PDF Only
$35.00 Free Updates Upto 90 Days
- GSEC Dumps PDF
- 385 Questions
- Updated On May 13, 2024
PDF + Test Engine
$60.00 Free Updates Upto 90 Days
- GSEC Question Answers
- 385 Questions
- Updated On May 13, 2024
Test Engine
$50.00 Free Updates Upto 90 Days
- GSEC Practice Questions
- 385 Questions
- Updated On May 13, 2024
How to pass GIAC GSEC exam with the help of dumps?
DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest GIAC GSEC Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.
How Do I Know GIAC GSEC Dumps are Worth it?
Did we mention our latest GSEC Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.
You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just GIAC Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!
IT Students Are Using our GIAC Security Essentials Dumps Worldwide!
It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using GIAC Security Essentials Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.
How to Get GSEC Real Exam Dumps?
Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the GSEC exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!
Question # 1
John works as a Network Administrator for Perfect Solutions Inc. The company has aLinux-based network. John is working as a root user on the Linux operating system. He iscurrently working on his C based new traceroute program. Since, many processes arerunning together on the system, he wants to give the highest priority to the cc commandprocess so that he can test his program, remove bugs, and submit it to the office in time.Which of the following commands will John use to give the highest priority to the cccommand process?
A. nice -n 19 cc -c *.c &
B. nice cc -c *.c &
C. nice -n -20 cc -c *.c &
D. nice cc -c *.c
Question # 2
What is the unnoticed theft of sensitive data from a laptop owned by an organization's CEOan example of in information warfare?
A. Non-zero sum game
B. Win-win situation
C. Zero-sum game
D. Symmetric warfare
Question # 3
What type of malware is a self-contained program that has the ability to copy itself withoutparasitically infecting other host code?
A. Trojans
B. Boot infectors
C. Viruses
D. Worms
Question # 4
It is possible to sniff traffic from other hosts on a switched Ethernet network byimpersonating which type of network device?
A. Switch
B. Bridge
C. Hub
D. Router
Question # 5
Your organization has broken its network into several sections/segments, which areseparated by firewalls, ACLs and VLANs. The purpose is to defend segments of thenetwork from potential attacks that originate in a different segment or that attempt to spreadacross segments.This style of defense-in-depth protection is best described as which of the following?
A. Uniform protection
B. Protected enclaves
C. Vector-oriented
D. Information-centric
Question # 6
Which of the following statements about the authentication concept of information securitymanagement is true?
A. It ensures the reliable and timely access to resources.
B. It ensures that modifications are not made to data by unauthorized personnel or processes.
C. It determines the actions and behaviors of a single individual within a system, andidentifies that particular individual.
D. It establishes the users' identity and ensures that the users are who they say they are.
Question # 7
Against policy, employees have installed Peer-to-Peer applications on their workstationsand they are using them over TCP port 80 to download files via the company network fromother Peer-to-Peer users on the Internet. Which of the following describes this threat?
A. Firewall subversion
B. Backdoor installation
C. Malicious software infection
D. Phishing attempt
Question # 8
Which of the following TCP packet flags indicates that host should IMMEDIATELYterminate the connection containing the packet?
A. FIN
B. URG
C. SYN
D. RST
Question # 9
How is a Distributed Denial of Service (DDOS) attack distinguished from a regular DOSattack?
A. DDOS attacks are perpetrated by many distributed hosts.
B. DDOS affects many distributed targets.
C. Regular DOS focuses on a single router.
D. DDOS affects the entire Internet.
Question # 10
Which of the following works at the network layer and hides the local area network IPaddress and topology?
A. Network address translation (NAT)
B. Hub
C. MAC address
D. Network interface card (NIC)
Question # 11
Which of the following hardware devices prevents broadcasts from crossing over subnets?
A. Bridge
B. Hub
C. Router
D. Modem
Question # 12
Which of the following tools is also capable of static packet filtering?
A. netstat.exe
B. ipsecpol.exe
C. ipconfig.exe
D. net.exe
Question # 13
Which of the following statements about policy is FALSE?
A. A well-written policy contains definitions relating to "what" to do.
B. A well-written policy states the specifics of "how" to do something.
C. Security policy establishes what must be done to protect information stored on computers.
D. Policy protects people who are trying to do the right thing.
Question # 14
Your CIO has found out that it is possible for an attacker to clone your company's RFID(Radio Frequency ID) based key cards. The CIO has tasked you with finding a way toensure that anyone entering the building is an employee. Which of the followingauthentication types would be the appropriate solution to this problem?
