GIAC GSNA Exam Actual Questions

Sarah works as a Web Developer for XYZ CORP. She is creating a Web site for her company. Sarah wants greater control over the appearance and presentation of Web pages. She wants the ability to precisely specify the display attributes and the appearance of elements on the Web pages.
How will she accomplish this?

Correct Answer: C 🗳️
Sarah should use the Cascading Style Sheet (CSS) while creating Web pages. This will give her greater control over the appearance and presentation of the Web pages and will also enable her to precisely specify the display attributes and the appearance of elements on the Web pages.

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows
Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer. You have configured auditing on this server.
The client computers of the company use the Windows XP Professional operating system. You want to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. To accomplish the task, you have enabled the Audit account management option on the server.
Which of the following events can be audited by enabling this audit option?

Correct Answer: BCD 🗳️
Audit account management is one of the nine audit settings that can be configured on a Windows computer. This option is enabled to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. These events include the following:
✑ Creating a user account
✑ Adding a user account to a group
✑ Renaming a user account
✑ Changing password for a user account
This option is also used to audit the changes to the domain account of the domain controllers.

John works as a contract Ethical Hacker. He has recently got a project to do security checking for www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server in the information gathering step.
Which of the following commands will he use to accomplish the task? (Choose two.)

Correct Answer: Answer: C is incorrect. "nc -v -n 208.100.2.25 80" is a Netcat command, which is used to banner grab for getting information about the system and running 🗳️
According to the scenario, John will use "nmap -v -O 208.100.2.25" to detect the operating system of the we-are-secure server. Here, -v is used for verbose and -
O is used for TCP/IP fingerprinting to guess the remote operating system. John may also use the DNS name of we-are-secure instead of using the IP address of the we-are-secure server. So, he can also use the nmap command "nmap -v -O www.we-are-secure.com ". services.

You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast traffic.
What is this most likely to be an indicator of?

Correct Answer: Answer: D is incorrect. Viruses can cause an increase in network traffic, and it is possible for that to be broadcast traffic. However, a DoS attack is more likely than 🗳️
There are several denial of service (DoS) attacks that specifically use broadcast traffic to flood a targeted computer. Seeing an unexplained spike in broadcast traffic could be an indicator of an attempted denial of service attack. a virus to cause this particular problem.
However, this are cent problem, the router is unlikely to be the issue.

You run the wc -c file1.txt command. If this command displays any error message, you want to store the error message in the error.txt file.
Which of the following commands will you use to accomplish the task?

Correct Answer: Answer: B, D are incorrect. 🗳️
According to the scenario, you will use the wc -c file1.txt 2>error.txt command to accomplish the task. The 2> operator is an error redirector, which, while running a command, redirects the error (if it exists) on the specified file.
The > or 1> redirector can be used to redirect the output of the wc -c file1.txt file to the error.txt file; however, you want to write the errors in the error.txt file, not the whole output.
The >> operator will redirect the output of the command in the same manner as the > or 1> operator. Although the >>operator will not overwrite the error.txt file, it will append the error.txt file.

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He wants to forward all the kernel messages to the remote host having IP address 192.168.0.1.
Which of the following changes will he perform in the syslog.conf file to accomplish the task?

Correct Answer: Answer: Dis incorrect. 🗳️
According to the scenario, John will make the following entry in the syslog.conf file to forward all the kernel messages to the remote host having IP address
192.168.0.1: kern.* @192.168.0.1
This entry will forward all the messages to the remote host having IP address 192.168.0.1.
This entry will not forward any message to the remote host having IP address 192.168.0.1.
This entry will not forward any kernel message to the remote host having IP address 192.168.0.1.

John works as a Security Professional. He is assigned a project to test the security of www.we-are-secure.com. John wants to get the information of all network connections and listening ports in the numerical form.
Which of the following commands will he use?

Correct Answer: Answer: A is incorrect. The netstat -e command displays the Ethernet information. 🗳️
According to the scenario, John will use the netstat -an command to accomplish the task. The netstat -an command is used to get the information of all network connections and listening ports in the numerical form. The netstat command displays protocol-related statistics and the state of current TCP/IP connections. It is used to get information about the open connections on a computer, incoming and outgoing data, as well as the ports of remote computers to which the computer is connected. The netstat command gets all this networking information by reading the kernel routing tables in the memory.
By default, statistics are shown for TCP, UDP and IP.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network.
Which of the following IEEE-based traffic can be sniffed with Kismet?

Correct Answer: ABCD 🗳️
Kismet can sniff IEEE 802.11a, 802.11b, 802.11g, and 802.11n-based wireless network traffic.

Which of the following statements about the traceroute utility are true?

Correct Answer: Answer: C, D are incorrect. Traceroute does not perform polymorphic shell code attacks. Attacking tools such as AD Mutate are used to perform polymorphic shell 🗳️
Traceroute is a route-tracing utility that displays the path an IP packet takes to reach its destination. It uses ICMP echo packets to display the Fully Qualified
Domain Name (FQDN) and the IP address of each gateway along the route to the remote host. This tool also records the time taken for a round trip for each packet at each router that can be used to find any faulty router along the path. code attacks.

George works as an office assistant in Soft Well Inc. The company uses the Windows Vista operating system. He wants to disable a program running on a computer.
Which of the following Windows Defender tools will he use to accomplish the task?

Correct Answer: Software Explorer is used to remove, enable, or disable a program running on a computer. Answer: A is incorrect. Allowed items contains a list of all the programs 🗳️
that a user has chosen not to monitor with Windows Defender.