Prepare for the GIAC Systems and Network Auditor exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.
QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GIAC GSNA exam and achieve success.
In which of the following is absolute size of frames expressed?
Absolute size of frames is expressed in pixels. Size is expressed in terms of the number of pixels in a frame. Therefore, a change in the screen
area of a display device does not affect the absolute frame size of a Web page.
You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to see the local device files or 'links
to device files' for a non-standard device driver. Which of the following Unix configuration files should you use to accomplish the task?
In Unix, the /dev/MAKEDEV file is used by system administrators for local device files or links to device files for a non-standard device driver.
Answer A is incorrect. In Unix, the profile file stores the system wide environment and startup script program.
Answer D is incorrect. In Unix, the /etc/aliases file is where the user's name is matched to a nickname for e-mail.
Answer B is incorrect. In Unix, the /etc/bootptab/ file contains the configuration for the BOOTP server daemon.
You have just taken over as the Network Administrator for a medium sized company. You want to check to see what services are exposed to the outside world. What tool would you use to accomplish this?
A port scanner is often used on the periphery of a network by either administrators or hackers. It will tell you what ports are open. By
determining what ports are open, you know what services are exposed to the outside world. For example, if port 80 is open, then HTTP traffic
is allowed, meaning there should be a Web server on the network.
Answer A is incorrect. Network mappers give a topography of the network, letting you know what is on your network and where it is
connected.
Answer B is incorrect. A protocol analyzer does detect if a given protocol is moving over a particular network segment, thus would
detect services working on that segment. However, a port scanner is a better tool for detecting all the ports that are open.
Answer D is incorrect. Packet sniffers are used to intercept traffic and to detect the contents of that traffic.
John works as a Security Professional. He is assigned a project to test the security of www.we-are-secure.com. John wants to get the information of all network connections and listening ports in the numerical form. Which of the following commands will he use?
According to the scenario, John will use the netstat -an command to accomplish the task. The netstat -an command is used to get the
information of all network connections and listening ports in the numerical form. The netstat command displays protocol-related statistics and
the state of current TCP/IP connections. It is used to get information about the open connections on a computer, incoming and outgoing data,
as well as the ports of remote computers to which the computer is connected. The netstat command gets all this networking information by
reading the kernel routing tables in the memory.
Answer A is incorrect. The netstat -e command displays the Ethernet information.
Answer B is incorrect. The netstat -r command displays the routing table information.
Answer C is incorrect. The netstat -s command displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP.
Which of the following tools is used to make fake authentication certificates?
WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a tool used to make fake certificates. It can be used to exploit
the Certificate Chain vulnerability in Internet Explorer. The tool works under Windows 9x/2000.
For example,
Generate fake certificate: fc -s www.we-are-secure.com -f fakeCert.crt
Launch WinSSLMiM: wsm -f fakeCert.crt
Answer D is incorrect. Brutus is a password cracking tool that performs both dictionary and brute force attacks in which passwords are
randomly generated from given characters. Brute forcing can be performed on the following authentications:
HTTP (Basic Authentication)
HTTP (HTML Form/CGI)
POP3 (Post Office Protocol v3)
FTP (File Transfer Protocol)
SMB (Server Message Block)
Telnet
Answer A is incorrect. Obiwan is a Web password cracking tool that is used to perform brute force and hybrid attacks. It is effective
against HTTP connections for Web servers that allow unlimited failed login attempts by the user. Obiwan uses wordlists as well as
alphanumeric characters as possible passwords.
Answer B is incorrect. Netcat is a freely available networking utility that reads and writes data across network connections by using the
TCP/IP protocol. Netcat has the following features:
It provides outbound and inbound connections for TCP and UDP ports.
It provides special tunneling such as UDP to TCP, with the possibility of specifying all network parameters.
It is a good port scanner.
It contains advanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified
file) of transmitted and received data.
It is an optional RFC854 telnet code parser and responder.
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 416 Questions & Answers