Practice Test: GIAC G2700

GIAC G2700
GIAC Certified ISO-2700 Specialist Practice Test
Practice Test
Version: 4.0
GIAC G2700: Practice Exam QUESTION NO: 1 Mark works as a Network Security Administrator for uCertify Inc. An employee of the organization comes to Mark and tells him that a few months ago, the employee had filled an online bank form due to some account related work. Today, when again visiting the site, the employee finds that some of his personal information is still being displayed in the webpage. Which of the following types of cookies should be disabled by Mark to resolve the issue? A. Session B. Temporary C. Secure D. Persistent Answer: D Explanation:
QUESTION NO: 2 You work as an Information Security Manager for uCertify Inc. You are working on the documentation of control A.10.1.1. What is the purpose of control A.10.1.1? A. It is concerned with the documentation of the human resource security to make recruitments clear to the organization. B. It is concerned with the documentation of the supply chain management. C. It is concerned with the documentation of operating procedures to ensure the correct and secure use of information processing facilities. D. It is concerned with the documentation of the disaster recovery management to ensure proper backup technologies. Answer: C Explanation:
QUESTION NO: 3 Mark works as a Network Security Administrator for uCertify Inc. He has been assigned the task of installing a MySQL server. Mark wants to monitor only the data that is directed to or originating from the server and he also wants to monitor running processes, file system access and integrity, and user logins for identifying malicious activities. Which of the following intrusion detection techniques will Mark use to accomplish the task? A. Network-based IDS "Pass Any Exam. Any Time." - www.actualtests.com 2
GIAC G2700: Practice Exam B. Signature-based IDS C. Anomaly-based IDS D. Host-based IDS Answer: D Explanation:
QUESTION NO: 4 Which of the following are the exceptions of the Data Protection Act? Each correct answer represents a complete solution. Choose all that apply. A. Section 36 - Domestic purposes B. Section 28 - National security C. Section 55 - Unlawful obtaining of personal data D. Section 29 - Crime and taxation Answer: A,B,D Explanation:
QUESTION NO: 5 Which of the following statements are true about security risks? Each correct answer represents a complete solution. Choose three. A. These are considered as an indicator of threats coupled with vulnerability. B. These can be removed completely by taking proper actions. C. These can be mitigated by reviewing and taking responsible actions based on possible risks. D. These can be analyzed and measured by the risk analysis process. Answer: A,C,D Explanation:
QUESTION NO: 6 A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following are the parts of a project plan? "Pass Any Exam. Any Time." - www.actualtests.com 3
GIAC G2700: Practice Exam Each correct answer represents a complete solution. Choose all that apply. A. Risk identification B. Security Threat C. Project schedule D. Team members list E. Risk analysis Answer: A,C,D,E Explanation:
QUESTION NO: 7 Which of the following are the basics of Business Continuity Management? Each correct answer represents a complete solution. Choose all that apply. A. Implementation of a risk assessment technique to identify the causes and consequences of failures B. Regular checking of business continuity plans C. Identification of authentication techniques according to the requirements D. Identification of human resources according to the requirements Answer: A,B,D Explanation:
QUESTION NO: 8 Which of the following controls are administrative in nature? A. Directive controls B. Recovery controls C. Preventive controls D. Detective controls Answer: A Explanation:
"Pass Any Exam. Any Time." - www.actualtests.com
GIAC G2700: Practice Exam QUESTION NO: 9 CORRECT TEXT Fill in the blank with an appropriate phrase. _________accord describes the minimum regulatory capital to be allocated by each bank based on its risk profile of assets.
Answer: Basel ll
QUESTION NO: 10 You work as an Information Security Officer for uCertify Inc. You need to create an asset management plan differentiating fixed assets from inventory items. How will you differentiate assets from inventory items? A. Inventory items are sold. B. Assets are temporary usually. C. Inventory items are permanent. D. Assets cannot be used. Answer: A Explanation:
QUESTION NO: 11 Which of the following is a Restrict Anonymous registry value that allows users with explicit anonymous permissions? A. 2 B. 3 C. 1 D. 0 Answer: A Explanation:
QUESTION NO: 12 Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that "Pass Any Exam. Any Time." - www.actualtests.com 5
GIAC G2700: Practice Exam some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using? Each correct answer represents a part of the solution. Choose all that apply. A. Linguistic steganography B. Text Semagrams C. Technical steganography D. Perceptual masking Answer: A,B Explanation:
QUESTION NO: 13 CORRECT TEXT Fill in the blank with the appropriate term. ________ is a powerful and low-interaction open source honeypot.
