GISP Exam, Free Questions and Answers, Page 1

Question 1

Which of the following is a technique used to attack an Ethernet wired or wireless network?

A. DNS poisoning
B. Keystroke logging
C. Mail bombing
D. ARP poisoning

Answer:

D

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 2

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the
browser's address bar, you are able to access the site. But, you are unable to access the site when
you enter http://www.PassGuide.com. What is the most likely cause?

A. The site's Web server has heavy traffic.
B. WINS server has no NetBIOS name entry for the server.
C. DNS entry is not available for the host name.
D. The site's Web server is offline.

Answer:

C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 3

Identify whether the given statement is true or false.
"Replay attack is a type of attack in which attackers capture packets containing passwords or digital
signatures whenever packets pass between two hosts on a network."

A. False
B. True

Answer:

B

User Votes:

A

50%

B

50%

Discussions

0 / 1000

Question 4

The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from
children under __ years of age without verifiable permission of a parent?

A. 15
B. 13
C. 10
D. 21
E. 18

Answer:

B

User Votes:

A

50%

B

50%

C

50%

D

50%

E

50%

Discussions

vote your answer:

A

B

C

D

E

0 / 1000

Question 5

Which of the following law does not protect intellectual property?

A. Murphy's law
B. Patent law
C. Trademark
D. Copyright

Answer:

A

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 6

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

A. Single Loss Expectancy x Annualized Rate of Occurrence
B. ALE before implementing safeguard + ALE after implementing safeguard + annual cost of safeguard
C. ALE before implementing safeguard - ALE after implementing safeguard - annual cost of safeguar
D. Asset Value x Exposure factor

Answer:

D

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 7

Which of the following is not a level of military data-classification system?

A. Unclassified
B. Normal
C. Confidential
D. Top secret

Answer:

B

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 8

Which of the following statements about DES (Data Encryption Standard) is true?

A. Its most widely used symmetric encryption algorithm uses a 56-bit key.
B. Its most widely used symmetric encryption algorithm uses a 32-bit key.
C. Its most widely used symmetric encryption algorithm uses a 128-bit key.
D. Its most widely used symmetric encryption algorithm uses a 64-bit key.

Answer:

A

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 9

A ________ attack occurs when an attacker successfully inserts an intermediary software or program
between two communicating hosts.

A. Man-in-the-middle
B. Brute force
C. Denial of Service (DoS)
D. Dictionary

Answer:

A

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 10

Which of the following acts as an intermediary between a user on the internal network and a service
on the external network such as the Internet?

A. DNS server
B. Firewall
C. Proxy server
D. WINS server

Answer:

C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 11

Which of the following should propose applicable and effective security controls for managing the
risks?

A. Risk assessment
B. Risk treatment plan
C. Risk communication
D. Risk management plan

Answer:

D

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 12

Which of the following groups represents the most likely source of an asset loss through the
inappropriate use of computers?

A. Visitors
B. Customers
C. Employees
D. Hackers

Answer:

C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 13

Which of the following protocols implements VPN using IPSec?

A. L2TP
B. SLIP
C. PPP
D. PPTP

Answer:

A

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 14

Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.

A. Building Risk free systems
B. Risk control
C. Risk identification
D. Assuring the integrity of organizational data

Answer:

B,C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 15

Which of the following entities is used by Routers and firewalls to determine which packets should
be forwarded or dropped?

A. Rootkit
B. Backdoor
C. Access control list
D. Rainbow table

Answer:

C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

giac GISP Exam Questions

Page 1 out of 45. Viewing questions 1-15 out of 669

Question 1

Answer:

User Votes:

Question 2

Answer:

User Votes:

Question 3

Answer:

User Votes:

Question 4

Answer:

User Votes:

Question 5

Answer:

User Votes:

Question 6

Answer:

User Votes:

Question 7

Answer:

User Votes:

Question 8

Answer:

User Votes:

Question 9

Answer:

User Votes:

Question 10

Answer:

User Votes:

Question 11

Answer:

User Votes:

Question 12

Answer:

User Votes:

Question 13

Answer:

User Votes:

Question 14

Answer:

User Votes:

Question 15

Answer:

User Votes: