New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

GPPA GIAC Certified Perimeter Protection Analyst Questions and Answers

Questions 4

Which of the following tools is described below?

It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

Options:

A.

Dsniff

B.

Cain

C.

Libnids

D.

LIDS

Buy Now
Questions 5

Which of the following actions can be taken as the countermeasures against the ARP spoofing attack?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Placing static ARP entries on servers and routes

B.

Using Private VLANs

C.

Using 8 digit passwords for authentication

D.

Looking for large amount of ARP traffic on local subnets

Buy Now
Questions 6

Which of the following TShark options is used to set capture buffer size in MB?

Options:

A.

-F

B.

-B

C.

-G

D.

-C

Buy Now
Questions 7

Which of the following tools uses PDA and barcode technologies in order to enable effective identification, control, and reporting of items in a site?

Options:

A.

Biometric device

B.

Smart card

C.

Baseline audit

D.

Vulnerability scanner

Buy Now
Questions 8

Suppose you are working as a Security Administrator at ABC Inc. The company has a switched network. You have configured tcpdump in the network which can only see traffic addressed to itself and broadcast traffic.

What will you do when you are required to see all traffic of the network?

Options:

A.

Connect the sniffer device to a Switched Port Analyzer (SPAN) port.

B.

Connect the sniffer device to a Remote Switched Port Analyzer (RSPAN) port.

C.

Configure Network Access Control (NAC).

D.

Configure VLAN Access Control List (VACL).

Buy Now
Questions 9

Which of the following is the default port for POP3?

Options:

A.

80

B.

25

C.

21

D.

110

Buy Now
Questions 10

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single forest multiple domain IPv4 network. All the DNS servers on the network run Windows Server 2008. The users in the network use NetBIOS name to connect network application on the network. You have migrated the network to IPv6-enabled network. Now you want to enable DNS Server to perform lookups in GlobalNames Zone.

Which of the following commands will you use to accomplish the task?

Options:

A.

Dnscmd /config /enableglobalnames 1

B.

Dnscmd /config /globalnamesqueryorder 0

C.

Dnscmd /config /enableglobalnamessupport 1

D.

Dnscmd /config /enableglobalnamessupport 0

Buy Now
Questions 11

Which of the following is the function of the editcap utility of Wireshark?

Options:

A.

To analyze data packets.

B.

To remove duplicate packets.

C.

To transfer data packets.

D.

To check data packets.

Buy Now
Questions 12

You work as a Network Administrator for NetTech Inc. You want to prevent your network from Ping flood attacks.

Which of the following protocols will you block to accomplish this task?

Options:

A.

IP

B.

FTP

C.

PPP

D.

ICMP

Buy Now
Questions 13

Which of the following are open-source vulnerability scanners? (Choose three.)

Options:

A.

Nessus

B.

Hackbot

C.

Nikto

D.

NetRecon

Buy Now
Questions 14

Which of the following is a console-based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system?

Options:

A.

Kismet

B.

Hping2

C.

Nemesis

D.

Scapy

Buy Now
Questions 15

Which of the following program loads IOS image into RAM?

Options:

A.

POST

B.

NVRAM

C.

Bootstrap

D.

TFTP

Buy Now
Questions 16

Secure Shell (SSH) is a network protocol that allows data to be exchanged using a secure channel between two networked devices.

Which of the following features are supported by Secure Shell?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

SSH uses the client-server model.

B.

SSH can transfer files using the associated HTTP or FTP protocols.

C.

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding TCP ports and X11 connections.

D.

SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.

Buy Now
Questions 17

You are the Network Administrator and your company has recently implemented encryption for all emails. You want to check to make sure that the email packages are being encrypted.

What tool would you use to accomplish this?

Options:

A.

Password cracker

B.

Performance Monitor

C.

Packet sniffer

D.

Vulnerability analyzer

Buy Now
Questions 18

Which of the following protocols is used by voice over IP (VoIP) applications?

Options:

A.

IPv6

B.

TCP

C.

ICMP

D.