Answer: Honeyd
QUESTION NO: 14 The disciplined and structured process, that integrates information security and risk management activities into the System Development Life Cycle, is provided by the risk management framework. Choose the appropriate RMF steps.
GIAC G2700: Practice Exam A. Answer: A Explanation:
QUESTION NO: 15 Mark works as an Office Assistant for uCertify Inc. He is responsible for managing office documents. Today, after opening a word document, Mark noticed that the other opened documents are closed suddenly. After reopening those documents, Mark found some modifications in the documents. He contacted his Security Administrator and came to know that there is a virus program installed in the operating system. Which of the following types of virus has attacked the operating system? A. Data file B. Macro C. Polymorphic D. Boot sector Answer: A Explanation:
QUESTION NO: 16 Which of the following should be considered while calculating the costs of the outage? Each correct answer represents a complete solution. Choose all that apply. A. Sales aspect of the business B. Cost of low productivity C. Innovations in electronic funds transfer D. Cost of lost income from missed sales Answer: B,D Explanation:
QUESTION NO: 17 Which of the following phases of the PDCA model is the monitoring and controlling phase of the "Pass Any Exam. Any Time." - www.actualtests.com 7
GIAC G2700: Practice Exam Information Security Management System (ISMS)? A. Check B. Plan C. Do D. Act Answer: A Explanation:
QUESTION NO: 18 Mark works as a System Administrator for uCertify Inc. He is responsible for securing the network of the organization. He is configuring some of the advanced features of the Windows firewall so that he can block the client machine from responding to pings. Which of the following advanced setting types should Mark change for accomplishing the task? A. ICMP B. SNMP C. UDP D. SMTP Answer: A Explanation:
QUESTION NO: 19 Which of the following administrative policy controls is usually associated with government classifications of materials and the clearances of individuals to access those materials? A. Separation of Duties B. Due Care C. Acceptable Use D. Need to Know Answer: D Explanation:
GIAC G2700: Practice Exam QUESTION NO: 20 Which of the following is a fast-emerging global sector that advises individuals and corporations on how to apply the highest ethical standards to every aspect of their business? A. Service Capacity Management (SCM) B. Business Capacity Management (BCM) C. Resource Capacity Management (RCM) D. Integrity Management Consulting Answer: D Explanation:
QUESTION NO: 21 You work as an Information Security Manager for uCertify Inc. You are working on communication and organization management. You need to create the documentation on change management. Which of the following are the main objectives of change management? Each correct answer represents a complete solution. Choose all that apply. A. Minimal disruption of services B. Reduction of inventory in accordance with revenue C. Economic utilization of resources involved in the change D. Reduction in back-out activities Answer: A,C,D Explanation:
QUESTION NO: 22 Which of the following is used for secure financial transactions over the Internet? A. ATM B. VPN C. SSL D. SET Answer: D Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 9
GIAC G2700: Practice Exam
QUESTION NO: 23 You work as a Security Administrator for uCertify Inc. You have been assigned the task to verify the identity of the employees recruited in your organization. Which of the following components of security deals with an employee's verification in the organization? A. Network Security B. Physical security C. Access security D. Human resource security Answer: D Explanation:
QUESTION NO: 24 You work as the Human Resource Manager for uCertify Inc. You need to recruit some candidates for the marketing department of the organization. Which of the following should be defined to the new employees of the organization before they have joined? Each correct answer represents a complete solution. Choose all that apply. A. Marketing tips and tricks B. Organization's network topology C. Job roles D. Organization's security policy Answer: C,D Explanation:
QUESTION NO: 25 You work as an Information Security Manager for uCertify Inc. You need to make the documentation on change management. What are the advantages of change management? Each correct answer represents a complete solution. Choose all that apply. A. Improved productivity of users due to more stable and better IT services "Pass Any Exam. Any Time." - www.actualtests.com 10
GIAC G2700: Practice Exam B. Improved IT personnel productivity, since there is a reduced number of urgent changes and a back-out of erroneous changes C. Improved adverse impact of changes on the quality of IT services D. Increased ability to absorb frequent changes without making an unstable IT environment Answer: A,B,D Explanation:
