GISP Exam Questions

Which of the following statements about symmetric encryption are true? Each correct answer represents a complete solution. Choose three.

Which of the following ports is used by the control connection on the FTP server?

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

Which of the following are examples of passive attacks? Each correct answer represents a complete solution. Choose all that apply.

Which of the following protocols transmits user credentials as plaintext?

Which of the following tools was developed by the FBI and is used for keystroke logging in order to capture encryption keys and other information useful for deciphering transmissio...

In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?

Which of the following uses public-key encryption to encrypt and digitally sign e-mail messages during communication between e-mail clients?

Which of the following protocols is used with a tunneling protocol to provide security?

Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?

Which of the following technologies are forms of single sign-on (SSO)? Each correct answer represents a complete solution. Choose three.

An attacker sends a large number of packets to a target computer that causes denial of service. Which of the following type of attacks is this?

Which of the following methods is a behavior-based IDS detection method?

Which of the following areas of a network contains DNS servers and Web servers for Internet users?

Which of the following hashing algorithms produces a variable length hash value?

Which of the following statements about certification authority (CA) are true? Each correct answer represents a complete solution. Choose two.

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional...

Which of the following statements about a hoax are true? Each correct answer represents a complete solution. Choose two.

Which of the following is a term that refers to unsolicited e-mails sent to a large number of e-mail users?

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

Which of the following is known as a message digest?

An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?

Which of the following statements about Secure Sockets Layer (SSL) are true? Each correct answer represents a complete solution. Choose two.

Which of the following protocols work at the session layer of the OSI model? Each correct answer represents a complete solution. Choose two.

Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

* Network diagrams of the we-are-secure infrastructure * Source code of the security tools * IP addressing information of the we-are-secure network Which of the following testing m...

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

Which of the following types of virus is capable of changing its signature to avoid detection?

Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describ...

Which of the following statements about the bridge are true? Each correct answer represents a complete solution. Choose two.

Which of the following is a reason to implement security logging on a DNS server?

Which of the following tools is NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three.

Brutus is a password cracking tool that can be used to crack the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (Fil...

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that a...

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol...

Routers and firewalls use ________ to determine which packets should be forwarded or dropped.

You are a salesperson. You are authorized to access only the information that is essential for your work. Which of the following access control models is used in your organization?

Identify whether the given statement is true or false. "Social engineering is the art of convincing people and making them disclose useful information such as account names and pas...

Which of the following access control models requires centralize database of user accounts?

Which of the following is the new permissions model in Microsoft Exchange Server 2010, which enables you to control, at broad and granular levels, what administrators and end-users...

Which of the following is not a major concern in traditional business transactions as compare to online transactions?

Which of the following should propose appropriate and effective security controls for managing the risks?

Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?

Which of the following is not a biometrics technology for authentication?

Which of the following is NOT a countermeasure against a spoofing attack?

Which of the following is used to repair missing or damaged system files that might prevent Windows from starting correctly?

The backup system that stores only those files that have been changed since the last backup is known as _____.

Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?