Trusted Worldwide Questions & Answers
Most Recent GIAC GSNA Exam Questions & Answers
Prepare for the GIAC Systems and Network Auditor exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.
QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GIAC GSNA exam and achieve success.
The questions for GSNA were last updated on Nov 14, 2024.
- Viewing page 1 out of 83 pages.
- Viewing questions 1-5 out of 416 questions
Patricia joins uCertify Inc., as a Web Developer. While reviewing the company's Web site, she finds that many words including keywords are misspelled. How will this affect the Web site traffic?
Web site traffic depends upon the number of users who are able to locate a Web site. Search engines are one of the most frequently used
tools to locate Web sites. They perform searches on the basis of keywords contained in the Web pages of a Web site. Keywords are simple
text strings that are associated with one or more topics of a Web page. Misspelled keywords prevent Web pages from being displayed in the
search results.
Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.
To configure all the wireless access points and client computers to act in accordance with the company's security policy, Mark will take the
following actions:
Configure the authentication type for the wireless LAN to Shared Key. Shared Key authentication provides access control.
Disable SSID Broadcast and enable MAC address filtering on all the wireless access points. Disabling SSID Broadcast and enabling MAC
address filtering will prevent unauthorized wireless client computers from connecting to the access point (AP). Only the computers with
particular MAC addresses will be able to connect to the wireless access points.
On each client computer, add the SSID for the wireless LAN as the preferred network.
Answer E is incorrect. Setting the authentication type for the wireless LAN to Open System will disable
Wired Equivalent Privacy (WEP).
This level of WEP will not provide security.
Which of the following controls define the direction and behavior required for technology to function properly?
Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a
specific technology. A pervasive order or control determines the direction and behavior required for technology to function properly. The
pervasive control permeates the area by using a greater depth of control integration over a wide area of influence.
Answer B is incorrect. General controls are the parent class of controls that governs all areas of a business. An example of general
controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions.
General controls define the structure of an organization, establish HR policies, monitor workers and the work environment, as well as support
budgeting, auditing, and reporting.
Answer A is incorrect. Detailed IS controls are controls used for manipulating the on-going tasks in an organization. Some of the specific
tasks require additional detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or
steps to be performed such as:
The way system security parameters are set.
How input data is verified before being accepted into an application.
How to lock a user account after unsuccessful logon attempts.
How the department handles acquisitions, security, delivery, implementation, and support of IS services.
Answer C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in the control family. An activity
should be filtered through the general controls, then the pervasive controls and detailed controls, before reaching the application controls
level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible
to get applications tested prior to production through a recognized test method. The goal of this test is to provide a technical certificate that
each system meets the requirement.
You work as a Network Analyst for Net Perfect Inc. The company has a Unix-based network. You want to view the directories in alphabetical order. Which of the following Unix commands will you use to accomplish the task?
In Unix, the ls command is used to view the directories in alphabetical order.
Answer A is incorrect. In Unix, the cat command in Unix is used to create or display short files.
Answer B is incorrect. In Unix, the chmod command is used to change permissions.
Answer C is incorrect. In Unix, the cp command is used for copying files.
Zorp is a proxy firewall suite developed by Balabit IT Security. Which of the following statements are true about Zorp?
Each correct answer represents a complete solution. Choose all that apply.
Zorp is a proxy firewall suite developed by Balabit IT Security. Its core framework allows the administrator to fine-tune proxy decisions (with
its built-in script language), and fully analyze embedded protocols (such as SSL with an embedded POP3 or HTTP protocol). The FTP, HTTP,
FINGER, WHOIS, TELNET, and SSL protocols are fully supported with an application-level gateway.
Zorp aims for compliance with the Common Criteria/Application Level Firewall Protection Profile for Medium Robustness. Zorp is released under
GNU/GPL and commercial license too. The GPL version is completely usable and functional; however, it lacks some of the more advanced
functions available in the commercially available version only.
Some of the Zorp supported protocols are Finger, Ftp, Http, Pop3, NNTP, IMAP4, RDP, RPC, SIP, SSL, SSH, Telnet, Whois, LDAP, RADIUS, TFtp,
SQLNet NET8, Rsh, etc.
Answer D is incorrect. The GPL version of Zorp is completely usable and functional; however, it lacks
some of the more advanced
functions available in the commercially available version only.
Unlock All Questions for GIAC GSNA Exam
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 416 Questions & Answers