How Many Questions Of GSNA Free Dumps

It is more faster and easier to pass the GIAC GSNA exam by using Realistic GIAC GIAC Systems and Network Auditor questuins and answers. Immediate access to the Leading GSNA Exam and find the same core area GSNA questions with professionally verified answers, then PASS your exam with a high score now.

Online GSNA free questions and answers of New Version:

NEW QUESTION 1

Which of the following responsibilities does not come under the audit process?

  • A. Reporting all facts and circumstances of the irregular and illegal acts.
  • B. Planning the IT audit engagement based on the assessed level of risk.
  • C. Reviewing the results of the audit procedures.
  • D. Applying security policies.

Answer: ABC

Explanation:

According to the standards of ISACA, an auditor should hold the following responsibilities: Planning the IT audit engagement based on an assessed level of risk. Designing audit procedures of irregular and illegal acts. Reviewing the results of the audit procedures. Assuming that acts are not isolated. Determining why the internal control system failed for that act. Conducting additional audit procedures. Evaluating the results of the expanded audit procedures. Reporting all facts and circumstances of the irregular and illegal acts. Distributing the report to the appropriate internal parties, such as managers. Answer D is incorrect. The auditor is not responsible for applying security policies.

NEW QUESTION 2

Which of the following statements are true about the Enum tool?

  • A. It uses NULL and User sessions to retrieve user lists, machine lists, LSA policy information, etc.
  • B. It is capable of performing brute force and dictionary attacks on individual accounts of Windows NT/2000.
  • C. One of the countermeasures against the Enum tool is to disable TCP port 139/445.
  • D. It is a console-based Win32 information enumeration utility.

Answer: ABCD

Explanation:

Enum is a console-based Win32 information enumeration utility. It uses null sessions to retrieve user lists, machine lists, share lists, name lists, group and member lists, passwords, and LSA policy information. It is also capable of performing brute force and dictionary attacks on individual accounts. Since the Enum tool works on the NetBIOS NULL sessions, disabling the NetBIOS port can be a good countermeasure against the Enum tool.

NEW QUESTION 3

Pervasive IS controls can be used across all the internal departments and external contractors to define the direction and behavior required for the technology to function properly. When these controls are implemented properly, which of the following areas show the reliability improvement? (Choose three)

  • A. Hardware development
  • B. Software development
  • C. Security administration
  • D. Disaster recovery

Answer: BCD

Explanation:

Pervasive IS controls can be used across all the internal departments and external contractors. If the Pervasive IS controls are implemented properly, it improves the reliability of the following: Software development System implementation Overall service delivery Security administration Disaster recovery Business continuity planning Answer A is incorrect. Pervasive IS controls do not have any relation with the reliability of the hardware development.

NEW QUESTION 4

You want to record auditing information in the SYS.AUD$ table, and also want to record SQL bind variables as well as the SQL text in the audit trail. Which of the following statements will accomplish this task?

  • A. ALTER SYSTEM SET AUDIT_TRAIL = DB, XML SCOPE=SPFILE;
  • B. ALTER SYSTEM SET AUDIT_TRAIL = 'DB, EXTENDED' SCOPE=SPFILE;
  • C. ALTER SYSTEM SET AUDIT_TRAIL = 'DB','EXTENDED' SCOPE=SPFILE;
  • D. ALTER SYSTEM SET AUDIT_TRAIL = DB, EXTENDED SCOPE=SPFILE;
  • E. ALTER SYSTEM SET AUDIT_FILE_DEST = 'DB, EXTENDED' SCOPE=SPFILE;
  • F. ALTER SYSTEM SET AUDIT_TRAIL = DB, EXTENDED SCOPE=BOTH;

Answer: CD

Explanation:

The initialization parameter AUDIT_TRAIL is used to specify the kind of auditing that needs to be performed, as well as the destination where it will be performed. There are three basic values for auditing that are DB, OS, and XML. Specifying DB sends all audit rows to the table SYS.AUD$, OS sends the audit rows to an operating system file, and XML sends the audit rows to an operating system file in the XML format. The location for external audit rows is specified by the AUDIT_FILE_DEST parameter. By adding the EXTENDED parameter for either DB or XML auditing, all SQL bind variables and the text of all SQL commands are included in the audit row. EXTENDED cannot be specified for OS auditing. In addition, NONE can be specified as the value for AUDIT_TRAIL, which will disable all auditing. Answer B is incorrect. DB, EXTENDED in single quotes cannot be specified when setting the AUDIT_TRAIL parameter. Answer E is incorrect. AUDIT_TRAIL must be set to specify the type of auditing. AUDIT_FILE_DEST is used to specify the operating system location for either OS or XML auditing. Answer A is incorrect. DB and XML auditing cannot be specified at the same time and the database must be restarted for the auditing change to go into effect.

