How Many Questions Of GISF Questions Pool

Cause all that matters here is passing the GIAC GISF exam. Cause all that you need is a high score of GISF GIAC Information Security Fundamentals exam. The only one thing you need to do is downloading Testking GISF exam study guides now. We will not let you down with our money-back guarantee.

Free GISF Demo Online For GIAC Certifitcation:

NEW QUESTION 1

Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

  • A. Disaster Invocation Guideline
  • B. Business Continuity Strategy
  • C. Index of Disaster-Relevant Information
  • D. Availability/ ITSCM/ Security Testing Schedule

Answer: B

NEW QUESTION 2

You work as a Network Administrator for ABC Inc. The company has a secure wireless network.
However, in the last few days, an attack has been taking place over and over again. This attack is taking advantage of ICMP directed broadcast. To stop this attack, you need to disable ICMP directed broadcasts. Which of the following attacks is taking place?

  • A. Smurf attack
  • B. Sniffer attack
  • C. Cryptographic attack
  • D. FMS attack

Answer: A

NEW QUESTION 3

John works as a security manager in Mariotx.Inc. He has been tasked to resolve a network attack issue. To solve the problem, he first examines the critical information about the attacker's interaction to the network environment. He prepares a past record and behavioral document of the attack to find a direction of the solution. Then he decides to perform an action based on the previous hypothesis and takes the appropriate action against the attack. Which of the following strategies has John followed?

  • A. Maneuver warfare
  • B. Control theory
  • C. SWOT Analysis
  • D. OODA loop

Answer: D

NEW QUESTION 4

Which of the following processes is described in the statement below?
"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

  • A. Perform Quantitative Risk Analysis
  • B. Perform Qualitative Risk Analysis
  • C. Monitor and Control Risks
  • D. Identify Risks

Answer: C

NEW QUESTION 5

You work as a Software Developer for Mansoft Inc. You have participated in the customization of a previously developed Configuration Management Application Block (CMAB) that manages an application configuration setting in multiple data stores. Based on requirements, you have extended the CMAB to read and write configuration data to and from an Oracle database. You need to create a unit test strategy. Which of the following steps would you include in a unit test of the CMAB?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Perform White box testing
  • B. Regression test the existing functionality
  • C. Execute Use cases of the application
  • D. Perform Stress testing
  • E. Review the implementation

Answer: ABE

NEW QUESTION 6

Which of the following is a correct sequence of different layers of Open System Interconnection (OSI) model?

  • A. Physical layer, data link layer, network layer, transport layer, presentation layer, session layer, and application layer
  • B. Physical layer, network layer, transport layer, data link layer, session layer, presentation layer, and application layer
  • C. application layer, presentation layer, network layer, transport layer, session layer, data link layer, and physical layer
  • D. Physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer

Answer: D

NEW QUESTION 7

Which of the following statements is not true about a digital certificate?

  • A. It is used with both public key encryption and private key encryption.
  • B. It is used with private key encryption.
  • C. It is neither used with public key encryption nor with private key encryption.
  • D. It is used with public key encryption.

Answer: D

NEW QUESTION 8

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Cookies folder
  • B. Temporary Internet Folder
  • C. Download folder
  • D. History folder

Answer: ABD

NEW QUESTION 9

Which of the following are some of the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk identification
  • B. Project schedule
  • C. Team members list
  • D. Risk analysis

Answer: ABC

NEW QUESTION 10

Which of the following devices or hardware parts employs SMART model system as a monitoring system?

  • A. Modem
  • B. RAM
  • C. Hard disk
  • D. IDS

Answer: C

NEW QUESTION 11

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

  • A. Corrective controls
  • B. Detective controls
  • C. Safeguards
  • D. Preventive controls

Answer: A

NEW QUESTION 12

Which of the following types of virus is capable of changing its signature to avoid detection?

  • A. Stealth virus
  • B. Boot sector virus
  • C. Macro virus
  • D. Polymorphic virus

Answer: D

NEW QUESTION 13

You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of _____.

  • A. Bribery
  • B. Irresponsible practice
  • C. Illegal practice
  • D. Conflict of interest

Answer: D

NEW QUESTION 14

Which of the following books is used to examine integrity and availability?

  • A. Brown Book
  • B. Red Book
  • C. Purple Book
  • D. Orange Book

Answer: B

NEW QUESTION 15

Which of the following are the goals of the cryptographic systems? Each correct answer represents a complete solution. Choose three.

  • A. Availability
  • B. Authentication
  • C. Confidentiality
  • D. Integrity

Answer: BCD

NEW QUESTION 16

You are hired by Techmart Inc. to upgrade its existing network. You have prepared a case study for planning the network.
According to your study, how many domains are required to setup the network of Techmart Inc.?
(Click the Exhibit button on the toolbar to see the case study.)

  • A. Two
  • B. Four
  • C. Three
  • D. One

Answer: D

NEW QUESTION 17

Which of the following best describes the identification, analysis, and ranking of risks?

  • A. Design of experiments
  • B. Fast tracking
  • C. Fixed-price contracts
  • D. Plan Risk management

Answer: D

NEW QUESTION 18

Which of the following statements about a brute force attack is true?

  • A. It is a program that allows access to a computer without using security checks.
  • B. It is an attack in which someone accesses your e-mail server and sends misleading information to others.
  • C. It is a virus that attacks the hard drive of a computer.
  • D. It is a type of spoofing attack.
  • E. It is an attempt by an attacker to guess passwords until he succeeds.

Answer: E

NEW QUESTION 19

Which of the following provide data confidentiality services by encrypting the data sent between wireless systems?
Each correct answer represents a complete solution. Choose two.

  • A. MS-CHAP v2
  • B. WEP
  • C. PAP
  • D. WPA

Answer: BC

NEW QUESTION 20

Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company's network. Which of the following statements are true about the Black Box penetration testing?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Black box testing provides the testers with complete knowledge of the infrastructure to be tested.
  • B. Black box testing simulates an attack from someone who is unfamiliar with the system.
  • C. Black box testing simulates an attack from someone who is familiar with the system.
  • D. Black box testing assumes no prior knowledge of the infrastructure to be tested.

Answer: BC

NEW QUESTION 21
......

100% Valid and Newest Version GISF Questions & Answers shared by Dumpscollection.com, Get Full Dumps HERE: https://www.dumpscollection.net/dumps/GISF/ (New 333 Q&As)