec

C.

FTP

D.

IPX/SPX

Question 40

Which of the following devices are used to implement Network Address Translation (NAT)?

Options:

A.

Routers and switches

B.

Routers and firewalls

C.

Firewalls and file servers

D.

Switches and firewalls

Question 41

Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

Options:

A.

Stateful firewall

B.

Proxy-based firewall

C.

Endian firewall

D.

Packet filter firewall

Question 42

In which of the following IDS evasion techniques does an attacker deliver data in multiple small sized packets, which makes it very difficult for an IDS to detect the attack signatures of such attacks?

Options:

A.

Insertion

B.

Fragmentation overlap

C.

Fragmentation overwrite

D.

Session splicing

Page: 1 / 11
Total 285 questions