Free Preparation Discussions
MENU
GIAC GSNA Exam Questions
- Topic 1: Demonstrate the ability to audit Windows systems using common techniques/ Auditing Concepts & Methodology
- Topic 2: Knowledge of basic auditing terms and concepts/ Demonstrate the ability to audit web applications
- Topic 3: Scripting commands to determine process information, access controls, and system configurations/ Risk assessment are used to identify and specify controls
- Topic 4: Configuration, authentication, session management, data security at rest and in transit, and vulnerabilities to common attacks/ Auditing Windows Systems
- Topic 5: Demonstrate familiarity with the audit process, baselines, time based security concepts/ Auditing Networking Devices & Services
- Topic 6: Demonstrate the ability to audit common network devices and services/ Demonstrate the ability to audit Unix systems using common techniques
Free GIAC GSNA Exam Actual Questions
Note: Premium Questions for GSNA were last updated On Apr. 04, 2025 (see below)
You work as a Network Administrator for Techpearl Inc. You are configuring the rules for the firewall of the company. You need to allow internal users to access secure external websites. Which of the following firewall rules will you use to accomplish the task?
The TCP 172.16.1.0/24 any any 443 HTTPs permit rule is used to allow internal users to access secure external websites.
Answer A is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP permit rule is used to allow internal users to access external
websites (secure & unsecure both).
Answer C is incorrect. The TCP 172.16.1.0/24 any any 80 HTTP deny rule is used to deny internal users to access external websites.
Answer B is incorrect. The TCP 172.16.1.0/24 any any 25 SMTP permit rule is used to allow internal mail servers to deliver mails to
external mail servers.
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.
Following are the limitations of cross site request forgeries to be successful:
Following are the limitations of cross site request forgeries to be successful:
1.The attacker must target either a site that doesn't check the Referer header (which is common) or a victim with a browser or plugin bug
that allows Referer spoofing (which is rare).
2.The attacker must find a form submission at the target site that does something useful to the attacker (e.g., transfers money, or
changes the victim's e-mail address or password).
3.The attacker must determine the right values for all the form inputs: if any of them are required to be secret authentication values or
IDs that the attacker can't guess, the attack will fail.
4.The attacker must lure the victim to a Web page with malicious code while the victim is logged in to the target site.
Since, the attacker can't see what the target Web site sends back to the victim in response to the forged requests, unless he exploits a cross-
site scripting or other bug at the target Web site. Similarly, the attacker can only 'click' any links or submit any forms that come up after the
initial forged request, if the subsequent links or forms are similarly predictable. (Multiple 'clicks' can be simulated by including multiple images
on a page, or by using JavaScript to introduce a delay between clicks).
Answer C and D are incorrect. These two options are the preventions from cross site request forgeries. Web sites can be prevented
from cross site request forgeries (CSRF) by applying the following countermeasures available:
Requiring authentication in GET and POST parameters, not only cookies.
Checking the HTTP Referer header.
Ensuring there's no crossdomain.xml file granting unintended access to Flash movies.
Limiting the lifetime of authentication cookies.
Requiring a secret, user-specific token in all form submissions prevents CSRF; the attacker's site can't put the right token in its submissions.
Individual Web users can do relatively little to prevent cross-site request forgery. Logging out of sites and avoiding their 'remember me'
features can mitigate CSRF risk; not displaying external images or not clicking links in 'spam' or unreliable e-mails may also help.
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He begins to perform a pre-attack test before conducting an attack on the We-are-secure server. Which of the following will John perform in the pre-attack phase?
Each correct answer represents a complete solution. Choose all that apply.
In the pre-attack phase, there are seven steps, which have been defined by the EC-Council, as follows:
1.Information gathering
2.Determining network range
3.Identifying active machines
4.Finding open ports and applications
5.OS fingerprinting
6.Fingerprinting services
7.Mapping the network
Answer C is incorrect. In the enumeration phase, the attacker gathers information such as the network
user and group names, routing
tables, and Simple Network Management Protocol (SNMP) data. The techniques used in this phase are as follows:
1.Obtaining Active Directory information and identifying vulnerable user accounts
2.Discovering NetBIOS names
3.Employing Windows DNS queries
4.Establishing NULL sessions and queries
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has a data.txt file in which each column is separated by the TAB character. Now, he wants to use this file as input for a data mining software he has created. The problem preventing him from accomplishing his task is that with his data mining software, he has used TAB as a delimiter to distinguish between columns. Hence, he is unable to use this file as input for the software. However, if he somehow replaces the TAB characters of the file with SPACE characters, he can use this file as an input file for his data mining software. Which of the following commands will John use to replace the TAB characters of the file with SPACE characters?
According to the scenario, John can replace the TAB characters with single space characters with the expand command. With the expand -t 1
data.txt > data.txt command, the TABs of data.txt are changed into single spaces and are redirected by using the > command into the
data.txt file. Now, John can use the data.txt file as the input file for his data mining software.
You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You want to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage. Which of the following steps will you take?
In order to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage, you
should secure the boot configuration of the router using the secure boot-config command.
Answer D is incorrect. You can enable the image resilience, if you want to secure the Cisco IOS image.
Answer C is incorrect. By verifying the security of bootset, you can examine whether or not the Cisco IOS Resilient Configuration is
enabled and the files in the bootset are secured.
Answer B is incorrect. By restoring an archived primary bootset, you can restore a primary bootset from a secure archive after an
NVRAM has been erased or a disk has been formatted.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Nakita
13 days agoShayne
28 days agoTran
1 months agoEarnestine
1 months agoSon
2 months agoTien
2 months agoBettina
2 months agoPearlie
3 months agoAlpha
3 months agoShaquana
3 months agoBilly
3 months agoChun
4 months agoKaran
4 months agoLuann
4 months agoIra
4 months agoFlorinda
4 months agoShalon
5 months agoGeorgiana
5 months agoShizue
5 months agoYun
5 months agoWilletta
6 months agoShaun
6 months agoRoselle
6 months agoTyra
6 months agoJanessa
7 months agoAlonso
7 months agoWilliam
7 months agoDeonna
8 months agoSalena
9 months agoElvera
9 months agoMaryann
10 months ago