QUESTION NO: 26 You work as a Network Administrator for uCertify Inc. The organization has constructed a cafeteria for their employees and you are responsible to select the access control method for the cafeteria. There are a few conditions for giving access to the employees, which are as follows: 1. Top level management can get access any time. 2. Staff members can get access during the specified hours. 3. Guests can get access only in working hours. Which of the following access control methods is suitable to accomplish the task? A. Discretionary access control B. Lattice-based access control C. Attribute-based access control D. Rule-based access control Answer: D Explanation:
QUESTION NO: 27 Which of the following are the uses of cryptography as defined in a policy document? Each correct answer represents a complete solution. Choose all that apply. A. Backup B. Control of keys C. Applications supporting cryptography "Pass Any Exam. Any Time." - www.actualtests.com 11
GIAC G2700: Practice Exam D. Recovery Answer: A,B,C Explanation:
QUESTION NO: 28 Which of the following is the designing phase of the ISMS? A. Check B. Plan C. Act D. Do Answer: B Explanation:
QUESTION NO: 29 Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)? A. SLE = Asset Value (AV) * Exposure Factor (EF) B. SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF) C. SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO) D. SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO) Answer: A Explanation:
QUESTION NO: 30 Qualitative risk analysis includes judgment, intuition, and experience. Which of the following methods are used to perform qualitative risk analysis? Each correct answer represents a complete solution. Choose all that apply. A. Egress filtering
12
GIAC G2700: Practice Exam B. Checklists C. Delphi technique D. Brainstorming Answer: B,C,D Explanation:
QUESTION NO: 31 Which of the following information security standards deals with the protection of the computer facilities? A. Physical and environmental security B. Compliance C. Organization of information security D. Risk assessment and treatment Answer: A Explanation:
QUESTION NO: 32 Which of the following is a technical measure? A. Encryption of data B. Creation of a policy that defines what is and what is not permitted in the e-mail C. Allocation of information to an owner D. Storage of system management passwords Answer: A Explanation:
QUESTION NO: 33 Which of the following types of social engineering attacks is a term that refers to going through someone's trash to find out useful or confidential information? A. Authorization by third party "Pass Any Exam. Any Time." - www.actualtests.com 13
GIAC G2700: Practice Exam B. Dumpster diving C. Shoulder surfing D. Important user posing Answer: B Explanation:
QUESTION NO: 34 Which of the following are the things included by sensitive system isolation? Each correct answer represents a complete solution. Choose all that apply. A. Construction of appropriately isolated environments where technically and operationally feasible B. Inclusion of all documents technically stored in a virtual directory C. Explicit identification and acceptance of risks when shared facilities and/or resources must be used D. Explicit identification and documentation of sensitivity by each system/application controller (owner) Answer: A,C,D Explanation:
QUESTION NO: 35 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner? Each correct answer represents a complete solution. Choose all that apply. A. The owner has property rights to the asset. B. The owner is allowed to delegate responsibility for maintaining the asset. C. The owner should have a document describing the security controls for the asset. D. The owner is allowed to delegate accountability of the asset. Answer: B,C Explanation:
14
GIAC G2700: Practice Exam QUESTION NO: 36 You work as a Security Administrator for uCertify Inc. You need to make a documentation to provide ongoing education and awareness training of disciplinary actions of your company. What are the primary reasons to create this documentation? Each correct answer represents a complete solution. Choose all that apply. A. To ensure that employees understand information security threats B. To ensure that employees have the necessary knowledge to mitigate security threats C. To ensure that employees are aware of and understand their roles and responsibilities D. To ensure that employees have the necessary knowledge about the company's forthcoming Projects Answer: A,B,C Explanation:
QUESTION NO: 37 The stronger points of CRAMM assist prioritization by providing a countermeasure with high priority if some conditions are met. Which of the following are these conditions? Each correct answer represents a complete solution. Choose all that apply. A. It requires protecting a high risk system. B. It does not require the installation of alternative countermeasures. C. It is inexpensive to implement. D. It provides protection against several threats. Answer: A,B,D Explanation:
