GSEC Exam Questions

In preparation to do a vulnerability scan against your company's systems. You've taken the steps below: - You've notified users that there will be a system test. - You've priontize...

There are three key factors in selecting a biometric mechanism. What are they?

What is the following sequence of packets demonstrating?

Which of the following is a Layer 3 device that will typically drop directed broadcast traffic?

Which of the following would be a valid reason to use a Windows workgroup?

Which Defense-in-Depth model involves identifying various means by which threats can become manifest and providing security mechanisms to shut them down?

Included below is the output from a resource kit utility run against local host. Which command could have produced this output?

How is a Distributed Denial of Service (DDOS) attack distinguished from a regular DOS attack?

Regarding the UDP header below, what is the length in bytes of the UDP datagrarn? 04 1a 00 a1 00 55 db 51

A sensor that uses a light beam and a detecting plate to alarm if the light beam is obstructed is most commonly used to identify which of the following threats?

What protocol is a WAN technology?

Which of the following is a characteristic of hash operations?

The TTL can be found in which protocol header?

Which of the following is a required component for successful 802.lx network authentication?

What is the name of the command-line tool for Windows that can be used to manage audit policies on remote systems?

Many IIS servers connect to Microsoft SQL databases. Which of the following statements about SQL server security is TRUE?

You have an automated system for patching the operating systems of all your computers. All patches are supposedly current. Yet your automated vulnerability scanner has just reporte...

You are doing some analysis of malware on a Unix computer in a closed test network. The IP address of the computer is 192.168.1.120. From a packet capture, you see the malware is a...

What type of formal document would include the following statement? Employees are responsible for exercising good judgment regarding the reasonableness of personal use. Individual...

What is the command-line tool for Windows XP and later that allows administrators the ability to get or set configuration data for a very wide variety of computer and user account...

A US case involving malicious code is brought to trial. An employee had opened a helpdesk ticket to report specific instances of strange behavior on her system. The IT helpdesk rep...

When you log into your Windows desktop what information does your Security Access Token (SAT) contain?

Which type of risk assessment results are typically categorized as low, medium, or high-risk events?

What is the first thing that should be done during the containment step of incident handling?

Which choice best describes the line below? alert tcp any any -> 192.168.1.0/24 80 (content: /cgi-bin/test.cgi"; msg: "Attempted CGI-BIN Access!!";)

Which class of IDS events occur when the IDS fails to alert on malicious data?

Which of the following tools is also capable of static packet filtering?

Which of the following best describes the level of risk associated with using proprietary crypto algorithms.?

What is the discipline of establishing a known baseline and managing that condition known as?

What is the name of the Windows XP/2003 tool that you can use to schedule commands to be executed on remote systems during off-peak hours?

Your IT security team is responding to a denial of service attack against your server. They have taken measures to block offending IP addresses. Which type of threat control is thi...

What is the unnoticed theft of sensitive data from a laptop owned by an organization's CEO an example of in information warfare?

Who is responsible for deciding the appropriate classification level for data within an organization?

Which of the following protocols describes the operation of security In H.323?

If a DNS client wants to look up the IP address for good.news.com and does not receive an authoritative reply from its local DNS server, which name server is most likely to provide...

Analyze the screenshot below. What is the purpose of this message?

Why would someone use port 80 for deployment of unauthorized services?

Which of the below choices should an organization start with when implementing an effective risk management process?

In trace route results, what is the significance of an * result?

You have set up a local area network for your company. Your firewall separates your network into several sections: a DMZ with semi-public servers (web, dns, email) and an intranet...

The following three steps belong to the chain of custody for federal rules of evidence. What additional step is recommended between steps 2 and 3? STEP 1 - Take notes: who, what, w...

Which Defense-in-Depth principle starts with an awareness of the value of each section of information within an organization?

Which of the following Linux commands can change both the username and group name a file belongs to?

Which of the following is a backup strategy?

The Return on Investment (ROI) measurement used in Information Technology and Information Security fields is typically calculated with which formula?

What database can provide contact information for Internet domains?

During which of the following steps is the public/private key-pair generated for Public Key Infrastructure (PKI)?

What is the process of simultaneously installing an operating system and a Service Pack called?

Which of the following is an UDP based protocol?

What is the function of the TTL (Time to Live) field in IPv4 and the Hop Limit field in IPv6 In an IP Packet header?