UDP

Buy Now
Questions 19

Which of the following number ranges is used for the IP Standard ACL?

Options:

A.

100-199

B.

1-99

C.

600-699

D.

1000-1099

Buy Now
Questions 20

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks.

Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Y.A.T.

B.

Fragroute

C.

Whisker

D.

Nessus

Buy Now
Questions 21

Which of the following firewalls filters the traffic based on the header of the datagram?

Options:

A.

Circuit-level firewall

B.

Application-level firewall

C.

Packet filtering firewall

D.

Stateful inspection firewall

Buy Now
Questions 22

You work as the Security Administrator for Prodotxiss Inc. You want to ensure the security of your Wi-Fi enterprise network against the wireless snooping attacks.

Which of the following measures will you take over the site network devices of the network?

Options:

A.

Disable the SSID broadcast feature of the router.

B.

Apply firewalls at appropriate spots.

C.

Download and install new firmware patch for the router.

D.

Apply a standard ACL on the router.

Buy Now
Questions 23

You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer.

While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command.

What is the cause of the issue?

Options:

A.

Core Networking Firewall rules do not allow IPv4 or IPv6.

B.

Windows Firewall blocks the command line tools.

C.

Windows Firewall rules do not allow Core Networking Tools.

D.

Core Networking Firewall rules do not allow ICMPv4 or ICMPv6 Echo Requests.

Buy Now
Questions 24

The stateful firewalls combine the significant flows into conversations.

Which of the following properties is used to classify a flow?

Each correct answer represents a part of the solution. (Choose all that apply.)

Options:

A.

Destination port

B.

Source port

C.

Source address

D.

Protocol

E.

Destination address

Buy Now
Questions 25

You work as a Network Administrator for ABC Inc. The office network is configured as an IPv6 network. You have to configure a computer with the IPv6 address, which is equivalent to an IPv4 publicly routable address.

Which of the following types of addresses will you choose?

Options:

A.

Local-link

B.

Site-local

C.

Global unicast

D.

Loopback

Buy Now
Questions 26

Rick works as the Security Manager for ABC Inc. He wants to continue the evaluation of rules according to the ordered list to identify matches even if a match is found.

Which of the following rulebases will he use to accomplish the task?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Backdoor rulebase

B.

Nonterminal rulebase

C.

Terminal rulebase

D.

IDP rulebase

Buy Now
Questions 27

Which of the following statements are true about an IPv6 network?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

For interoperability, IPv4 addresses use the last 32 bits of IPv6 addresses.

B.

It provides improved authentication and security.

C.

It uses 128-bit addresses.

D.

It increases the number of available IP addresses.

E.

It uses longer subnet masks than those used in IPv4.

Buy Now
Questions 28

Which of the following commands can change the IOS to be loaded in a router?

Options:

A.

reload system

B.

reboot system

C.

boot system

D.

load system

Buy Now
Questions 29

Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

Options:

A.

Port scanning

B.

ARP spoofing

C.

Session hijacking

D.

Man-in-the-middle

Buy Now
Questions 30

John works as a Network Administrator for Web Perfect Inc. The company has a wireless LAN network. John has configured shared key authentication on a client. The client and the AP start exchanging the frames to enable authentication.

Which of the following vulnerabilities may occur while the client and the AP exchange the challenge text over the wireless link?

Options:

A.

Land attack

B.

DoS attack

C.

Vulnerability attack

D.

Man-in-the-middle attack

Buy Now
Questions 31

You work as a Network Administrator for ABC Inc. The company has a TCP/IP-based routed network. Two routers have been configured on the network. A router receives a packet.

Which of the following actions will the router take to route the incoming packet?

Each correct answer represents a part of the solution. (Choose two.)

Options:

A.

Read the source IP address.

B.

Add the path covered by the packet to the routing table.

C.

Use the routing table to determine the best path to the destination network address.

D.

Read the destination IP address.

E.

Use the routing table to determine the best path to the source network address.

Buy Now
Questions 32

Which of the following features does the Nmap utility have?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

It uses operating system fingerprinting technology to identify the operating system running on a target system.

