aiotestking uk

GCIA Exam Questions - Online Test


GCIA Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

we provide Approved GIAC GCIA question which are the best for clearing GCIA test, and to get certified by GIAC GIAC Certified Intrusion Analyst. The GCIA Questions & Answers covers all the knowledge points of the real GCIA exam. Crack your GIAC GCIA Exam with latest dumps, guaranteed!

Free demo questions for GIAC GCIA Exam Dumps Below:

NEW QUESTION 1
Which of the following groups provides tools and creates procedures for testing and validating computer forensic software?

  • A. Society of Forensic Tools and Testing (SFTT)
  • B. National Institute of Standards and Technology (NIST)
  • C. Association of Computer Forensic Standards (ACFS)
  • D. Forensic Tool and Standards Committee (FTSC)

Answer: B

NEW QUESTION 2
Which of the following processes is used to convert plain text into cipher text?

  • A. Encryption
  • B. Decryption
  • C. Encapsulation
  • D. Steganography

Answer: A

NEW QUESTION 3
Andrew works as a Forensic Investigator for CertLeader Inc. The company has a Windows-based environment. The company's employees use Microsoft Outlook Express as their e-mail client program. E-mails of some employees have been deleted due to a virus attack on the network.
Andrew is therefore assigned the task to recover the deleted mails. Which of the following tools can Andrew use to accomplish the task?
Each correct answer represents a complete solution. Choose two.

  • A. EventCombMT
  • B. R-mail
  • C. eMailTrackerPro
  • D. FINALeMAIL

Answer: BD

NEW QUESTION 4
Which of the following are not functions of the SNORT application?
Each correct answer represents a complete solution. Choose two.

  • A. Packet logging
  • B. Virus detection
  • C. Hard disk drive scanning
  • D. Packet sniffing
  • E. Intrusion detection

Answer: BC

NEW QUESTION 5
Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notice that hops 19 and 20 both show the same IP address.
* 1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv. cox.net (68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms 5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "CertLeader" -8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1. NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3. net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-oc48.NewYork1.Level3.net
(209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET
(152.63.21.78)
* 21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153)
* 30.929 ms 24.858 ms
* 23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms
* 33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms
* 49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.
NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6-
* 0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 CertLeadergw1.
customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19
www.CertLeader.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20
www.CertLeader.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms
Which of the following is the most like cause of this issue?

  • A. Intrusion Detection System
  • B. An application firewall
  • C. Network Intrusion system
  • D. A stateful inspection firewall

Answer: D

NEW QUESTION 6
Which of the following distributes incorrect IP address to divert the traffic?

  • A. IP spoofing
  • B. Domain name server (DNS) poisoning
  • C. Reverse Address Resolution Protocol
  • D. Route table poisoning

Answer: B

NEW QUESTION 7
Which of the following files records all driver installations after the system has booted?

  • A. setupapi.com
  • B. recdriver.log
  • C. drivinst.log
  • D. setupapi.log

Answer: D

NEW QUESTION 8
Host-based IDS (HIDS) is an Intrusion Detection System that runs on the system to be monitored. HIDS monitors only the data that it is directed to, or originates from the system on which HIDS is installed. Besides monitoring network traffic for detecting attacks, it can also monitor other parameters of the system such as running processes, file system access and integrity, and user logins for identifying malicious activities. Which of the following tools are examples of HIDS?
Each correct answer represents a complete solution. Choose all that apply.

  • A. HPing
  • B. BlackIce Defender
  • C. Tripwire
  • D. Legion

Answer: BC

NEW QUESTION 9
Which of the following utilities is used for decrypting WEP encryption on an 802.11b network?

  • A. Wireshark
  • B. NetStumbler
  • C. Airsnort
  • D. Kismet

Answer: C

NEW QUESTION 10
Which of the following cryptographic methods are used in EnCase to ensure the integrity of the data, which is acquired for the investigation?
Each correct answer represents a complete solution. Choose two.

  • A. CRC
  • B. HAVAL
  • C. Twofish
  • D. MD5

Answer: AD

NEW QUESTION 11
Which of the following image file formats uses a lossy data compression technique?

  • A. GIF
  • B. JPG
  • C. PNG
  • D. TIF

Answer: B

NEW QUESTION 12
You work as a Network Administrator for McNeil Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You want to configure intrusion detection on the server. You find that the different types of attacks on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box are disabled. What is the most likely cause?

  • A. The PPTP through ISA firewall check box on the PPTP tab page of the IP Packet Filters Properties dialog box is not enable
  • B. The Enable IP routing check box on the General tab page of the IP Packet Filters Properties dialog box is not selecte
  • C. The Log packets from Allow filters check box on the Packet Filters tab page of the IP Packet Filters Properties dialog box is not enable
  • D. The Enable Intrusion detection check box on the General tab page of the IP Packet Filters Properties dialog box is not selecte

Answer: D

NEW QUESTION 13
Which of the following statements are true about snort?
Each correct answer represents a complete solution. Choose all that apply.

  • A. It develops a new signature to find vulnerabilitie
  • B. It detects and alerts a computer user when it finds threats such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors and system vulnerabilities, and DDoS client
  • C. It encrypts the log file using the 256 bit AES encryption scheme algorith
  • D. It is used as a passive trap to record the presence of traffic that should not be found on a network, such as NFS or Napster connection

Answer: ABD

NEW QUESTION 14
Which of the following protocols does IPsec use to perform various security functions in the network?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Encapsulating Security Payload
  • B. Internet Key Exchange
  • C. Skinny Client Control Protocol
  • D. Authentication Header

Answer: ABD

NEW QUESTION 15
Steve works as a Network Administrator for Blue Tech Inc. All client computers in the company run the Windows Vista operating system. He often travels long distances on official duty. While traveling, he connects to the office server through his laptop by using remote desktop connection.
He wants to run an application that is available on the server of the company. When he connects to the server, he gets a message that the connection is blocked by the firewall. He returns to his office to resolve the issue. He opens the Windows Firewall Settings dialog box. What actions should he perform in the dialog box given below to accomplish the task?
[MISSING]

  • A.

Answer: A

NEW QUESTION 16
You work as a Network Administrator for TechPerfect Inc. The company has a corporate intranet setup. A router is configured on your network to connect outside hosts to the internetworking. For security, you want to prevent outside hosts from pinging to the hosts on the internetwork. Which of the following steps will you take to accomplish the task?

  • A. Block the ICMP protocol through AC
  • B. Block the IPv6 protocol through AC
  • C. Block the UDP protocol through AC
  • D. Block the TCP protocol through AC

Answer: A

NEW QUESTION 17
Which of the following tools are used to determine the hop counts of an IP packet?
Each correct answer represents a complete solution. Choose two.

  • A. TRACERT
  • B. Ping
  • C. IPCONFIG
  • D. Netstat

Answer: AB

NEW QUESTION 18
......

P.S. DumpSolutions.com now are offering 100% pass ensure GCIA dumps! All GCIA exam questions have been updated with correct answers: https://www.dumpsolutions.com/GCIA-dumps/ (508 New Questions)