QUESTION NO: 38 Which of the following tasks are performed by Information Security Management? Each correct answer represents a complete solution. Choose all that apply. A. It is designed to protect information and any equipment that is used in connection with its storage, transmission, and processing. B. It is designed to develop information and any equipment that is used in connection with its
15
GIAC G2700: Practice Exam storage, transmission, and processing. C. It is designed to recognize information and any equipment that is used in connection with its storage, transmission, and processing. D. It is designed to control information and any equipment that is used in connection with its storage, transmission, and processing. Answer: A,C,D Explanation:
QUESTION NO: 39 Which of the following standards was made in 1995 by the joint initiative of the Department of Trade and Industry in the United Kingdom and leading UK private-sector businesses? A. BS7799 B. ISO 27001 C. BS2700 D. ISMS Answer: A Explanation:
QUESTION NO: 40 Which of the following are the variables on which the structure of Service Level Agreement depends? Each correct answer represents a complete solution. Choose all that apply. A. It depends on the cultural aspects. B. It depends on the infrastructure aspects of the organization. C. It depends on the nature of the business activities, in terms of general terms and conditions, and business hours. D. It depends on the physical aspects of the organization. Answer: A,C,D Explanation:
16
GIAC G2700: Practice Exam QUESTION NO: 41 Which of the following is one of the mechanisms available for administrators to employ for replicating the databases containing the DNS data across a set of DNS servers? A. DNS zone transfer B. DNS cache poisoning C. DNS spoofing D. ARP spoofing Answer: A Explanation:
QUESTION NO: 42 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following are information assets? Each correct answer represents a complete solution. Choose all that apply. A. User manuals B. Operating systems C. Training metarials D. Personal data Answer: A,C,D Explanation:
QUESTION NO: 43 CORRECT TEXT Fill in the blank with the appropriate term. ___________is the built-in file encryption tool for Windows file systems. It protects encrypted files from those who have physical possession of the computer where the encrypted files are stored.
Answer: EFS
QUESTION NO: 44 "Pass Any Exam. Any Time." - www.actualtests.com 17
GIAC G2700: Practice Exam Which of the following are the major tasks of risk management? Each correct answer represents a complete solution. Choose two. A. Assuring the integrity of organizational data B. Building Risk free systems C. Risk identification D. Risk control Answer: C,D Explanation:
QUESTION NO: 45 You work as an Information Security Manager for uCertify Inc. You have been assigned the task to create the documentation on control A.7.2 of the ISO standard. Which of the following is the chief concern of control A.7.2? A. Classification of owners B. Usage of information C. Identification of inventory D. Classification of information Answer: D Explanation:
QUESTION NO: 46 Andrew is the CEO of uCertify Inc. He wants to improve the resources and revenue of the company. He uses the PDCA methodology to accomplish the task. Which of the following are the phases of the PDCA methodology? Each correct answer represents a complete solution. Choose all that apply. A. Deviate B. Plan C. Calculate D. Act Answer: B,D Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 18
QUESTION NO: 47 Which of the following international information security standards is concerned with anticipating and responding to information security breaches? A. Organization of information security B. Information security incident management C. Physical and environmental security D. Risk assessment and treatment Answer: B Explanation:
QUESTION NO: 48 You work as the Network Security Administrator for uCertify Inc. You are responsible for protecting your network from unauthorized access from both inside and outside the organization. For outside attacks, you have installed a number of security tools that protect your network. For internal security, employees are using passwords more than 8 characters; however, a few of them having the same designation often exchange their passwords, making it possible for others to access their accounts. There is already a policy to stop this practice, but still employees are doing so. Now, you want to stop this and ensure that this never happens again. Which of the following will be the best step to stop this practice? A. Create a policy that forces users to create a password combined with special characters. B. Create a new policy that forces users to change their passwords once every 15 days. C. Create a policy to enter their employee code while logged in to the system. D. Create a policy to enter their personal email id while logged in to the system. Answer: B Explanation:
QUESTION NO: 49 You work as a Project Manager for uCertify Inc. You are working on an asset management plan.
