GISP Online Practice Questions and Answers
Which of the following authentication methods support mutual authentication? Each correct answer represents a complete solution. Choose two.
A. MS-CHAP v2
B. EAP-TLS
C. EAP-MD5
D. NTLM
Which of the following are types of social engineering attacks? Each correct answer represents a complete solution. Choose two.
A. An unauthorized person gains entrance to the building where the company's database server resides and accesses the server by pretending to be an employee.
B. An unauthorized person inserts an intermediary software or program between two communicating hosts to listen to and modify the communication packets passing between the two hosts.
C. An unauthorized person calls a user and pretends to be a system administrator in order to get the user's password.
D. An unauthorized person modifies packet headers by using someone else's IP address to hide his identity.
Which of the following is executed when a predetermined event occurs?
A. Worm
B. Trojan horse
C. Logic bomb
D. MAC
A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to perform war dialing? Each correct answer represents a complete solution. Choose all that apply.
A. ToneLoc
B. THC-Scan
C. Wingate
D. NetStumbler
Which of the following need to be reduced to suppress a fire? Each correct answer represents a complete solution. Choose all that apply.
A. Oxygen
B. Fuel
C. CO2
D. High temperature
Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11
wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN.
However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's
security policy. What will he do to accomplish this? Each correct answer represents a part of the solution.
Choose three.
A. Configure the authentication type for the wireless LAN to Open system.
B. Broadcast SSID to connect to the access point (AP).
C. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
D. Install a firewall software on each wireless access point.
E. On each client computer, add the SSID for the wireless LAN as the preferred network.
F. Configure the authentication type for the wireless LAN to Shared Key.
You are a salesperson. You are authorized to access only the information that is essential for your work. Which of the following access control models is used in your organization?
A. Role-Based Access Control
B. Discretionary Access Control
C. Mandatory Access Control
D. Rule-Based Access Control
E. Privilege Access Control
Which of the following needs to be documented to preserve evidences for presentation in court?
A. Chain of custody
B. Incident response policy
C. Account lockout policy
D. Separation of duties
You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company's network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?
A. Bridge
B. Antivirus software
C. Gateway
D. Firewall
Which of the following should propose applicable and effective security controls for managing the risks?
A. Risk assessment
B. Risk treatment plan
C. Risk communication
D. Risk management plan