GSEC Exam Questions

To update from a Windows Server Update Services (WSUS) server, users of the machine must have what rights, If any?

How many clients Is a single WSUS server designed to support when the minimum system requirements are met?

What does Authentication Header (AH) add to the packet in order to prevent an attacker from lying about the source?

What is needed for any of the four options for Azure AD multi-factor user authentication?

A Network Engineer is charged with maintaining and protecting a network with a high availability requirement. In addition to other defenses, they have chosen to implement a NIPS. H...

How is confidentiality disabled in the IPSec Encapsulated Security Payload protocol?

What Windows log should be checked to troubleshoot a Windows service that is falling to start?

Which Terraform command should be run immediately after creating a new configuration file for a cloud-based virtual machine?

Which of the following would be used to explicitly deny the traffic from a foreign IP address scanning the EC2 Instances in a VPC?

What does it mean if a protocol such as HTTP is stateless?

On an NTFS file system, what will happen when a conflict exists between Allow and Deny permissions?

What improvement could a company that is rated at a NIST Implementation Tier of 2: Risk Informed do to Increase their rating to a Tier 3: Repeatable?

A Windows administrator wants to automate local and remote management tasks in Active Directory. Which tool is most appropriate for this?

Analyze the screenshot below. In what order should the vulnerabilities be remediated?

What type of HTTP session tracking artifact is designed to expire once a user's web browser session is closed?

A VPC is created with a CIDR block of 10.22.0.0/16, which of the following private subnets could be Included?

Which of the following access control principles helps prevent collusion and detect abuse of access?

If an attacker compromised a host on a site's internal network and wanted to trick other machines into using that host as the default gateway, which type of attack would he use?

Which of the following logging tasks should be evaluated in real-time?

Which Linux command could a systems administrator use to determine if an attacker had opened up a new listening port on her system?

What is log, pre-processing?

Which of the following tasks is the responsibility of a Linux systems administrator who is deploying hardening scripts to his systems?

A web application requires multifactor authentication when a user accesses the application from a home office but does not require this when the user is in the office. What access...

Which of the following resources is a knowledge base of real-world observed adversary tactics and techniques?

Which AWS service integrates with the Amazon API Gateway to provision and renew TLS encryption needs for data in transit?

What is the purpose of notifying stakeholders prior to a scheduled vulnerability scan?

Which data format is shown in the following log entry?

Which of the following is a Personal Area Network enabled device?

What does PowerShell remoting use to authenticate to another host in a domain environment?

Training an organization on possible phishing attacks would be included under which NIST Framework Core guidelines?

What Amazon Web Services (AWS) term describes a grouping of at least one datacenter with redundant power, high speed connections to other data centres and the Internet?

Which Authenticates Assurance Level requires a hardware-based authenticates?

Which field in the IPv6 header is used for QoS. or specifying the priority of the packet?

What is a forensic examiner confirming when they create a cryptographic hash, such asMD5 or SHA1, of a file?

What advantage would an attacker have in attacking a web server using the SSL protocol?

Which of the four basic transformations in the AES algorithm involves the leftward circular movement of state data?

Which of the following processes Is used to prove a user Is who they claim to be based upon something they know, have, are, and/or their physical location?

What method do Unix-type systems use to prevent attackers from cracking passwords using pre- computed hashes?

What security advantage does the utilization of a switch as opposed to a hub offer for a secure network design?

An application developer would like to replace Triple DES in their software with a stronger algorithm of the same type. Which of the following should they use?

Analyze the following screenshot. What conclusion can be drawn about the user account shown?

Based on the iptables output below, which type of endpoint security protection has host 192.168.1.17 implemented for incoming traffic on TCP port 22 (SSH) and TCP port 23 (telnet)?

How does a default deny rule in a firewall prevent unknown attacks?

Which of the following is the key point to consider in the recovery phase of incident handling? Which of the following is the key point to consider in the recovery phase of inciden...

Critical information is encrypted within an application accessible only to a small group of administrators, with a separate group of administrators holding the decryption keys. Wha...

An attacker is able to trick an IDS into ignoring malicious traffic through obfuscation of the packet payload. What type of IDS error has occurred?

How can an adversary utilize a stolen database of unsalted password hashes?

Which of the following Microsoft services integrates SSO into Microsoft 365 by syncing with on- premises servers?

Which of the following utilities can be used to manage the Windows Firewall (WF) from the command line?

What is achieved with the development of a communication flow baseline?