FREE GIAC Security Essentials Questions and Answers

0%

What does a result with a * mean in trace route results?

Correct! Wrong!

A network node or router along the traceroute path that has an asterisk (*) result usually means that it is not responding to the particular kind of ICMP (Internet Control Message Protocol) packet that the traceroute tool is using. This is frequently referred to as a network node "timeout" or "no response."
The ICMP Time Exceeded message is the expected answer when the traceroute tool delivers ICMP packets to each router or hop in the path. The router's IP address and other information are provided in this response, which also verifies that the packet has arrived at the router.

You have grounds for suspicion that someone using a domain user account may have accessed and altered private spreadsheets on one of your application servers.
To track file access and modification, you choose to enable auditing. By using Group Policy, you can provide the files access to the Audit Object Access policy.
When you review the audit logs two weeks later, you discover that they are blank.

What explanation is most likely for this development?

Correct! Wrong!

The fact that you didn't make the files themselves auditable is the most likely cause of the empty audit logs. It is necessary to activate auditing via Group Policy in order to enable auditing at the system level; however, this does not automatically enable auditing for specific files or folders.
It is necessary to indicate which files or folders should have their access and modifications checked in order to enable auditing at the file level. The audit logs won't contain anything if you don't enable auditing particularly for the private spreadsheets you think are being viewed and changed.

Your client wants to ensure that only the PCs he has given permission to connect to his Wi-Fi. What is the best security precaution you can suggest?

Correct! Wrong!

The client's requirement to only permit authorized PCs to join to the Wi-Fi network can be met by considering MAC address filtering as a security mechanism. Making a whitelist of acceptable MAC addresses (unique hardware IDs) and configuring the Wi-Fi router to only accept connections from those addresses are both steps in the MAC filtering process.

How many bytes are needed to represent OxFEDCBA in hexadecimal form?

Correct! Wrong!

"0xFEDCBA" in hexadecimal indicates a 24-bit value. Each digit in hexadecimal notation corresponds to 4 bits. The value has 6 digits (F, E, D, C, B, and A), hence there are a total of 24 bits because there are 4 bits per digit times 6 digits.
Since there are 8 bits in a byte, we divide the number of bits to bytes by 8:
24 bits / 8 equals 3 bytes.
Therefore, the hexadecimal value "0xFEDCBA" is represented by 3 bytes.

How would you enforce a company rule that all Bluetooth devices must have discoverable mode turned off?

Correct! Wrong!

One strategy is to use a program called "BlueScanner" to enforce a corporate policy that demands that all Bluetooth devices have discoverable mode turned off. A Bluetooth scanner called BlueScanner can be used to find nearby discoverable Bluetooth devices.

Which of these would be regarded as an Internet of Things (IoT) object?

Correct! Wrong!

If a digital video recorder (DVR) is internet-connected and has the ability to interact and communicate with other systems or devices, it can be regarded as a component of the Internet of Things (IoT).
Devices like DVRs are frequently network-connected in the IoT environment, enabling them to connect to the internet and potentially communicate with other IoT devices, programs, or cloud services. Multiple features, including remote access, video streaming, and integration with smart home or monitoring systems, are made possible by this link.

Which of these can be an effective risk management strategy?

Correct! Wrong!

One of the risk management techniques that businesses can use to effectively control hazards is risk avoidance. Identifying and evaluating hazards, as well as taking steps to entirely avoid or eliminate them, are all part of risk avoidance. Preventing risks and the detrimental repercussions they may have is the main goal of risk avoidance.