NEW QUESTION 5

You work as a Software Developer for UcTech Inc. You want to ensure that a class is informed whenever an attribute is added, removed, or replaced in a session. Which of the following is the event that you will use to accomplish the task?

  • A. HttpSessionBindingEvent
  • B. HttpAttributeEvent
  • C. HttpSessionEvent
  • D. HttpSessionAttributeEvent

Answer: A

Explanation:

To be informed whenever an attribute is added, removed, or replaced in a session, a class must have a method with HttpSessionBindingEvent as its attribute. The HttpSessionBindingEvent class extends the HttpSessionEvent class. The HttpSessionBindingEvent class is used with the following listeners: HttpSessionBindingListener: It notifies the attribute when it is bound or unbound from a session. HttpSessionAttributeListener: It notifies the class when an attribute is bound, unbound, or replaced in a session. The session binds the object by a call to the HttpSession.setAttribute() method and unbinds the object by a call to the HttpSession.removeAttribute() method. Answer C is incorrect. The HttpSessionEvent is associated with the HttpSessionListener interface and HttpSessionActivationListener.

NEW QUESTION 6

Mark implements a Cisco unified wireless network for Tech Perfect Inc. Which functional area of the Cisco unified wireless network architecture includes intrusion detection and prevention?

  • A. Network services
  • B. Wireless clients
  • C. Network unification
  • D. Wireless access points

Answer: A

Explanation:
Network services is the last functional area of the Cisco unified wireless network architecture. This functional area includes the self-depending network, enhanced network support, such as location services, intrusion detection and prevention, firewalls, network admission control, and all other services. Answer C is incorrect. Network unification is a functional area of the Cisco unified wireless network architecture. This functional area includes the following wireless LAN controllers: 1.The 6500 series catalyst switch 2.Wireless services module (WiSM) 3.Cisco wireless LAN controller module (WLCM) 4.Cisco catalyst 3750 series integrated WLC 5.Cisco 4400 series WLC 6.Cisco 2000 series WLC Answer B is incorrect. Wireless clients is a functional area of the Cisco unified wireless network. The client devices are connected to a user. Answer D is incorrect. A wireless access point (WAP) is a device that allows wireless communication devices to connect to a wireless network using Wi-Fi, Bluetooth, or related standards. The WAP usually connects to a wired network, and it can transmit data between wireless devices and wired devices on the network. Each access point can serve multiple users within a defined network area. As people move beyond the range of one access point, they are automatically handed over to the next one. A small WLAN requires a single access point. The number of access points in a network depends on the number of network users and the physical size of the network.

NEW QUESTION 7

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this? (Choose three)

  • A. Configure the authentication type for the wireless LAN to Shared Key
  • B. On each client computer, add the SSID for the wireless LAN as the preferred network
  • C. Install a firewall software on each wireless access point
  • D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points
  • E. Configure the authentication type for the wireless LAN to Open system
  • F. Broadcast SSID to connect to the access point (AP)

Answer: ABD

Explanation:

To configure all the wireless access points and client computers to act in accordance with the company's security policy, Mark will take the following actions: Configure the authentication type for the wireless LAN to Shared Key. Shared Key authentication provides access control. Disable SSID Broadcast and enable MAC address filtering on all the wireless access points. Disabling SSID Broadcast and enabling MAC address filtering will prevent unauthorized wireless client computers from connecting to the access point (AP). Only the computers with particular MAC addresses will be able to connect to the wireless access points. On each client computer, add the SSID for the wireless LAN as the preferred network. Answer E is incorrect. Setting the authentication type for the wireless LAN to Open System will disable Wired Equivalent Privacy (WEP). This level of WEP will not provide security.

NEW QUESTION 8

Which of the following statements are true about locating rogue access points using WLAN discovery software such as NetStumbler, Kismet, or MacStumbler if you are using a Laptop integrated with Wi-Fi compliant MiniPCI card? (Choose two)

  • A. These tools can determine the rogue access point even when it is attached to a wired network.
  • B. These tools can determine the authorization status of an access point.
  • C. These tools cannot detect rogue access points if the victim is using data encryption.
  • D. These tools detect rogue access points if the victim is using IEEE 802.11 frequency bands.

