GNSA Online Practice Questions and Answers

Correct Answer:

In the above diagram, the raw data is available in the Application layer of the TCP/IP model. The data coded according to the Application layer protocols is encapsulated into one or more transport layer protocols, which finally used by the

lower layer protocols to affect the actual data transfer.

In the Transport layer, the data is combined with the UDP header. The responsibilities of the Transport Layer include end-to-end message transfer capabilities independent of the underlying network, along with error control, segmentation, flow

control, congestion control, and application addressing (port numbers).

In the Internet layer, the data and UDP header are combined to form an IP data, which is navigated by the IP header across the Internet for its exact destination.

In the Link layer, the IP data and IP header combine to form the final frame data, which is accompanied by the Frame header and Frame Footer. The Link Layer is used to move packets between the Internet Layer interfaces of two different

hosts on the same link. Main function of the Link layer is to add a packet header to prepare it for transmission and then actually transmit the frame over a physical medium.

Correct Answer:

The modulation schemes and IEEE standards working with these modulation schemes are given below:

Correct Answer: C

Explanation:

An independent audit is an audit that is usually conducted by external or outside resources. It is the process of reviewing detailed audit logs for the following purposes:

To examine the system activities and access logs

To assess the adequacy of system methods

To assess the adequacy of system controls

To examine compliance with established enterprise network system policies

To examine compliance with established enterprise network system procedures

To examine effectiveness of enabling, support, and core processes

Answer: B is incorrect. It is not a valid type of security audit.

Answer: D is incorrect. It is done to examine the operational and ongoing activities within a network.

Answer: B is incorrect. It is not a valid type of security audit.

Answer: D is incorrect. It is done to examine the operational and ongoing activities within a network. Answer: A is incorrect. It is not a valid type of security audit.

Correct Answer: D

A stateful firewall is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected. Answer: B is incorrect. A host-based application firewall can monitor any application input, output, and/or system service calls made from, to, or by an application. This is done by examining information passed through system calls instead of, or in addition to, a network stack. A host-based application firewall can only provide protection to the applications running on the same host. An example of a host-based application firewall that controls system service calls by an application is AppArmor or the Mac OS X application firewall. Host-based application firewalls may also provide network-based application firewalling. Answer: A is incorrect. A network-based application layer firewall, also known as a proxy-based or reverse-proxy firewall, is a computer networking firewall that operates at the application layer of a protocol stack. Application firewalls specific to a particular kind of network traffic may be titled with the service name, such as a Web application firewall. They may be implemented through software running on a host or a stand-alone piece of network hardware. Often, it is a host using various forms of proxy servers to proxy traffic before passing it on to the client or server. Because it acts on the application layer, it may inspect the contents of the traffic, blocking specified content, such as certain websites, viruses, and attempts to exploit known logical flaws in client software. Answer: C is incorrect. An application firewall is a form of firewall that controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls that do not meet the configured policy of the firewall. The application firewall is typically built to monitor one or more specific applications or services (such as a web or database service), unlike a stateful network firewall, which can provide some access controls for nearly any kind of network traffic. There are two primary categories of application firewalls: Network-based application firewalls Host-based application firewalls

Correct Answer: B

A firewall stops delivery of packets that are not marked safe by the Network Administrator. It checks the transport layer port numbers and the application layer headers to prevent certain ports and applications from getting the packets into an

Enterprise.

Answer: A, C, D are incorrect. This information is not checked by a firewall.

Correct Answer: B

The less command is most useful for viewing large files. The less command displays the output of a file one page at a time. Viewing large files through cat may take more time to scroll pages, so it is better to use the less command to see the

content of large files.

Answer: A is incorrect. The cat command is also used to view the content of a file, but it is most useful for viewing short files.

Answer: D is incorrect. The cp command is used to copy files and directories from one location to another.

Answer: C is incorrect. The touch command is not used to view the content of a file. It is used to create empty files or to update file timestamps.

Correct Answer: D

According to the scenario, John wants to break the my_backup.tgz file into two files in which thesize of the first file named my_backup.tgz.aa should be 600MB and that of the second file named my_backup.tgz.ab should be 200MB. Hence,

he will use the the split --verbose -b 600 my_backup.tgz my_backup.tgz. command, which will automatically break the first file into 600MB named my_backup.tgz.aa, and the rest of the data (200MB) will be assigned to the second file named

my_backup.tgz.ab. The reason behind the names is that the split command provides suffixes as 'aa', 'ab', 'ac', ..., 'az', 'ba', 'bb', etc. in the broken file names by default. Hence, both conditions, the file names as well as the file sizes, match with

this command.

Note: If the size of the tar file my_backup.tgz is 1300MB, the command split --verbose -b 600 my_backup.tgz my_backup.tgz. breaks the my_backup.tgz file into three files,i.e., my_backup.tgz.aa of size 600MB, my_backup.tgz.ab of size

600MB, and my_backup.tgz.ac of size 100MB.

Correct Answer: BCD

Static routing is a data communication concept that describes a way to configure path selection of routers in computer networks. This is achieved by manually adding routes to the routing table. However, when there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted. Static routing is beneficial in many ways: Precise control over the routes that a packet will take across the network Reduced load on the routers, as no complex routing calculations are required Reduced bandwidth use, as there is no excessive router traffic. Easy to configure in small networks Answer: A is incorrect. This is a property of a dynamic route. A static route cannot choose the best path. It can only choose the paths that are manually entered. When there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted.

Correct Answer: B

The routing algorithm uses certain variables to create a metric of a path. It is the metric that is actually used for path determination. Variables that are used to create a metric of a path are as follows:

Hop count: It is the total number of routers that a data packet goes through to reach its destination.

Cost: It is determined by the administrator or calculated by the router.

Bandwidth: It is defined as the bandwidth that the link provides.

Maximum transmission unit (MTU): It is the largest message size that a link can route.

Load: It states the amount of work the CPU has to perform and the number of packets the CPU needs to analyze and make calculations on.

Correct Answer: ABC

Sawmill is a software package for the statistical analysis and reporting of log files, with dynamic contextual filtering, 'live' data zooming, user interface customization, and custom calculated reports. Sawmill incorporates real-time reporting and real-time alerting. Sawmill also includes a page tagging server and JavaScript page tag for the analysis of client side clicks (client requests) providing a total view of visitor traffic and on-site behavioral activity. Sawmill Analytics is offered in three forms, as a software package for user deployment, as a turnkey on-premise system appliance, and as a SaaS service. Sawmill analyzes any device or software package producing a log file and that includes Web servers, firewalls, proxy servers, mail servers, network devices (switches and routers etc.), syslog servers, databases etc. Its range of potential uses by knowledge workers is essentially limitless. Answer: D is incorrect. Sawmill Analytics software is available in three different forms; as a software package for user deployment, as a turnkey on-premise system appliance, and as a SaaS service.