A. Mandatory Access Controls
B. Bell-LaPadula
C. Two-Factor
D. TACACS
Question # 15
What is the following sequence of packets demonstrating?
A. telnet.com.telnet > client.com.38060: F 4289:4289(0) ack 92 win 1024
B. client.com.38060 > telnet.com.telnet: .ack 4290 win 8760 (DF)
C. client.com.38060 > telnet.com.telnet: F 92:92(0) ack 4290 win 8760 (DF)
D. telnet.com.telnet > client.com.38060: .ack 93 win 1024
Question # 16
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227in the browser's address bar, you are able to access the site. But, you are unable to accessthe site when you enter http://www.uCertify.com. What is the most likely cause?
A. DNS entry is not available for the host name.
B. The site's Web server is offline.
C. The site's Web server has heavy traffic.
D. WINS server has no NetBIOS name entry for the server.
Question # 17
You work as a Network Administrator for McNeil Inc. The company has a Linux-basednetwork. David, a Sales Manager, wants to know the name of the shell that he is currentlyusing. Which of the following commands will he use to accomplish the task?
A. mv $shell
B. echo $shell
C. rm $shell
D. ls $shell
Question # 18
When trace route fails to get a timely response for a packet after three tries, which actionwill it take?
A. It will print '* * *' for the attempts and increase the maximum hop count by one.
B. It will exit gracefully, and indicate to the user that the destination is unreachable.
C. It will increase the timeout for the hop and resend the packets.
D. It will print '* * *' for the attempts, increment the TTL and try again until the maximum hop count.
Question # 19
You work as an Administrator for McRoberts Inc. The company has a Linux-based network.You are logged in as a non-root user on your client computer. You want to delete all filesfrom the /garbage directory. You want that the command you will use should prompt for theroot user password. Which of the following commands will you use to accomplish the task?
A. rm -rf /garbage*
B. del /garbage/*.*
C. rm -rf /garbage* /SU
D. su -c "RM -rf /garbage*"
Question # 20
For most organizations, which of the following should be the highest priority when it comesto physical security concerns?
A. Controlling ingress and egress
B. Controlling access to workstations
C. Ensuring employee safety
D. Controlling access to servers
E. Protecting physical assets
Question # 21
Validating which vulnerabilities in a network environment are able to be exploited by anattacker is called what?
A. Anomaly detection
B. Vulnerability scanning
C. Perimeter assessment
D. Penetration testing
Question # 22
Which of the following is the reason of using Faraday cage?
A. To prevent Denial-of-Service (DoS) attack
B. To prevent shoulder surfing
C. To prevent mail bombing
D. To prevent data emanation
Question # 23
You have been hired to design a TCP/IP-based network that will contain both Unix andWindows computers. You are planning a name resolution strategy. Which of the followingservices will best suit the requirements of the network?
A. APIPA
B. LMHOSTS
C. DNS
D. DHCP
E. WINS
Question # 24
Which of the following is a private, RFC 1918 compliant IP address that would be assignedto a DHCP scope on a private LAN?
A. 127.0.0.100
B. 169.254.1.50
C. 10.254.1.50
D. 172.35.1.100
Question # 25
You are responsible for a Microsoft based network. Your servers are all clustered. Which ofthe following are the likely reasons for the clustering?Each correct answer represents a complete solution. Choose two.
A. Reduce power consumption
B. Ease of maintenance
C. Load balancing
D. Failover
Question # 26
Your customer wants to make sure that only computers he has authorized can get on hisWi-Fi. What is the most appropriate security measure you can recommend?
A. A firewall
B. WPA encryption
C. WEP encryption
D. Mac filtering
Question # 27
Which Windows event log would you look in if you wanted information about whether or nota specific diver was running at start up?
A. Application
B. System
C. Startup
D. Security
Question # 28
What is a security feature available with Windows Vista and Windows 7 that was notpresent in previous Windows operating systems?