19
GIAC G2700: Practice Exam You need to make the documentation on every single process related to asset management. Which of the following is an example of asset management? A. Making DR plan B. Tracking references C. Checking topology D. Tracking inventory Answer: D Explanation:
QUESTION NO: 50 In which of the following does CRAMM provide assistance? Each correct answer represents a complete solution. Choose all that apply. A. Audits B. Contingency planning C. US7799 certification D. BS7799 certification Answer: A,B,D Explanation:
QUESTION NO: 51 You work as an Information Security Manager for uCertify Inc. You are working on a project related to communications and operations management. Which of the following controls of the ISO standard is concerned with operational procedures and responsibilities? A. Control A.10.1 B. Control A.7.1 C. Control A.8.1 D. Control A.9.2 Answer: A Explanation:
20
GIAC G2700: Practice Exam QUESTION NO: 52 You work as an Information Security Manager for uCertify Inc. The company has made a contract with a third party software company to make a software program for personal use. You have been assigned the task to share the organization's personal requirements regarding the tool to the third party. Which of the following documents should be first signed by the third party? A. Non disclosure agreement (NDA) B. Acknowledgement papers C. Copyright papers D. Legal disclaimer Answer: A Explanation:
QUESTION NO: 53 Which of the following is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients? A. BGP B. SMTP C. CHAP D. DHCP Answer: C Explanation:
QUESTION NO: 54 Which of the following persons is responsible for testing and verifying whether the security policy is properly implemented, and the derived security solutions are adequate or not? A. Data owner B. Data custodian C. Auditor D. User Answer: C Explanation:
21
QUESTION NO: 55 Mark works as a Security Administrator for uCertify Inc. For the last few days, he is getting an error message, i.e., 'Remove the Boot.ini file because it is harmful for operating system'. When Mark reads about the Boot.ini file, he finds that it is a system file that is used to load the operating system on a computer. Which of the following types of virus has attacked Mark's computer? A. Polymorphic B. Hoax C. Macro D. Multipartite Answer: B Explanation:
QUESTION NO: 56 Which of the following Acts enacted in the United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers? A. Wiretap Act B. Electronic Communications Privacy Act of 1986 C. Economic Espionage Act of 1996 D. Computer Fraud and Abuse Act Answer: B Explanation:
QUESTION NO: 57 Which of the following operations are performed by the Identity Management Process? Each correct answer represents a complete solution. Choose all that apply. A. Providing Single Sign-On access B. Making possible automated application provision
22
GIAC G2700: Practice Exam C. Provisioning and coordinating user identities D. Ensuring secure deployment of applications Answer: A,B,C,D Explanation:
QUESTION NO: 58 Cigital Risk Management Method was developed by Gary McGraw of Cigital and John Viega of Stonewall Software, and it defines software security risk management process. Choose and reorder the risk management steps that are included in this method.
A. Answer: A Explanation:
QUESTION NO: 59 Which of the following are the two methods that are commonly used for applying mandatory access control? Each correct answer represents a complete solution. Choose all that apply. A. Lattice-based access control B. Attribute-based access control C. Rule-based access control D. Discretionary access control Answer: A,C Explanation:
23
QUESTION NO: 60 You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance. A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement? A. RAID-1 B. RAID-5 C. RAID-4 D. RAID-3 E. RAID-0 Answer: E Explanation:
QUESTION NO: 61 Victor wants to send an encrypted message to his friend. He is using a steganography technique to accomplish his task. He takes a cover object and changes it accordingly to hide information. This secret information is recovered only when the algorithm compares the changed cover with the original cover. Which of the following steganography methods is Victor using to accomplish his task? A. The distortion technique B. The substitution technique C. The cover generation technique D. The spread spectrum technique Answer: A Explanation:
QUESTION NO: 62 Which of the following is also known as the 'Code for Information Security'? "Pass Any Exam. Any Time." - www.actualtests.com 24
GIAC G2700: Practice Exam A. ISO/IEC 20002 standard B. ISO/IEC 27001:2005 standard C. ISO/IEC 27002:2005 standard D. ISO/IEC 20000 standard Answer: C Explanation:
QUESTION NO: 63 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You have been assigned the task to secure information labeling and handling within the organization. Which of the following controls of the ISO standard is concerned with information labeling and handling? A. Control A.7.1.3 B. Control A.7.1.2 C. Control A.7.2.2 D. Control A.7.1.1 Answer: C Explanation:
QUESTION NO: 64 Which of the following plans provides measures and capabilities for recovering a major application or general support system? A. Disaster recovery plan B. Crisis communication plan C. Contingency plan D. Business continuity plan Answer: C Explanation:
QUESTION NO: 65 Which of the following documents is developed along the risk management processes to monitor "Pass Any Exam. Any Time." - www.actualtests.com 25
GIAC G2700: Practice Exam and control risks? A. Fault tree B. Risk mitigation C. Decision tree D. Risk register Answer: D Explanation:
QUESTION NO: 66 Choose and reorder the appropriate steps that you will take to perform auditing.