Answer: BD

Explanation:

WLAN discovery software such as NetStumbler, Kismet, or MacStumbler can be used to detect rogue access points if the victim is using IEEE 802 frequency bands. However, if the victim is using non-IEEE 802.11 frequency bands or unpopular modulations, these tools might not detect rogue access. NetStumbler, kismet, or MacStumbler also gives the authorization status of an access point. A Rogue access point (AP) is set up by the attackers in an Enterprise's network. The attacker captures packets in the existing wireless LAN (WLAN) and finds the SSID and security keys (by cracking). Then the attacker sets up his own AP using the same SSID and security keys. The network clients unknowingly use this AP and the attacker captures their usernames and passwords. This can help the attacker to intrude the security and have access to the Enterprise dat Answer A, C are incorrect. The WLAN software such as NetStumbler, Kismet, or MacStumbler can search rogue access points even when the victim is using data encryption. However, these tools cannot determine the rogue access point even when it is attached to a wired network.

NEW QUESTION 9

Samantha works as a Web Developer for XYZ CORP. She is designing a Web site for the company. In a Web page, she uses the HTTP-EQUIV attribute to control the page cache. Which of the following HTTP-EQUIV values controls the page cache in the browser folder?

  • A. Window-target
  • B. Status-code
  • C. Content-type
  • D. Pragma

Answer: D

Explanation:

HTTP-EQUIV is an attribute of the META tag. It sets or retrieves information used to bind the META tag's content to an HTTP response header. The pragma value of HTTP-EQUIV controls the page cache.

NEW QUESTION 10

You work as a Network Administrator for InfraTech Inc. You have been assigned the task of designing the firewall policy for the company. Which of the following statements can be considered acceptable in the 'contracted worker statement' portion of the firewall policy?

  • A. No contractors shall have access to the authorized resources.
  • B. No contractors shall be permitted to scan the network.
  • C. No contractors shall have access to the unauthorized resources.
  • D. No contractors can access FTP unless specifically granted permissions to use it.

Answer: BCD

Explanation:

There are different portions that can be included in the firewall policy. These portions include the acceptable use statement, the network connection statement, the contracted worker statement, and the firewall administrator statement. The contracted worker statement portion of the policy is related to the contracted or the temporary workers. It states the rights and permissions for these workers. Some of the items hat can be included in this portion are as follows: No contractors can use FTP unless specifically granted to use it. No contractors shall have access to TELNET unless specifically granted to use it. No contractors shall have access to unauthorized resources. No contractors shall have access to scan the network. Answer A is incorrect. Only authorized resources should be accessed by the contractors.

NEW QUESTION 11

You work as a Network Administrator for Tech Perfect Inc. You have a laptop running Windows Vista Ultimate. You want to configure Windows Defender on your laptop so that it does not take any action automatically whenever it scans malicious software. Rather, it should recommend the action and wait for your approval for taking any action. Which of the following actions will you take to accomplish the task?

  • A. Clear the Use real-time protection check box in Defender Options
  • B. Clear the Automatically scan my computer check box in Defender Options
  • C. Select the Create a restore point before applying action to detected items check box in Defender Options
  • D. Clear the Apply default actions to items detected during a scan check box in Defender Options.

Answer: D

Explanation:

According to the question, you want to prevent Windows Defender from taking any action automatically during the scanning of your laptop. In order to accomplish this, you will have to clear the Apply default actions to items detected during a scan check box in Defender Options.
GSNA dumps exhibit
If you clear the Apply default actions to items detected during a scan check box, it will result in Windows Defender only recommending an action to take for detected malicious software.

NEW QUESTION 12

In addition to denying and granting access, what other services does a firewall support?

  • A. Network Access Translation (NAT)
  • B. Secondary connections
  • C. Control Internet access based on keyword restriction
  • D. Data caching

Answer: ACD

Explanation:

A firewall is a tool to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Firewalls often have network address translation (NAT) functionality. The hosts protected behind a firewall commonly have addresses in the private address range. Firewalls have such functionality to hide the true address of protected hosts. Firewalls are used by administrators to control Internet access based on keyword restriction. Some proxy firewalls can cache data so that clients can access frequently requested data from the local cache instead of using the Internet connection to request it. This is convenient for cutting down on unnecessary bandwidth consumption. Answer B is incorrect. It is an area where a firewall faces difficulty in securing the network. It is the area where employees make alternate connections to the Internet for their personal use, resulting in useless rendering of the firewall.

NEW QUESTION 13

Choose the benefits of deploying switches over hubs in your infrastructure. (Choose two)

  • A. Layer 2 switches allow for the creation of Virtual LANs providing options for further segmentation and security.
  • B. Switches lower the number of collisions in the environment.
  • C. Switches create an environment best suited for half duplex communication
  • D. This improves network performance and the amount of available bandwidth.
  • E. Layer 2 switches increase the number of broadcast domains in the environment.