A. Data Execution Prevention (DEP)
B. User Account Control (UAC)
C. Encrypting File System (EFS)
D. Built-in IPSec Client
Question # 29
What type of formal document would include the following statement?Employees are responsible for exercising good judgment regarding the reasonableness ofpersonal use. Individual departments are responsible for creating guidelines concerningpersonal application of Internet/Intranet/Extranet systems. In the absence of such policies,employees should be guided by departmental policies, and if there is any uncertainty,employees should consult their supervisor or manager.
A. Company privacy statement
B. Remote access policy
C. Acceptable use policy
D. Non-disclosure agreement
Question # 30
Which of the following commands is used to change file access permissions in Linux?
A. chgrp
B. chperm
C. chmod
D. chown
Question # 31
Which type of risk assessment results are typically categorized as low, medium, or highrisk events?
A. Technical
B. Qualitative
C. Management
D. Quantitative
Question # 32
Which of the following is a required component for successful 802.lx networkauthentication?
A. Supplicant
B. 3rd-party Certificate Authority
C. Ticket Granting Server (TGS)
D. IPSec
Question # 33
Which of the following statements about Secure Sockets Layer (SSL) are true? Eachcorrect answer represents a complete solution. Choose two.
A. It provides communication privacy, authentication, and message integrity.
B. It provides mail transfer service.
C. It uses a combination of public key and symmetric encryption for security of data.
D. It provides connectivity between Web browser and Web server.
Question # 34
A new data center is being built where customer credit information will be processed andstored. Which of the following actions will help maintain the confidentiality of the data?
A. Environmental sensors in the server room
B. Access control system for physical building
C. Automated fire detection and control systems
D. Frequent off-site backup of critical databases
Question # 35
Included below is the output from a resource kit utility run against local host. Which command could have produced this output?
A. Schtasks
B. Task kill
C. SC
D. Task list
Question # 36
IPS devices that are classified as "In-line NIDS" devices use a combination of anomalyanalysis, signature-based rules, and what else to identify malicious events on the network?
A. Firewall compatibility rules
B. Application analysis
C. ICMP and UDP active scanning
D. MAC address filtering
Question # 37
Which of the following should be implemented to protect an organization from spam?
A. Auditing
B. System hardening
C. E-mail filtering
D. Packet filtering
Question # 38
Which of the following is NOT a recommended best practice for securing Terminal Servicesand Remote Desktop?
A. Require TLS authentication and data encryption whenever possible.
B. Make sure to allow all TCP 3389 traffic through the external firewall.
C. Group Policy should be used to lock down the virtual desktops of thin-client users.
D. Consider using IPSec or a VPN in addition to the RDP encryption if you are concernedabout future RDP vulnerabilities.
Question # 39
What protocol is a WAN technology?
A. 802.11
B. 802.3
C. Ethernet
D. Frame Relay
Question # 40
Which of the following are examples of Issue-Specific policies all organizations shouldaddress?
A. Perimeter filtering guides, break times for employees, desktop neatness and backup procedures.
B. Rogue wireless access points, auditing, break time for employees and organizational structure.
C. Audit logs, physical access, mission statements and network protocols used.
D. Backup requirements, employee monitoring, physical access and acceptable use.
Question # 41
Which choice best describes the line below?alert tcp any any -> 192.168.1.0/24 80 (content: /cgi-bin/test.cgi"; msg: "Attempted CGI-BIN Access!!";)
A. Tcpdump filter
B. IP tables rule
C. Wire shark filter
D. Snort rule
Question # 42
What does the "x" character in the second field of the user account record of the/etc/passwd file indicate?
A. The user account is using a shadow password.
B. The user account is shared by more than one user.
C. The user account is disabled.
D. The user account does not exist.
Question # 43
When considering ingress filtering, why should all inbound packets be dropped if theycontain a source address from within the protected network address space?
A. The packets are probably corrupted.
B. The packets may have been accidentally routed onto the Internet.
C. The packets may be deliberately spoofed by an attacker.
D. The packets are a sign of excess fragmentation.
E. A and B
F. B and C
G. B and D
H. A and D
Question # 44
Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) aretrue? Each correct answer represents a complete solution. Choose two.
A. It uses TCP port 443 as the default port.
B. It is a protocol used in the Universal Resource Locater (URL) address line to connect toa secure site.
C. It is a protocol used to provide security for a database server in an internal network.
D. It uses TCP port 80 as the default port.
Question # 45
During which of the following steps is the public/private key-pair generated for Public KeyInfrastructure (PKI)?
