Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > GIAC > GIAC Certifications > GSNA > GSNA Online Practice Questions and Answers

GSNA Online Practice Questions and Answers

Questions 4

Which of the following controls define the direction and behavior required for technology to function properly?

A. Detailed IS controls

B. General controls

C. Application controls

D. Pervasive IS controls

Buy Now

Correct Answer: D

Pervasive IS controls are a subset of general controls that contains some extra definitions focusing on the management of monitoring a specific technology. A pervasive order or control determines the direction and behavior required for

technology to function properly. The pervasive control permeates the area by using a greater depth of control integration over a wide area of influence. Answer: B is incorrect. General controls are the parent class of controls that governs all

areas of a business. An example of general controls includes the separation duties that prevent employees from writing their own paychecks and creating accurate job descriptions. General controls define the structure of an organization,

establish HR policies, monitor workers and the work environment, as well as support budgeting, auditing, and reporting. Answer: A is incorrect. Detailed IS controls are controls used for manipulating the on-going tasks in an organization.

Some of the specific tasks require additional detailed controls to ensure that the workers perform their job correctly. These controls refer to some specific tasks or steps to be performed such as:

The way system security parameters are set.

How input data is verified before being accepted into an application. How to lock a user account after unsuccessful logon attempts. How the department handles acquisitions, security, delivery, implementation, and support of IS services.

Answer: C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in the control family. An activity should be filtered through the general controls, then the pervasive controls and detailed controls, before

reaching the application controls level. Controls in the higher level category help in protecting the integrity of the applications and their data. The management is responsible to get applications tested prior to production through a recognized

test method. The goal of this test is to provide a technical certificate that each system meets the requirement.

Questions 5

Which of the following wireless security features provides the best wireless security mechanism?

A. WEP

B. WPA with 802.1X authentication

C. WPA

D. WPA with Pre Shared Key

Buy Now

Correct Answer: B

WPA with 802.1X authentication provides best wireless security mechanism. 802.1X authentication, also known as WPA-Enterprise, is a security mechanism for wireless networks. 802.1X provides port-based authentication, which involves communications between a supplicant, authenticator, and authentication server. The supplicant is often software on a client device, the authenticator is a wired Ethernet switch or wireless access point, and an authentication server is generally a RADIUS database. The authenticator acts like a security guard to a protected network. The supplicant (client device) is not allowed access through the authenticator to the protected side of the network until the supplicant's identity is authorized. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

Answer: A is incorrect. Wired equivalent privacy (WEP) uses the stream cipher RC4 (Rivest Cipher). WEP uses the Shared Key Authentication, since both the access point and the wireless device possess the same key. Attacker with enough

Initialization Vectors can crack the key used and gain full access to the network.

Answer: D is incorrect. WPA-PSK is a strong encryption where encryption keys are automatically changed (called rekeying) and authenticated between devices after a fixed period of time, or after a fixed number of packets has been

transmitted.

Answer: C is incorrect. WAP uses TKIP (Temporal Key Integrity Protocol) to enhance data encryption, but still vulnerable to different password cracking attacks.

Questions 6

You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based routed network. Two segments have been configured on the network as shown below:

One day, the switch in Subnet B fails. What will happen?

A. Communication between the two subnets will be affected.

B. The whole network will collapse.

C. Workstations on Subnet A will become offline

D. Workstations on Subnet B will become offline.

Buy Now

Correct Answer: AD

According to the question, the network is a routed network where two segments have been divided and each segment has a switch. These switches are connected to a common router. All workstations in a segment are connected to their respective subnet's switches. Failure of the switch in Subnet B will make all workstations connected to it offline. Moreover, communication between the two subnets will be affected, as there will be no link to connect to Subnet B.

Questions 7

John works as a Network Administrator for Perfect Solutions Inc. The company has a Debian Linux-based network. He is working on the bash shell in which he creates a variable VAR1. After some calculations, he opens a new ksh shell. Now, he wants to set VAR1 as an environmental variable so that he can retrieve VAR1 into the ksh shell.

Which of the following commands will John run to accomplish the task?

A. echo $VAR1

B. touch VAR1

C. export VAR1

D. env -u VAR1

Buy Now

Correct Answer: C

Since John wants to use the variable VAR1 as an environmental variable, he will use the export command to accomplish the task.

Questions 8

The routing algorithm uses certain variables to create a metric of a path. It is the metric that actually determines the routing path.

In a metric, which of the following variables is used to define the 'largest size' of a message that can be routed?

A. Load

B. MTU

C. Hop count

D. Bandwidth

Buy Now

Correct Answer: B

The routing algorithm uses certain variables to create a metric of a path. It is the metric that is actually used for path determination. Variables that are used to create a metric of a path are as follows:

1.