Answer: AB

Explanation:

Switches differ from hubs in that they break up Collision Domains. Each port on a switch equals one Collision Domain. Therefore, a switch will lower the number of collisions within the infrastructure. Managed switches typically offer the ability to create Virtual LANs. Virtual LANs allow the switch to create multiple LANs/network segments that are Virtual. This allows the switch to create additional environments where needed.

NEW QUESTION 14

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:
GSNA dumps exhibit
Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

  • A. A protocol rule that allows the use of HTTP has not been created.
  • B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
  • C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
  • D. A protocol rule that allows the use of HTTPS has not been created.

Answer: C

Explanation:

The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to access the Internet. However, to allow users to access secure Web sites, you will have to create an additional packet filter to allow communication on port 443.

NEW QUESTION 15

Which of the following statements are true about data aggregation?

  • A. A common aggregation purpose is to get more information about particular groups based on specific variables.
  • B. Data aggregation cannot be user-based.
  • C. Data aggregation is any process in which information is gathered and expressed in a summary form.
  • D. Online analytic processing (OLAP) is a simple type of data aggregation.

Answer: ACD

Explanation:

Data aggregation is any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis. A common aggregation purpose is to get more information about particular groups based on specific variables such as age, profession, or income. The information about such groups can then be used for Web site personalization to choose content and advertising likely to appeal to an individual belonging to one or more groups for which data has been collected. For example, a site that sells music CDs might advertise certain CDs based on the age of the user and the data aggregate for their age group. Online analytic processing (OLAP) is a simple type of data aggregation in which the marketer uses an online reporting mechanism to process the information. Answer B is incorrect. Data aggregation can be user-based. Personal data aggregation services offer the user a single point for collection of their personal information from other Web sites. The customer uses a single master personal identification number (PIN) to give them access to their various accounts (such as those for financial institutions, airlines, book and music clubs, and so on). Performing this type of data aggregation is sometimes referred to as "screen scraping."

NEW QUESTION 16

You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You have mplemented four VPN connections in the network. You use the Cisco IOS on the network. Which feature will you enable to maintain a separate routing and forwarding table for each VPN?

  • A. Intrusion Prevention System
  • B. VRF-aware firewall
  • C. Virtual Private Network
  • D. Stateful firewall

Answer: B

Explanation:

In this scenario, the company's network has a vast majority of Cisco Systems routers and Cisco network switches. The security administrator of the company has implemented four VPN connections in the network and uses the Cisco IOS on the network. He needs to maintain a separate routing and forwarding table for each VPN in order to provide more secure communication. To accomplish this task, he should enable the VRF- aware firewall feature on the Cisco IOS routers.

NEW QUESTION 17

You want to monitor the network infrastructure of a software-based company. The network infrastructure of the company consists of the following: Windows TCP/IP services Web and mail servers URLs Applications (MS Exchange, SQL etc.) Which of the following network monitoring solutions can you use to accomplish the task?

  • A. Axence nVision
  • B. CommandCenter NOC
  • C. Netmon
  • D. Cymphonix Network Composer

Answer: A

Explanation:

Axence nVision is an advanced solution for a comprehensive network management. It is used to monitor network infrastructure such as Windows, TCP/IP services, web and mail servers, URLs, and applications (MS Exchange, SQL, etc.). It is also used to monitor routers and switches such as network traffic, interface status, and connected computers. It collects the network inventory and audit license usage. It also gives alerts in case of a program installation or any configuration change on a remote node. With the agent, an administrator can easily monitor user activities and can access computers remotely. Answer B is incorrect. CommandCenter NOC is a simple and effective tool that performs network monitoring with a powerful polling engine. It provides polling, Windows and UNIX/Linux server management, intrusion detection, vulnerability scanning, and traffic analysis in an integrated appliance. Answer D is incorrect. Cymphonix Network Composer is a precise Web gateway appliance. It is used to monitor Internet traffic by user, application, and threat. It consists of controls to shape access to Internet resources by user, group, and/or time of day. It also supports anonymous proxy blocking, policy management, and real time monitoring. Answer C is incorrect. Network Monitor (Netmon) is a protocol analyzer. It is used to analyze the network traffic. It is installed by default during the installation of the operating system. It can be installed by using Windows Components Wizard in the Add or Remove Programs tool in Control Panel. Network Monitor is used to perform the following tasks:
* 1. Capture frames directly from the network.
* 2. Display and filter captured frames immediately after capture or a later time.
* 3. Edit captured frames and transmit them on the network.
* 4. Capture frames from a remote computer.

NEW QUESTION 18
......

P.S. Downloadfreepdf.net now are offering 100% pass ensure GSNA dumps! All GSNA exam questions have been updated with correct answers: https://www.downloadfreepdf.net/GSNA-pdf-download.html (368 New Questions)