FREE GIAC Security Essentials Questions and Answers

Question 1

You have grounds for suspicion that someone using a domain user account may have accessed and altered private spreadsheets on one of your application servers.
To track file access and modification, you choose to enable auditing. By using Group Policy, you can provide the files access to the Audit Object Access policy.
When you review the audit logs two weeks later, you discover that they are blank.

What explanation is most likely for this development?

Accepted Answer

You did not enable auditing on the files

Answer

The fact that you didn't make the files themselves auditable is the most likely cause of the empty audit logs. It is necessary to activate auditing via Group Policy in order to enable auditing at the system level; however, this does not automatically enable auditing for specific files or folders.
It is necessary to indicate which files or folders should have their access and modifications checked in order to enable auditing at the file level. The audit logs won't contain anything if you don't enable auditing particularly for the private spreadsheets you think are being viewed and changed.

Question 2

How many bytes are needed to represent OxFEDCBA in hexadecimal form?

Accepted Answer

three

Answer

"0xFEDCBA" in hexadecimal indicates a 24-bit value. Each digit in hexadecimal notation corresponds to 4 bits. The value has 6 digits (F, E, D, C, B, and A), hence there are a total of 24 bits because there are 4 bits per digit times 6 digits.
Since there are 8 bits in a byte, we divide the number of bits to bytes by 8:
24 bits / 8 equals 3 bytes.
Therefore, the hexadecimal value "0xFEDCBA" is represented by 3 bytes.

Question 3

How would you enforce a company rule that all Bluetooth devices must have discoverable mode turned off?

Accepted Answer

Use BlueScanner

Answer

One strategy is to use a program called "BlueScanner" to enforce a corporate policy that demands that all Bluetooth devices have discoverable mode turned off. A Bluetooth scanner called BlueScanner can be used to find nearby discoverable Bluetooth devices.

Question 4

Which of these can be an effective risk management strategy?

Accepted Answer

Risk avoidance

Answer

One of the risk management techniques that businesses can use to effectively control hazards is risk avoidance. Identifying and evaluating hazards, as well as taking steps to entirely avoid or eliminate them, are all part of risk avoidance. Preventing risks and the detrimental repercussions they may have is the main goal of risk avoidance.

Question 5

Your client wants to ensure that only the PCs he has given permission to connect to his Wi-Fi. What is the best security precaution you can suggest?

Accepted Answer

Mac filtering

Answer

The client's requirement to only permit authorized PCs to join to the Wi-Fi network can be met by considering MAC address filtering as a security mechanism. Making a whitelist of acceptable MAC addresses (unique hardware IDs) and configuring the Wi-Fi router to only accept connections from those addresses are both steps in the MAC filtering process.

GIAC Certification Practice Test

GIAC Certification Practice Test

FREE GIAC Security Essentials Questions and Answers