手に入れよう!は2024年最新の有効な実践問題であなたのGSEC試験を合格させる(本日更新された385問)
GIAC Information Security GSEC試験実践テスト問題集解答豪華セットを使おう!
GIAC GSEC試験は、サイバーセキュリティの分野でキャリアを進めたい専門家向けの高名な認定資格です。これは、基本的なセキュリティの概念やスキルに対する候補者の知識をテストするために設計された初心者向けの試験です。この認定は業界で広く認知され、履歴書を向上させ、分野における専門知識を証明するための貴重な資産となります。
質問 # 151
Which of the following is a Layer 3 device that will typically drop directed broadcast traffic?
- A. Switches
- B. Bridges
- C. Routers
- D. Hubs
正解:C
質問 # 152
Which of the following is a potential WPA3 security issue?
- A. Short key lengths
- B. Backward compatibility
- C. Disassociate frame DoS
- D. Traffic decryption with PSK
正解:B
質問 # 153
When an IIS filename extension is mapped, what does this mean?
- A. The files with the mapped extensions are interpreted by CMD.EXE.
- B. The file and all the data from the browser's request are handed off to the mapped interpreter.
- C. Files with the mapped extensions cannot be interpreted by the web server.
- D. The files with the mapped extensions are interpreted by the web browser.
正解:B
質問 # 154
Which of the following is a benefit of using John the Ripper for auditing passwords?
- A. John's Blowfish cracking routine uses a complex central computing loop that increases the cost of each hash computation.
- B. John cannot use the DES bit-slicing technique, so it is much slower than other tools, especially when used against DES-encrypted passwords.
- C. John the Ripper is much slower for auditing passwords encrypted with MD5 and Blowfish.
- D. John's MD5 cracking routine uses a simplified central computing loop that decreases the cost of each hash computation.
正解:D
質問 # 155
Which of the following is an UDP based protocol?
- A. telnet
- B. LDAP
- C. IMAP
- D. SNMP
正解:D
質問 # 156
Which of the following is an UDP based protocol?
- A. telnet
- B. LDAP
- C. IMAP
- D. SNMP
正解:D
解説:
Explanation
質問 # 157
How is a Distributed Denial of Service (DDOS) attack distinguished from a regular DOS attack?
- A. Regular DOS focuses on a single router.
- B. DDOS attacks are perpetrated by many distributed hosts.
- C. DDOS affects the entire Internet.
- D. DDOS affects many distributed targets.
正解:B
質問 # 158
On which of the following OSI model layers does IPSec operate?
- A. Network layer
- B. Data-link layer
- C. Physical layer
- D. Session layer
正解:A
解説:
Explanation
質問 # 159
You have been hired to design a TCP/IP-based network that will contain both Unix and Windows computers.
You are planning a name resolution strategy. Which of the following services will best suit the requirements of the network?
- A. DHCP
- B. APIPA
- C. LMHOSTS
- D. DNS
- E. WINS
正解:D
質問 # 160
When a host on a remote network performs a DNS lookup of www.google.com, which of the following is likely to provide an Authoritative reply?
- A. The root DNS server
- B. The local DNS server
- C. The DNS server for google.com
- D. The top-level DNS server for .com
正解:B
質問 # 161
The previous system administrator at your company used to rely heavily on email lists, such as vendor lists and Bug Traq to get information about updates and patches. While a useful means of acquiring data, this requires time and effort to read through. In an effort to speed things up, you decide to switch to completely automated updates and patching. You set up your systems to automatically patch your production servers using a cron job and a scripted apt-get upgrade command. Of the following reasons, which explains why you may want to avoid this plan?
- A. The command apt-get upgrade is incorrect, you need to run the apt-get update command
- B. Relying on vendor and 3rd party email lists enables updates via email, for even faster patching
- C. Automated patching of production servers without prior testing may result in unexpected behavior or failures
- D. The apt-get upgrade command doesn't work with the cron command because of incompatibility
正解:A
質問 # 162
You are examining an IP packet with a header of 40 bytes in length and the value at byte 0 of the packet header is 6. Which of the following describes this packet?
- A. This is an IPv4 packet with a TCP payload.
- B. This is an IPv4 packet; the protocol encapsulated in the payload is unspecified.
- C. This is an IPv6 packet; the protocol encapsulated in the payload is unspecified.
- D. This is an IPv6 packet with a TCP payload.
正解:C
質問 # 163
When discussing access controls, which of the following terms describes the process of determining the activities or functions that an Individual is permitted to perform?
- A. Identification
- B. Authentication
- C. Authorization
- D. Validation
正解:C
質問 # 164
What is TRUE about Workgroups and Domain Controllers?
- A. You cannot have stand-alone computers in the midst of other machines that are members of a domain
- B. Workgroup computers cannot share resources, only computers running on the same domain can
- C. Workgroups are characterized by higher costs while Domain Controllers by lower costs
- D. By default all computers running Windows 2008 can only form Domain Controllers not Workgroups
- E. You can have stand-alone computers in the midst of other machines that are members of a domain.
正解:E
質問 # 165
Which of the following are the types of access controls?
Each correct answer represents a complete solution. Choose three.
- A. Technical
- B. Physical
- C. Automatic
- D. Administrative
正解:A、B、D
質問 # 166
You work as a Network Administrator for McRoberts Inc. The company has a Linux-based network. You
have created a script named lf.cgi. You want to provide the following permissions on it:
rwsr-sr--Which of the following commands will you execute?
- A. chmod 2754
- B. chmod 4754
- C. chmod 6754
- D. chmod 7754
正解:C
質問 # 167
While using Wire shark to investigate complaints of users being unable to login to a web application, you come across an HTTP POST submitted through your web application. The contents of the POST are listed below.
Based on what you see below, which of the following would you recommend to prevent future damage to your database?
- A. Use https to prevent hackers from inserting malware
- B. Use ssh to prevent a denial of service attack
- C. Sanitize user inputs to prevent injection attacks
- D. Authenticate users to prevent hackers from using your database
正解:A
質問 # 168
Which of the following steps can be taken for securing a wireless LAN? Each correct answer represents a complete solution. Choose two.
- A. Remove folder sharing from the client computers in the network.
- B. Use NTFS file system on the client computers in the network.
- C. Use WEP and WPA compliant hardware.
- D. Configure WLAN settings for WP
正解:C、D
質問 # 169
Which of the following systems acts as a NAT device when utilizing VMware in NAT mode?
- A. Virtual system
- B. Host system
- C. Local gateway
- D. Guest system
正解:A
質問 # 170
......
GIAC GSEC(GIAC Security Essentials認定)試験は、情報セキュリティのさまざまな側面でIT専門家の知識とスキルをテストするベンダー中立認証です。この認定は業界で広く認識されており、情報セキュリティの分野の専門家として自分自身を確立したい個人にとって理想的な選択肢です。 GIAC GSEC試験は、ネットワークセキュリティ、アクセス制御、暗号化、インシデント処理など、さまざまなセキュリティ分野の候補者の習熟度をテストするように設計されています。
完全版最新の問題集PDFで最新GSEC試験問題と解答:https://jp.fast2test.com/GSEC-premium-file.html
本日更新された最新のGSECのPDFはGSEC無料お試し可能です:https://drive.google.com/open?id=1xbEStp-xy7w6qHgHKhWmz7ZzTDAR6wrQ