• Home
  • Articles
  • 2021 GSEC Dumps PDF - GSEC Real Exam Questions Answers [Q10-Q32]

2021 GSEC Dumps PDF - GSEC Real Exam Questions Answers [Q10-Q32]

Share

2021 GSEC Dumps PDF - GSEC Real Exam Questions Answers

Valid GSEC Test Answers & GIAC GSEC Exam PDF


Main Exam Details

GIAC GSEC a proctored exam that runs for a maximum of 5 hours. It features a total of 180 questions, with a passing score of 73%. The test’s curriculum is built around a huge variety of technical concepts that prove mastery of information security. The topic areas covered include access control and power management, basics of cryptography, its deployment specifics, and various associated algorithms, and network security, as well as defensible network architecture.

Also, candidates should be familiar with vulnerability scanning and penetration testing, Linux security, including attack detection and permissions, incident response, and contingency plans. Finally, the applicants should master the concepts such as security policy, virtualization, the security of endpoints, cloud, and web services, and Windows-related topics like auditing, automation, access controls, and more.


Topics of GSEC Exam

Candidates must know the exam topics before they start of preparation. Because it will really help them in hitting the core. Our GSEC dumps will include the following topics:

-Active defense, defense in depth, access control & password management

  • Cryptography: basic concepts, algorithms and deployment, and application
  • Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services
  • Incident handling & response, vulnerability scanning and penetration testing
  • Security policy, contingency plans, critical controls and IT risk management
  • Linux Security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
  • Web communication security, virtualization, and cloud security, and endpoint security

Finally, the course will bring you an opportunity to better understand the effectiveness of different security devices in an organization, improve your skills in handling compromised systems within your network, and gain basic knowledge of an organization’s security features as well as why some of their systems get compromised. When all is done, you can verify your competence using the official SANS Security Essentials Assessment Test that’s also offered on this platform. In summary, here’s what this program will address:

  • Windows Security
  • Data Security Technologies
  • Network Security Essentials

Before enrolling in the SEC401 course, it is recommended to complete SEC301: Introduction to Cyber Security training beforehand. However, this is not a strict requirement. But, it will give a valuable fundamental knowledge and skills needed to complete the SEC401 course hassle-free.

 

NEW QUESTION 10
IPS devices that are classified as "In-line NIDS" devices use a combination of anomaly analysis, signature- based rules, and what else to identify malicious events on the network?

  • A. Firewall compatibility rules
  • B. MAC address filtering
  • C. ICMP and UDP active scanning
  • D. Application analysis

Answer: D

 

NEW QUESTION 11
Why would someone use port 80 for deployment of unauthorized services?

  • A. HTTP traffic is usually allowed outbound to port 80 through the firewall in most environments.
  • B. Google will detect the service listing on port 80 and post a link, so that people all over the world will surf to the rogue service.
  • C. This is a technique commonly used to perform a denial of service on the local web server.
  • D. If someone were to randomly browse to the rogue port 80 service they could be compromised.

Answer: A

 

NEW QUESTION 12
Which of the following fields CANNOT be hashed by Authentication Header (AH) in transport mode?

  • A. Source IP
  • B. TTL
  • C. Destination IP
  • D. Length

Answer: B

 

NEW QUESTION 13
What is the main problem with relying solely on firewalls to protect your company's sensitive data?

  • A. Their value is limited unless a full-featured Intrusion Detection System is used.
  • B. Their value is limited because they can be bypassed by technical and non-technical means.
  • C. Their value is limited because operating systems are now automatically patched.
  • D. Their value is limited because they cannot be changed once they are configured.

Answer: B

 

NEW QUESTION 14
What type of malware is a self-contained program that has the ability to copy itself without parasitically infecting other host code?

  • A. Trojans
  • B. Boot infectors
  • C. Viruses
  • D. Worms

Answer: D

 

NEW QUESTION 15
In order to capture traffic for analysis, Network Intrusion Detection Systems (NIDS) operate with network cards in what mode?

  • A. Discrete
  • B. Reporting
  • C. Alert
  • D. Promiscuous

Answer: D

 

NEW QUESTION 16
You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You have created a folder named Report. You have made David the owner of the folder. The members of a group named JAdmin can access the folder and have Read, Write, and Execute permissions. No other user can access the folder. You want to ensure that the members of the JAdmin group do not have Write permission on the folder. Also, you want other users to have Read permission on the Report folder. Which of the following commands will you use to accomplish the task?

  • A. chmod 777 report
  • B. chmod 555 report
  • C. chown david.jadmin report
  • D. chmod 754 report

Answer: D

 

NEW QUESTION 17
Which of the following statements best explains how encryption works on the Internet?

  • A. Encryption helps in transaction processing by e-commerce servers on the Internet.
  • B. Encryption validates a username and password before sending information to the Web server.
  • C. Encryption allows authorized users to access Web sites that offer online shopping.
  • D. Encryption encodes information using specific algorithms with a string of numbers known as a key.

