GSNA無料問題集「GIAC Systems and Network Auditor」

質問 1

Which of the following types of authentication tokens forms a logical connection to the client computer but does not require a physical connection?

（A）Disconnected token

（B）Connected token

（C）Contactless token

（D）Virtual token

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

（A）198 and 173

（B）139 and 445

（C）149 and 133

（D）203 and 333

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer. You have configured auditing on this server. The client computers of the company use the Windows XP Professional operating system. You want to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. To accomplish the task, you have enabled the Audit account management option on the server. Which of the following events can be audited by enabling this audit option?

（A）Creation of a user account

（B）Access to an Active Directory object

（C）Change of password for a user account

（D）Addition of a user account to a group

正解：A、C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which of the following statements about the /etc/profile file are true?

（A）It allows a system administrator to create a default home directory for all new users on a computer.

（B）It is used to configure and control system-wide default variables.

（C）A user can change the settings of the /etc/profile file, but he cannot delete the file. It can only be deleted by the root user.

（D）It can change the default umask value.

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

You work as a Software Developer for UcTech Inc. You want to create a new session. Which of the following methods can you use to accomplish the task?

（A）getSession(false)

（B）getNewSession(true)

（C）getSession()

（D）getNewSession()

（E）getSession(true)

正解：C、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?

（A）Don't broadcast SSID

（B）Implement MAC filtering

（C）Implement WPA

（D）Implement WEP

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

（A）Command injection attack

（B）Cross-Site Scripting attack

（C）Cross-Site Request Forgery

（D）Code injection attack

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:

Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required. What is the most likely cause?

（A）A protocol rule that allows the use of HTTP has not been created.

（B）An IP packet filter that allows the use of network traffic on port 80 has not been created.

（C）An IP packet filter that allows the use of network traffic on port 443 has not been created.

（D）A protocol rule that allows the use of HTTPS has not been created.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Martha works as a Web Developer for XYZ CORP. She is developing a Web site for the company. In the Web site, she uses multiple and overlapping style definitions to control the appearance of HTML elements. What is this technique known as?

（A）Overlapping Style Sheet

（B）Cascading Style Sheet

（C）Style sheet

（D）Core sheet

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which of the following commands can be used to intercept and log the Linux kernel messages?

（A）klogd

（B）syslog-ng

（C）syslogd

（D）sysklogd

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

（A）Eavesdropping

（B）Web ripping

（C）Fingerprinting

（D）TCP FTP proxy scanning

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to use multiple security countermeasures to protect the integrity of the information assets of the company. To accomplish the task, you need to create a complex and multi-layered defense system. Which of the following components can be used as a layer that constitutes 'Defense in depth'? (Choose three)

（A）Antivirus software

（B）Firewall

（C）Intrusion detection

（D）Backdoor

正解：A、B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

In which of the following attacking methods does an attacker distribute incorrect IP address?

（A）Man-in-the-middle

（B）IP spoofing

（C）Mac flooding

（D）DNS poisoning

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

Choose the benefits of deploying switches over hubs in your infrastructure. (Choose two)

（A）Switches create an environment best suited for half duplex communications. This improves network performance and the amount of available bandwidth.

（B）Layer 2 switches allow for the creation of Virtual LANs providing options for further segmentation and security.

（C）Switches lower the number of collisions in the environment.

（D）Layer 2 switches increase the number of broadcast domains in the environment.

正解：B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

Which of the following statements about a perimeter network are true? (Choose three)

（A）It is also known as a demilitarized zone or DMZ.

（B）It has a connection to a private network through an external firewall and a connection to an internal network through an interior firewall.

（C）It prevents access to the internal corporate network for outside users.

（D）It has a connection to the Internet through an external firewall and a connection to an internal network through an interior firewall.

正解：A、C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

GSNA 無料問題集「GIAC Systems and Network Auditor」

弊社を連絡する

関連リンク

トップ試験