A. Key Recovery
B. Initialization
C. Registration
D. Certification
Question # 46
Which of the following applications cannot proactively detect anomalies related to acomputer?
A. Firewall installed on the computer
B. NIDS
C. HIDS
D. Anti-virus scanner
Question # 47
Which of the following quantifies the effects of a potential disaster over a period of time?
A. Risk Assessment
B. Business Impact Analysis
C. Disaster Recovery Planning
D. Lessons Learned
Question # 48
What is the key difference between Electronic Codebook mode and other block ciphermodes like Cipher Block Chaining, Cipher-Feedback and Output-Feedback?
A. Plaintext patterns are concealed by XO Ring with previous cipher text block but input tothe block cipher is not randomized.
B. Plaintext patterns are concealed and input to the block cipher is randomized by XO Ringwith previous cipher text block.
C. Plaintext patterns encrypted with the same key will always generate the same Cipher text pattern
D. Plaintext patterns are not concealed but input to the block cipher is randomized by XORing with previous cipher text block.
Question # 49
At what point in the Incident Handling process should an organization determine itsapproach to notifying law enforcement?
A. When performing analysis
B. When preparing policy
C. When recovering from the incident
D. When reacting to an incident
Question # 50
Which of the following authentication methods are used by Wired Equivalent Privacy(WEP)? Each correct answer represents a complete solution. Choose two.
A. Anonymous authentication
B. Mutual authentication
C. Open system authentication
D. Shared key authentication
Question # 51
Which of the following BEST describes the two job functions of Microsoft Baseline SecurityAnalyzer (MBSA)?
A. Vulnerability scanner and auditing tool
B. Auditing tool and alerting system
C. Configuration management and alerting system
D. Security patching and vulnerability scanner
Question # 52
You ask your system administrator to verify user compliance with the corporate policies onpassword strength, namely that all passwords will have at least one numeral, at least oneletter, at least one special character and be 15 characters long. He comes to you with a setof compliance tests for use with an offline password cracker. They are designed to examinethe following parameters of the password:* they contain only numerals* they contain only letters* they contain only special characters* they contain only letters and numerals" they contain only letters and special characters* they contain only numerals and special charactersOf the following, what is the benefit to using this set of tests?
A. They are focused on cracking passwords that use characters prohibited by thepassword policy
B. They find non-compliant passwords without cracking compliant passwords.
C. They are focused on cracking passwords that meet minimum complexity requirements
D. They crack compliant and non-compliant passwords to determine whether the currentpolicy is strong enough
Question # 53
Which of the following is referred to as Electromagnetic Interference (EMI)?
A. Electrical line noise
B. Spike
C. Transient
D. Brownout
Question # 54
Which of the following elements is the most important requirement to ensuring the successof a business continuity plan?
A. Disaster Recover Plans
B. Anticipating all relevant threats
C. Executive buy-in
D. Clearly defining roles and responsibilities
E. Training
Question # 55
Which of the following heights of fence deters only casual trespassers?
A. 8 feet
B. 2 to 2.5 feet
C. 6 to 7 feet
D. 3 to 4 feet
Question # 56
When Net Stumbler is initially launched, it sends wireless frames to which of the followingaddresses?
A. Broadcast address
B. Default gateway address
C. Subnet address
D. Network address
Question # 57
Which of the following is a Layer 3 device that will typically drop directed broadcast traffic?
A. Hubs
B. Bridges
C. Routers
D. Switches
Question # 58
Which of the following systems acts as a NAT device when utilizing VMware in NAT mode?
A. Guest system
B. Local gateway
C. Host system
D. Virtual system
Question # 59
Which of the following utilities provides an efficient way to give specific users permission touse specific system commands at the root level of a Linux operating system?
A. Snort
B. Apache
C. SSH
D. SUDO
Question # 60
Which of the following protocols describes the operation of security In H.323?
A. H.239
B. H.245
C. H.235
D. H.225
Question # 61
Which of the following is required to be backed up on a domain controller to recover ActiveDirectory?
A. System state data
B. Operating System files
C. User's personal data
D. Installed third party application's folders
Question # 62
Which of the following fields CANNOT be hashed by Authentication Header (AH) intransport mode?
A. Length
B. Source IP
C. TTL
D. Destination IP
Question # 63
Which of the following statements would describe the term "incident" when used in thebranch of security known as Incident Handling?
