GPPA Online Practice Questions and Answers

Which of the following tools allows an attacker to intentionally craft the packets to gain unauthorized access?

Each correct answer represents a complete solution. (Choose two.)

A. Tcpdump

B. Ettercap

C. Fragroute

D. Mendax

Which of the following types of Intrusion Detection Systems consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications (binaries, password files, capability/acl databases) and other host activities and state?

A. APIDS

B. PIDS

C. NIDS

D. HIDS

Which of the following modules registers DNAT-based and SNAT-based transformations?

A. iptable_raw

B. iptable_nat

C. iptable_mangle

D. iptable_filter

You work as a Forensic Investigator.

Which of the following rules will you follow while working on a case?

Each correct answer represents a part of the solution. (Choose all that apply.)

A. Follow the rules of evidence and never temper with the evidence.

B. Prepare a chain of custody and handle the evidence carefully.

C. Never exceed the knowledge base of the forensic investigation.

D. Examine original evidence and never rely on the duplicate evidence.

You work as a Network Administrator for a bank. For securing the bank's network, you configure a firewall and an IDS. In spite of these security measures, intruders are able to attack the network. After a close investigation, you find that your IDS is not configured properly and hence is unable to generate alarms when needed.

What type of response is the IDS giving?

A. False Negative

B. False Positive

C. True Positive

D. True Negative

Sam works as a Network Administrator for Gentech Inc. He has been assigned a project to develop the

rules that define the IDP policy in the rulebase.

Which of the following will he define as the components of the IDP policy rule?

Each correct answer represents a complete solution. (Choose all that apply.)

A. IDP Profiler

B. IDP rule notifications

C. IDP rule IP actions

D. IDP appliance deployment mode

The general form of the Cisco IOS is a.b.c.de.

Which of the following indicates the major version number of the Cisco IOS?

A. b

B. a

C. e

D. d

Which of the following commands will you use with the tcpdump command to capture the traffic from a filter stored in a file?

A. tcpdump -F file_name

B. tcpdump -D file_name

C. tcpdump -A file_name

D. tcpdump -X file_name

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network.

What feature of a router would accomplish this?

A. Firewall

B. Port forwarding

C. NAT

D. MAC filtering

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks.

Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. (Choose all that apply.)

A. Y.A.T.

B. Fragroute

C. Whisker

D. Nessus