Answer: D

 

NEW QUESTION 18
Which access control mechanism requires a high amount of maintenance since all data must be classified, and all users granted appropriate clearance?

  • A. Role-Based
  • B. Rule set-based
  • C. Discretionary
  • D. Mandatory

Answer: D

 

NEW QUESTION 19
You have set up a local area network for your company. Your firewall separates your network into several sections: a DMZ with semi-public servers (web, dns, email) and an intranet with private servers. A penetration tester gains access to both sections and installs sniffers in each. He is able to capture network traffic for all the devices in the private section but only for one device (the device with the sniffer) in the DMZ. What can be inferred about the design of the system?

  • A. You installed a hub in the private section and a switch in the DMZ
  • B. You installed a switch in the private section and a hub in the DMZ
  • C. You installed a router in the private section and a switch in the DMZ
  • D. You installed a switch in the private section and a router in the DMZ

Answer: A

 

NEW QUESTION 20
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http:// www.uCertify.com. What is the most likely cause?

  • A. WINS server has no NetBIOS name entry for the server.
  • B. The site's Web server has heavy traffic.
  • C. DNS entry is not available for the host name.
  • D. The site's Web server is offline.

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 21
Which of the following works at the network layer and hides the local area network IP address and topology?

  • A. Network interface card (NIC)
  • B. MAC address
  • C. Hub
  • D. Network address translation (NAT)

Answer: D

 

NEW QUESTION 22
With regard to defense-in-depth, which of the following statements about network design principles is correct?

  • A. A secure network design will seek to separate resources by providing a security boundary between systems that have different network security requirements.
  • B. A secure network design requires that systems that have access to the Internet should not be accessible from the Internet and that systems accessible from the Internet should not have access to the Internet.
  • C. A secure network design will seek to provide an effective administrative structure by providing a single choke-point for the network from which all security controls and restrictions will be enforced.
  • D. A secure network design requires that networks utilize VLAN (Virtual LAN) implementations to insure that private and semi-public systems are unable to reach each other without going through a firewall.

Answer: A

 

NEW QUESTION 23
Which of the following standards is used in wireless local area networks (WLANs)?

  • A. IEEE 802.3
  • B. IEEE 802.11b
  • C. IEEE 802.5
  • D. IEEE 802.4

Answer: B

 

NEW QUESTION 24
Which of the following records everything a person types using the keyboard?

  • A. Line conditioner
  • B. Firewall
  • C. Port scanner
  • D. Keystroke logger

Answer: D

 

NEW QUESTION 25
You work as a Network Administrator for Perfect World Inc. You are configuring a network that will include 1000BaseT network interface cards in servers and client computers. What is the maximum segment length that a 1000BaseT network supports?

  • A. 1000 meters
  • B. 10 meters
  • C. 480 meters
  • D. 100 meters

Answer: D

 

NEW QUESTION 26

  • A. The packets may be deliberately spoofed by an attacker.
  • B. A and B
  • C. The packets are a sign of excess fragmentation.
  • D. A and D
  • E. B and D
  • F. The packets are probably corrupted.
  • G. B and C
  • H. The packets may have been accidentally routed onto the Internet.

Answer: G,H

 

NEW QUESTION 27
You work as a Network Administrator for NetTech Inc. When you enter
http://66.111.64.227
in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter
http://www.uCertify.com. What is the most likely cause?

  • A. WINS server has no NetBIOS name entry for the server.
  • B. The site's Web server has heavy traffic.
  • C. DNS entry is not available for the host name.
  • D. The site's Web server is offline.

Answer: C

 

NEW QUESTION 28
What is the main problem with relying solely on firewalls to protect your company's sensitive data?

  • A. Their value is limited unless a full-featured Intrusion Detection System is used.
  • B. Their value is limited because they can be bypassed by technical and non-technical means.
  • C. Their value is limited because operating systems are now automatically patched.
  • D. Their value is limited because they cannot be changed once they are configured.

Answer: B

 

NEW QUESTION 29
Which of the following terms refers to the process in which headers and trailers are added around user data?

  • A. Encapsulation
  • B. Authentication
  • C. Authorization
  • D. Encryption

Answer: A

 

NEW QUESTION 30
What is the first thing that should be done during the containment step of incident handling?

  • A. Notify management
  • B. Secure the area
  • C. Prepare the Jump bag
  • D. Prepare a report
  • E. Change all the passwords

Answer: B

 

NEW QUESTION 31
Which of the following protocols implements VPN using IPSec?

  • A. SLIP
  • B. PPP
  • C. PPTP
  • D. L2TP

Answer: D

 

NEW QUESTION 32
......

GSEC Exam Dumps - PDF Questions and Testing Engine: https://www.practicevce.com/GIAC/GSEC-practice-exam-dumps.html

Realistic GSEC Exam Dumps with Accurate & Updated Questions: https://drive.google.com/open?id=1fMyUug4R2T3w3vRK22aAKoP5RJmRb9Nv

Related Articles

more
GIAC GSEC Certification Practice Exam