A. Any observable network event
B. Harm to systems
C. Significant threat of harm to systems
D. A and C
E. A, B, and C
F. B and C
G. A and B
Question # 64
Two clients connecting from the same public IP address (for example - behind the sameNAT firewall) can connect simultaneously to the same web server on the Internet, providedwhat condition is TRUE?
A. The server is not using a well-known port.
B. The server is on a different network.
C. The client-side source ports are different.
D. The clients are on different subnets.
Question # 65
What is the most secure way to address an unused Windows service so it cannot beexploited by malware?
A. Firewall it
B. Set to manual startup
C. Disable it
D. Uninstall it
Question # 66
Which of the following statements about Microsoft's VPN client software is FALSE?
A. The VPN interface can be figured into the route table.
B. The VPN interface has the same IP address as the interface to the network it's been specified to protect.
C. The VPN client software is built into the Windows operating system.
D. The VPN tunnel appears as simply another adapter.
Question # 67
A folder D:\Files\Marketing has the following NTFS permissions:• Administrators: Full Control• Marketing: Change and Authenticated• Users: ReadIt has been shared on the server as "MARKETING", with the following share permissions:• Full Control share permissions for the Marketing groupWhich of the following effective permissions apply if a user from the Sales group accessesthe \\FILESERVER\MARKETING shared folder?
A. No access
B. Full Control
C. Read
D. Change
Question # 68
Your system has been infected by malware. Upon investigation, you discover that themalware propagated primarily via email. The malware attacked known vulnerabilities forwhich patches are available, but due to problems with your configuration managementsystem you have no way to know which systems have been patched and which haven't,slowing your progress in patching your network. Of the following, which solution would youuse to protect against this propagation vector?
A. Encrypt the emails on the server
B. Scan and block suspect email attachments at the email server
C. Install a firewall between the email server and the Internet
D. Separate the email server from the trusted portions of the network
Question # 69
What is the name of the registry key that is used to manage remote registry sharepermissions for the whole registry?
A. regkey
B. regmng
C. winreg
D. rrsreg
Question # 70
Which of the following SIP INVITE lines indicates to the remote registrar the VoIP phonethat initiated the call?
A. Via
B. To
C. From-Agent
D. User-Agent
Question # 71
What is the name of the command-line tool for Windows that can be used to manage auditpolicies on remote systems?
A. SECEDTT.EXE
B. POLCLI.EXE
C. REMOTEAUDIT.EXE
D. AUDITPOL.EXE
Question # 72
An employee attempting to use your wireless portal reports receiving the error shown below. Which scenario is occurring?
A. A denial-of-service attack is preventing a response from the portal.
B. Another access point is deauthenticating legitimate clients.
C. The encrypted data is being intercepted and decrypted.
D. Another access point is attempting to intercept the data.
Question # 73
Which of the following statements best describes where a border router is normally placed?
A. Between your firewall and your internal network
B. Between your firewall and DNS server
C. Between your ISP and DNS server
D. Between your ISP and your external firewall
Question # 74
You work as a Network Administrator for Rick International. The company has a TCP/IPbased network. A user named Kevin wants to set an SSH terminal at home to connect tothe company's network. You have to configure your company's router for it. By default,which of the following standard ports does the SSH protocol use for connection?
A. 443
B. 22
C. 21
D. 80
Question # 75
Which of the following is a benefit to utilizing Cygwin for Windows?
A. The ability to install a complete Red Hat operating system Install on Windows.
B. The ability to bring much more powerful scripting capabilities to Windows.
C. The ability to run a production Apache server.
D. The ability to install a complete Ubuntu operating system install on Windows.
Question # 76
You have set up a local area network for your company. Your firewall separates yournetwork into several sections: a DMZ with semi-public servers (web, dns, email) and anintranet with private servers. A penetration tester gains access to both sections and installssniffers in each. He is able to capture network traffic for all the devices in the privatesection but only for one device (the device with the sniffer) in the DMZ. What can beinferred about the design of the system?
A. You installed a router in the private section and a switch in the DMZ
B. You installed a hub in the private section and a switch in the DMZ
C. You installed a switch in the private section and a hub in the DMZ
D. You installed a switch in the private section and a router in the DMZ
Question # 77
How many bytes does it take to represent the hexadecimal value OxFEDCBA?
A. 12
B. 2
C. 3
D. 6
