DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

GIAC GCFW Exam Questions and Answers, GIAC Certified Firewall Analyst Exam | SPOTO

SPOTO's latest exam dumps on the homepage, with a 100% pass rate! SPOTO delivers authentic Cisco CCNA, CCNP study materials, CCIE Lab solutions, PMP, CISA, CISM, AWS, and Palo Alto exam dumps. Our comprehensive study materials are meticulously aligned with the latest exam objectives. With a proven track record, we have enabled thousands of candidates worldwide to pass their IT certifications on their first attempt. Over the past 20+ years, SPOTO has successfully placed numerous IT professionals in Fortune 500 companies.
Take other online exams
Question #1
Each correct answer represents a complete solution. Choose two.
A. Firewall
B. Console
C. Gateway
D. Modem
E. Sensor
View answer
Correct Answer: BE
Question #2
Which of the following types of Intrusion Detection Systems consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications (binaries, password files, capability/acl databases) and other host activities and state?
A. HIDS
B. NIDS
C. APIDS
D. PIDS
View answer
Correct Answer: A
Question #3
You work as a Forensic Investigator. Which of the following rules will you follow while working on a case? Each correct answer represents a part of the solution. Choose all that apply.
A. Prepare a chain of custody and handle the evidence carefully
B. Never exceed the knowledge base of the forensic investigation
C. Examine original evidence and never rely on the duplicate evidence
D. Follow the rules of evidence and never temper with the evidence
View answer
Correct Answer: ABCD
Question #4
Which of the following statements about the traceroute utility are true? Each correct answer represents a complete solution. Choose all that apply.
A. It generates a buffer overflow exploit by transforming an attack shell code so that the new attack shell code cannot be recognized by any Intrusion Detection Systems
B. It uses ICMP echo packets to display the Fully Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the remote host
C. It records the time taken for a round trip for each packet at each router
D. It is an online tool that performs polymorphic shell code attacks
View answer
Correct Answer: BC
Question #5
Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.
A. Using Secret keys for authentication
B. Using public key infrastructure authentication
C. Using Off-channel verification
D. Using basic authentication
View answer
Correct Answer: ABC
Question #6
A packet filtering firewall inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Based on which of the following information are these rules set to filter the packets? Each correct answer represents a complete solution. Choose all that apply.
A. Layer 4 protocol information
B. Actual data in the packet
C. Interface of sent or received traffic
D. Source and destination Layer 3 address
View answer
Correct Answer: ACD
Question #7
Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, interne t traces
B. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
C. Volatile data, file slack, file system, registry, memory dumps, system state backup, interne t traces
D. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
View answer
Correct Answer: C
Question #8
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP network. You have been assigned a task to configure security mechanisms for the network of the company. You have decided to configure a packet filtering firewall. Which of the following may be the reasons that made you choose a packet filtering firewall as a security mechanism? Each correct answer represents a complete solution. Choose all that apply.
A. It makes security transparent to end-users which provide easy use of the client application s
B. It prevents application-layer attacks
C. It is easy to install packet filtering firewalls in comparison to the other network security sol utions
D. It easily matches most of the fields in Layer 3 packets and Layer 4 segment headers, and thus, provides a lot of flexibility in implementing security policies
View answer
Correct Answer: ACD
Question #9
Which of the following monitors program activities and modifies malicious activities on a system?
A. Back door
B. NIDS
C. RADIUS
D. HIDS
View answer
Correct Answer: D
Question #10
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?
A. Network-based
B. File-based
C. Signature-based
D. Anomaly-based
View answer
Correct Answer: D
Question #11
Which of the following ICMPv6 neighbor discovery messages is sent by hosts to request an immediate router advertisement, instead of waiting for the next scheduled advertisement?
A. Router Advertisement
B. Neighbor Advertisement
C. Router Solicitation
D. Neighbor Solicitation
View answer
Correct Answer: C
Question #12
Which of the following can be monitored by using the host intrusion detection system (HIDS)? Each correct answer represents a complete solution. Choose two.
A. Computer performance
B. File system integrity
C. Storage space on computers
D. System files
View answer
Correct Answer: BD
Question #13
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still wo
A. Block ICMP type 13 messages
B. Block ICMP type 3 messages
C. Block all outgoing traffic on port 21
D. Block all outgoing traffic on port 53
View answer
Correct Answer: A
Question #14
Which of the following intrusion detection systems (IDS) produces the false alarm because of the abnormal behavior of users and network?
A. Host-based intrusion detection system (HIDS)
B. Network intrusion detection system (NIDS)
C. Protocol-based intrusion detection system (PIDS)
D. Application protocol-based intrusion detection system (APIDS)
View answer
Correct Answer: A
Question #15
Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?
A. Stateful firewall
B. Packet filter firewall
C. Endian firewall
D. Proxy-based firewall
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.