B.

It identifies services running on systems in a specified range of IP addresses using scanning and sweeping feature.

C.

It has a stealth approach to scanning and sweeping.

D.

It is a location where an organization can easily view the event of a disaster, such as fire, flood, terrorist threat, or other disruptive events.

Buy Now
Questions 33

You work as a Network Administrator for ABC Inc. The company has a TCP/IP-based network. A Cisco switch is configured on the network. You change the original host name of the switch through the hostname command. The prompt displays the changed host name. After some time, power of the switch went off due to some reason. When power restored, you find that the prompt is displaying the old host name.

What is the most likely cause?

Options:

A.

The running-config file got corrupted.

B.

The changes were saved in running-config file.

C.

The startup-config file got corrupted.

D.

Host name cannot be changed permanently once switch is configured.

Buy Now
Questions 34

Which of the following applications cannot proactively detect anomalies related to a computer?

Options:

A.

NIDS

B.

HIDS

C.

Anti-virus scanner

D.

Firewall installed on the computer

Buy Now
Questions 35

You have to ensure that your Cisco Router is only accessible via telnet and ssh from the following hosts and subnets:

10.10.2.103

10.10.0.0/24

Which of the following sets of commands will you use to accomplish the task?

Options:

A.

access-list 10 permit 10.10.2.103 access-list 10 permit 10.10.0.0 0.0.0.255 access-list 10 deny any line vty 0 4 access-group 10 in

B.

access-list 10 permit host 10.10.2.103 access-list 10 permit 10.10.0.0 0.0.0.255 access-list 10 deny any line vty 0 4 access-class 10 out

C.

access-list 10 permit host 10.10.2.103 access-list 10 permit 10.10.0.0 0.0.0.255 access-list 10 deny any line vty 0 4 access-class 10 in

D.

access-list 10 permit host 10.10.2.103 access-list 11 permit host 10.10.0.0 255.255.255.0 access-list 12 deny any line vty 0 4 access-group 10, 11, 12 in

Buy Now
Questions 36

Which of the following responsibilities does not come under the audit process?

Each correct answer represents a complete solution. (Choose all that apply.)

Options:

A.

Reviewing the results of the audit procedures.

B.

Reporting all facts and circumstances of the irregular and illegal acts.

C.

Planning the IT audit engagement based on the assessed level of risk.

D.

Applying security policies.

Buy Now
Questions 37

Which of the following protocols is used by TFTP as a file transfer protocol?

Options:

A.

SMTP

B.

UDP

C.

TCP

D.

SNMP

Buy Now
Questions 38

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports.

Which of the following tools works as a firewall for the Linux 2.4 kernel?

Options:

A.

OpenSSH

B.

IPChains

C.

Stunnel

D.

IPTables

Buy Now
Questions 39

Which of the following group management messages is used by routers to handle the IPv6 multicast routing?

Options:

A.

OSPF

B.

ARP

C.

ICMPv6

D.

IGMP

Buy Now
Questions 40

Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?

Options:

A.

Host Intrusion Detection System (HIDS)

B.

Network Intrusion Detection System (NIDS)

C.

Man trap

D.

Biometric device

Buy Now
Questions 41

You have just taken over as the Network Administrator for a medium sized company. You want to check to see what services are exposed to the outside world.

What tool would you use to accomplish this?

Options:

A.

Packet sniffer

B.

Network mapper

C.

Protocol analyzer

D.

A port scanner

Buy Now
Questions 42

Which of the following would allow you to automatically close connections or restart a server or service when a DoS attack is detected?

Options:

A.

Signature-based IDS

B.

Passive IDS

C.

Network-based IDS

D.

Active IDS

Buy Now
Exam Code: GPPA
Exam Name: GIAC Certified Perimeter Protection Analyst
Last Update: Dec 27, 2024
Questions: 285
GPPA pdf

GPPA PDF

$25.5  $84.99
GPPA Engine

GPPA Testing Engine

$30  $99.99
GPPA PDF + Engine

GPPA PDF + Testing Engine

$40.5  $134.99