GSEC Exam Questions

Your organization has broken its network into several sections/segments, which are separated by firewalls, ACLs and VLANs. The purpose is to defend segments of the network from pot...

Which of the following systems acts as a NAT device when utilizing VMware in NAT mode?

Your organization is developing a network protection plan. No single aspect of your network seems more important than any other. You decide to avoid separating your network into se...

When a packet leaving the network undergoes Network Address Translation (NAT), which of the following is changed?

Which of the following elements is the most important requirement to ensuring the success of a business continuity plan?

Which of the following TCP dump output lines indicates the first step in the TCP 3-way handshake?

Users at the Marketing department are receiving their new Windows XP Professional workstations. They will need to maintain local work files in the first logical volume, and will us...

Which of the following is a new Windows Server 2008 feature for the Remote Desktop Protocol (RDP)?

What is TRUE about Workgroups and Domain Controllers?

What file instructs programs like Web spiders NOT to search certain areas of a site?

Which of the following is a benefit of using John the Ripper for auditing passwords?

Which of the following is an advantage of a Host Intrusion Detection System (HIDS) versus a Network Intrusion Detection System (NIDS)?

Which of the following is more commonly used for establishing high-speed backbones that interconnect smaller networks and can carry signals over significant distances?

The Linux command to make the /etc/shadow file, already owned by root, readable only by root is which of the following?

What is the main reason that DES is faster than RSA?

Which of the following statements would be seen in a Disaster Recovery Plan?

Your software developer comes to you with an application that controls a user device. The application monitors its own behavior and that of the device and creates log files. The lo...

Which of the following is an advantage of private circuits versus VPNs?

What would the following IP tables command do? IP tables -I INPUT -s 99.23.45.1/32 -j DROP

What would the file permission example "rwsr-sr-x" translate to in absolute mode?

Which of the following Unix syslog message priorities is the MOST severe?

During a scheduled evacuation training session the following events took place in this order: 1. Evacuation process began by triggering the building fire alarm. 2a. The meeting poi...

What type of malware is a self-contained program that has the ability to copy itself without parasitically infecting other host code?

An IT security manager is trying to quickly assess the risks associated with not implementing a corporate firewall system. What sort of risk assessment is most appropriate?

In a /24 subnet, which of the following is a valid broadcast address?

Which of the following applications would be BEST implemented with UDP instead of TCP?

One of your Linux systems was compromised last night. According to change management history and a recent vulnerability scan, the system's patches were up-to-date at the time of th...

A folder D:\Files\Marketing has the following NTFS permissions: - Administrators: Full Control - Marketing: Change and Authenticated - Users: Read It has been shared on the server...

Which of the following fields CANNOT be hashed by Authentication Header (AH) in transport mode?

Which of the following is an advantage of an Intrusion Detection System?

If Linux server software is a requirement in your production environment which of the following should you NOT utilize?

Which of the following statements best describes where a border router is normally placed?

following is likely to provide an Authoritative reply?

You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addit...

When should you create the initial database for a Linux file integrity checker?

Validating which vulnerabilities in a network environment are able to be exploited by an attacker is called what?

Which of the following statements would describe the term "incident" when used in the branch of security known as Incident Handling? (A) Any observable network event (B) Harm to sy...

Which of the following is the FIRST step in performing an Operational Security (OP5EC) Vulnerabilities Assessment?

Which of the following SIP methods is used to setup a new session and add a caller?

You are an Intrusion Detection Analyst and the system has alerted you to an Event of Interest (EOI) that appears to be activity generated by a worm. You investigate and find that t...

Which aspect of UNIX systems was process accounting originally developed for?

IPS devices that are classified as "In-line NIDS" devices use a combination of anomaly analysis, signature-based rules, and what else to identify malicious events on the network?

What is the name of the registry key that is used to manage remote registry share permissions for the whole registry?

Which layer of the TCP/IP Protocol Stack Is responsible for port numbers?

How are differences in configuration settings handled between Domain and Local Group Policy Objects (GPOs)?

An attacker gained physical access to an internal computer to access company proprietary data. The facility is protected by a fingerprint biometric system that records both failed...

Which of the following is a type of countermeasure that can be deployed to ensure that a threat vector does not meet a vulnerability?

What is the main problem with relying solely on firewalls to protect your company's sensitive data?

Which of the following features of Windows 7 allows an administrator to both passively review installed software and configure policies to prevent out-of-date or insecure software...

What does an attacker need to consider when attempting an IP spoofing attack that relies on guessing Initial Sequence Numbers (ISNs)?