GCIA | The Update Guide To GCIA Exam

NEW QUESTION 1
You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline. This type of IDS is called __________.

• A. Anomaly Based
• B. Reactive IDS
• C. Passive IDS
• D. Signature Based

Answer: A

NEW QUESTION 2
In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?
Each correct answer represents a complete solution. Choose all that apply.

• A. Dig
• B. Host
• C. NSLookup
• D. DSniff

Answer: ABC

NEW QUESTION 3
Which of the following types of scan does not open a full TCP connection?

• A. ACK scan
• B. FIN scan
• C. Stealth scan
• D. Idle scan

Answer: C

NEW QUESTION 4
Which of the following is the best method of accurately identifying the services running on a victim host?

• A. Use of hit and trial method to guess the services and ports of the victim hos
• B. Use of a port scanner to scan each port to confirm the services runnin
• C. Use of a vulnerability scanner to try to probe each port to verify which service is runnin
• D. Use of the manual method of telnet to each of the open port

Answer: D

NEW QUESTION 5
Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

• A. Stateful firewall
• B. Proxy-based firewall
• C. Packet filter firewall
• D. Endian firewall

Answer: B

NEW QUESTION 6
Which of the following DoS attacks is a multi-tier attack?

• A. Snork Attack
• B. SYN flood
• C. DDoS attack
• D. Smurf attack

Answer: C

NEW QUESTION 7
What is the maximum size of an IP datagram for Ethernet?

• A. 1200 bytes
• B. 1024 bytes
• C. 1500 bytes
• D. 4500 bytes

Answer: C

NEW QUESTION 8
John works as a Network Administrator for Samtech Inc. He has configured CDP on each interface of the router. Which of the following commands should he use to list the number of CDP advertisements?

• A. show interfaces [type number]
• B. show cdp traffic
• C. show interfaces status
• D. show cdp

Answer: B

NEW QUESTION 9
Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

• A. Swatch
• B. IPLog
• C. Timbersee
• D. Snort

Answer: D

NEW QUESTION 10
For a host to have successful Internet communication, which of the following network protocols are required? You should assume that the users will not manually configure the computer in anyway and that the measure of success will be whether the user can access Web sites after powering the computer and logging on.
Each correct answer represents a complete solution. Choose all that apply.

• A. DNS
• B. HTTP/HTTPS
• C. DHCP
• D. NTP

Answer: ABC

NEW QUESTION 11
You are using a Windows-based sniffer named ASniffer to record the data traffic of a network. You have extracted the following IP Header information of a randomly chosen packet from the sniffer's log:
45 00 00 28 00 00 40 00 29 06 43 CB D2 D3 82 5A 3B 5E AA 72
Which of the following TTL decimal values and protocols are being carried by the IP Header of this packet?

• A. 41, UDP
• B. 16, ICMP
• C. 41, TCP
• D. 16, UDP

Answer: C

NEW QUESTION 12
Adam works as a Computer Hacking Forensic Investigator in a law firm. He has been assigned with his first project. Adam collected all required evidences and clues. He is now required to write an investigative report to present before court for further prosecution of the case. He needs guidelines to write an investigative report for expressing an opinion. Which of the following are the guidelines to write an investigative report in an efficient way?
Each correct answer represents a complete solution. Choose all that apply.

• A. All ideas present in the investigative report should flow logically from facts to conclusion
• B. Opinion of a lay witness should be included in the investigative repor
• C. The investigative report should be understandable by any reade
• D. There should not be any assumptions made about any facts while writing the investigative repor

Answer: ACD

NEW QUESTION 13
How many bits does IPv6 use in IP addresses?

• A. 40 bits
• B. 32 bits
• C. 64 bits
• D. 128 bits

Answer: D

NEW QUESTION 14
Which of the following tools is described below?
It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

• A. Dsniff
• B. Libnids
• C. Cain
• D. LIDS

Answer: A

NEW QUESTION 15
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server
2008 network environment. The servers on the network run Windows Server 2008 R2. All client computers on the network run Windows 7 Ultimate. You have configured DirectAccess feature on the laptop of few sales managers so that they can access corporate network from remote locations. Their laptops run Windows 7 Ultimate. Which of the following options does the DirectAccess use to keep data safer while traveling through travels public networks?

• A. IPv6-over-IPsec
• B. IPSec-over-IPv4
• C. VPN
• D. SSL

Answer: A

NEW QUESTION 16
Which of the following is the primary TCP/IP protocol used to transfer text and binary files over the Internet?

• A. PPTP
• B. SNMP
• C. FTP
• D. SMTP

Answer: C

NEW QUESTION 17
......