GISF Online Practice Questions and Answers

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

A. Cross-Site Request Forgery

B. Code injection attack

C. Cross-Site Scripting attack

D. Command injection attack

Which of the following algorithms produce 160-bit hash values? Each correct answer represents a complete solution. Choose two.

A. MD2

B. MD5

C. SHA-1

D. SHA-0

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

A. F936.28A1.5BCD.DEFA

B. A3-07-B9-E3-BC-F9

C. 1011-0011-1010-1110-1100-0001

D. 132.298.1.23

You work as a Network Administrator for McRoberts Inc. You are required to upgrade a client computer on the company's network to Windows Vista Ultimate. During installation, the computer stops responding, and the screen does not change. What is the most likely cause?

A. Antivirus software is running on the computer.

B. You have provided an improper product key.

C. The computer is running a driver that is incompatible with Vista.

D. The computer has a hardware device that is incompatible with Vista.

Which of the following refers to encrypted text?

A. Plaintext

B. Cookies

C. Ciphertext

D. Hypertext

Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company's network. Which of the following statements are true about the Black Box penetration testing? Each correct answer represents a complete solution. Choose all that apply.

A. Black box testing provides the testers with complete knowledge of the infrastructure to be tested.

B. Black box testing simulates an attack from someone who is unfamiliar with the system.

C. Black box testing simulates an attack from someone who is familiar with the system.

D. Black box testing assumes no prior knowledge of the infrastructure to be tested.

You want to install a server that can be accessed by external users. You also want to ensure that these users cannot access the rest of the network. Where will you place the server?

A. Intranet

B. Local Area Network

C. Internet

D. Demilitarized Zone

E. Extranet

F. Wide Area Network

Mark works as a Network Administrator for NetTech Inc. The network uses routers from multiple vendors. Mark wants to implement a routing protocol on the company's network that provides VLSM support, scalability and minimal overhead on the network. Which of the following protocols will Mark use to fulfill the requirements?

A. RIPv1

B. EIGRP

C. CDP

D. OSPF

Which of the following types of firewalls forms a session flow table?

A. Proxy server firewall

B. Packet filtering firewall

C. Stateless packet filtering firewall

D. Stateful packet filtering firewall

The IT Director of the company is very concerned about the security of the network. Which audit policy should he implement to detect possible intrusions into the network? (Click the Exhibit button on the toolbar to see the case study.)

A. The success and failure auditing for policy change.

B. The success and failure auditing for process tracking.

C. The success and failure auditing for logon events.

D. The success and failure auditing for privilege use.