Hop count: It is the total number of routers that a data packet goes through to reach its destination.

2.

Cost: It is determined by the administrator or calculated by the router.

3.

Bandwidth: It is defined as the bandwidth that the link provides.

4.

Maximum transmission unit (MTU): It is the largest message size that a link can route.

5.

Load: It states the amount of work the CPU has to perform and the number of packets the CPU needs to analyze and make calculations on.

Questions 9

Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. Peter specifies MARGINHEIGHT="0" and MARGINWIDTH="0" in one of the Web pages.

How will this affect the Web page?

A. It will create a borderless page structure when viewed in any browser.

B. It will create a borderless page structure when viewed in Netscape Navigator.

C. It will delete all the text from the margins.

D. It will create a borderless page structure when viewed in Internet Explorer.

Buy Now

Correct Answer: B

The MARGINHEIGHT and MARGINWIDTH attributes are used in the tag to adjust the top and left margins of a Web page to be displayed in Netscape Navigator. Specifying MARGINHEIGHT="0" and MARGINWIDTH="0" within the

tag will create a borderless page structure when viewed in Netscape Navigator.

Answer: D is incorrect. The TOPMARGIN and LEFTMARGIN attributes are used in the tag to adjust the top and left margins of a Web page to be displayed in Internet Explorer. Specifying TOPMARGIN="0" and LEFTMARGIN="0"

within the tag will create a borderless page structure when viewed in Internet Explorer.

Answer C is incorrect. These attributes are used to adjust margins and not to delete text from margins.

Questions 10

You work as a Software Developer for UcTech Inc. You want to create a new session.

Which of the following methods can you use to accomplish the task?

A. getNewSession(true)

B. getSession(false)

C. getSession()

D. getSession(true)

E. getNewSession()

Buy Now

Correct Answer: CD

The getSession() method of the HttpServletRequest interface returns the current session associated with the request, or creates a new session if no session exists. The method has two syntaxes as follows:

1.

public HttpSession getSession(): This method creates a new session if it does not exist.

2.

public HttpSession getSession(boolean create): This method becomes similar to the above method if create is true, and returns the current session if create is false. It returns null if no session exists. Answer: B is incorrect. The getSession (false) method returns a pre-existing session. It returns null if the client has no session associated with it.

Questions 11

Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?

A. Change hub with switch.

B. Deploying a powerful antenna.

C. Disabling SSID broadcast.

D. Implement WEP.

Buy Now

Correct Answer: C

Disabling SSID broadcast will free up bandwidth in a WLAN environment. It is used to enhance security of a Wireless LAN (WLAN). It makes difficult for attackers to find the access point (AP). It is also used by enterprises to prevent curious people from trying to access the WLAN.

Questions 12

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to use multiple security countermeasures to protect the integrity of the information assets of the company. To accomplish the task, you need to create a complex and multi-layered defense system. Which of the following components can be used as a layer that constitutes 'Defense in depth'? (Choose three)

A. Backdoor

B. Firewall

C. Antivirus software

D. Intrusion detection

Buy Now

Correct Answer: BCD

The components of Defense in depth include antivirus software, firewalls, anti-spyware programs, hierarchical passwords, intrusion detection, and biometric verification. In addition to electronic countermeasures, physical protection of business sites along with comprehensive and ongoing personnel training enhances the security of vital data against compromise, theft, or destruction. Answer A is incorrect. A backdoor is any program that allows a hacker to connect to a computer without going through the normal authentication process. The main advantage of this type of attack is that the network traffic moves from inside a network to the hacker's computer. The traffic moving from inside a network to the outside world is typically the least restrictive, as companies are more concerned about what comes into a network, rather than what leaves it. It, therefore, becomes hard to detect backdoors.

Questions 13

Mark works as a Web Designer for XYZ CORP. The company has a Windows-based network. Mark creates an HTML document that gives the following error on execution: "These hypertext system features are not supported by HTML".

Which of the following can be the hypertext system features that are NOT supported by HTML? (Choose three)

A. Source tracking

B. Typed link

C. Hyperlink

D. Fat link

Buy Now

Correct Answer: ABD

HTML lacks some of the features found in earlier hypertext systems, such as typed links, source tracking, fat links etc. Even some hypertext features that were in early versions of HTML have been ignored by most popular web browsers until recently, such as the link element and in- browser Web page editing. Sometimes Web services or browser manufacturers remedy these shortcomings. Answer: C is incorrect. Hyperlink is supported by HTML as well as Hypertext.

Exam Code: GSNA
Exam Name: GIAC Systems and Network Auditor (GSNA)
Last Update: Jul 06, 2026
Questions: 413

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.