Free Practice Questions for GIAC GSNA Exam

According to the scenario, John will use Kismet. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks: To identify networks by passively collecting packets To detect standard named networks To detect masked networks

To collect the presence of non-beaconing networks via data traffic Answer: D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. It detects wireless networks and marks their relative position with a GPS. Answer: A is incorrect. WEPCrack is an open source tool that breaks IEEE 802.11 WEP secret keys. Answer: C is incorrect. Snadboy's Revelation is not a sniffer. It is used to see the actual password behind the asterisks.

The basic Unix printing commands are as follows: banner: It is used to print a large banner on a printer. lpr: It is used to submit a job to the printer. lpc: It enables one to check the status of the printer and set its state. lpq: It shows the contents of a spool directory for a given printer. lprm: It is used to remove a job from the printer queue. gs: It works as a PostScript interpreter. pr: It is used to print a file. tunelp: It is used to set various parameters for the lp device.

According to the scenario, John will use the netstat -an command to accomplish the task. The netstat -an command is used to get the information of all network connections and listening ports in the numerical form. The netstat command displays protocol-related statistics and the state of current TCP/IP connections. It is used to get information about the open connections on a computer, incoming and outgoing data, as well as the ports of remote computers to which the computer is connected. The netstat command gets all this networking information by reading the kernel routing tables in the memory. Answer: A is incorrect. The netstat -e command displays the Ethernet information. Answer: B is incorrect. The netstat -r command displays the routing table information. Answer: C is incorrect. The netstat -s command displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP.

Software Explorer is used to remove, enable, or disable a program running on a computer. Answer: A is incorrect. Allowed items contains a list of all the programs that a user has chosen not to monitor with Windows Defender. Answer: C is incorrect. Options is used to choose how Windows Defender should monitor all the programs running on a computer. Answer: B is incorrect. Quarantined items is used to remove or restore a program blocked by Windows Defender.

The Security Auditor's Research Assistant (SARA) is a third generation network security analysis tool. It has the following functions: It operates under Unix, Linux, MAC OS/X, or Windows (through coLinux) OS. It integrates the National Vulnerability Database (NVD). It can be used to perform SQL injection tests. It can be used to perform exhaustive XSS tests. It can be adapted to multiple firewalled environments. It supports remote self scan and API facilities. It is used for CIS benchmark initiatives. It also supports plug-in facility for third party apps. It supports CVE standards. It works as an enterprise search module. It works in both standalone or demo mode. Answer: C is incorrect. SARA can be used to perform SQL injection tests. Answer: B is incorrect. SARA can be used to perform exhaustive XSS tests.

C:\Documents and Settings\user-nwz\Desktop\1.JPG

Enum is a console-based Win32 information enumeration utility. It uses null sessions to retrieve user lists, machine lists, share lists, name lists, group and member lists, passwords, and LSA policy information. It is also capable of performing brute force and dictionary attacks on individual accounts. Since the Enum tool works on the NetBIOS NULL sessions, disabling the NetBIOS port can be a good countermeasure against the Enum tool.

A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data. A hot site can be used within an hour for data recovery. The capacity of the hot site may or may not match the capacity of the original site depending on the organization's requirements. This type of backup site is the most expensive to operate. Hot sites are popular with organizations that operate real time processes such as financial institutions, government agencies, and ecommerce providers. the original site. A cold site is the most inexpensive type of backup site for an organization to operate since it does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. A warm site is, quite logically, a compromise between hot and cold in terms of resources and cost.

The basic features of Unix are as follows: Multi-user: It supports more than one user to access the system simultaneously through a set of terminals attached to a system. Multi-tasking: A user can execute multiple programs at the same time from a single terminal. Time sharing: The operating system shares CPU time among tasks. Portability: It is highly portable across hardware. Modularity: It allows only needed modules to be loaded into the memory. File structure: It has an inverted tree like file structure, with files and directories created within the file structure. Security: All files can be individually protected using read, write, and execute permissions for the user, group, and others. Network support: It uses the TCP/IP protocol. Advanced graphics: CAD-CAM applications perform the best in a Unix System with its varied support for graphics card.

Following types of servers are dedicated to provide resources to other hosts on the network: Mail servers Print servers Web servers Default gateway does not provide resources to hosts on the network. Monitoring server is not a type of server.

The date command with the %M specifier prints the current time (Minutes). Since the output is redirected towards the date.txt file, the current time (Minutes) will be printed in the date.txt file.