QUESTION NO: 67 You work as a Security Administrator for uCertify Inc. You have been assigned a task to implement information classification levels. You want to put the highly sensitive documents that should only be accessed by few people of the organization. In which of the following information classification levels should you put those documents? A. Department specific B. High security levels C. Not to be copied D. Classified
26
GIAC G2700: Practice Exam Answer: B Explanation:
QUESTION NO: 68 Which of the following are the factors that determine the degree to which the Return on Investment overstates the economic value? Each correct answer represents a complete solution. Choose all that apply. A. Capitalization policy B. Growth rate of new investment C. Growth rate of old investment D. Length of project life Answer: A,B,D Explanation:
QUESTION NO: 69 Which of the following is expressly set up to attract and trap people who attempt to penetrate other people's computer systems? A. Honeypot B. Internet bot C. Crawler D. Spider Answer: A Explanation:
QUESTION NO: 70 Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system? A. Mail bombing B. Cross site scripting attack "Pass Any Exam. Any Time." - www.actualtests.com 27
GIAC G2700: Practice Exam C. Social engineering attack D. Password guessing attack Answer: C Explanation:
QUESTION NO: 71 Which of the following are the sub-elements of environmental security? Each correct answer represents a complete solution. Choose all that apply. A. To prevent or respond to environmentally caused conflicts B. To protect and assist environment from a material's potential C. To prevent or repair military damage to the environment D. To protect the environment due to its inherent moral value Answer: A,C,D Explanation:
QUESTION NO: 72 Which of the following is the element used in the technology of encrypting and decrypting the text in cryptography? A. Cipher B. Key C. Plaintext D. Encryption Answer: B Explanation:
QUESTION NO: 73 Mark is hired as an Information Security Officer for BlueWell Inc. He wants to draw the attention of the management towards the significance of integrating information security in the business processes.
28
GIAC G2700: Practice Exam Which of the following tasks should he perform first to accomplish the task? A. He should perform a risk assessment. B. He should develop an information security policy. C. He should set up a security budget. D. He should obtain benchmarking information. Answer: A Explanation:
QUESTION NO: 74 You are working with a company that depends on real time data being available to employees, thus performance is an issue. They are trying to select the best method for handing the situation of a hard drive crashing. Which of the following would you recommend to them? A. RAID 2 B. RAID 0 C. RAID 1 D. RAID 5 Answer: D Explanation:
QUESTION NO: 75 The Information Security Officer (ISO) of Blue Well Inc. wants to have a list of security measures put together. What should be done before security measures are selected by the Information Security Officer? A. Carry out a risk analysis. B. Formulate information security policy. C. Set up monitoring. D. Carry out an evaluation. Answer: A Explanation:
29
GIAC G2700: Practice Exam QUESTION NO: 76 Sam is the CEO of Gentech Inc. The company is located in New York. He has to start a new project in order to increase the overall revenue of the company. Sam has to develop an ISMS policy. In which of the following phases of the PDCA cycle will Sam accomplish the task? A. Plan B. Do C. Check D. Act Answer: A Explanation:
QUESTION NO: 77 Which of the following are the perspectives considered to ensure the confidentiality, integrity, and availability of an organization's assets, information, data, and IT services? Each correct answer represents a complete solution. Choose all that apply. A. Procedural B. Technical C. Management D. Organizational Answer: A,B,D Explanation:
QUESTION NO: 78 Which of the following controls help in the reduction of the effect of an attack? A. Preventive controls B. Directive controls C. Corrective controls D. Detective controls Answer: C Explanation:
30
QUESTION NO: 79 Which of the following statements is true about Return On Investment? A. It is the difference between the benefit achieved and the amount spent to achieve that benefit; it is expressed as a percentage. B. It is the extra value produced by establishment of benefits that include long-term outcomes. ROI is a sub-component of VOI. C. It is the profit achieved through realization of improvements. D. It is the outcome that is once compared to the earlier state, which shows a computable increase in a desirable metric or decrease in an undesirable metric. Answer: A Explanation:
QUESTION NO: 80 Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three. A. 18 U.S.C. 1030 B. 18 U.S.C. 1028 C. 18 U.S.C. 1029 D. 18 U.S.C. 2510 Answer: A,C,D Explanation:
QUESTION NO: 81 Which of the following provides secure online payment services? A. ACH B. ICSA C. CA D. IEEE
31
GIAC G2700: Practice Exam Answer: A Explanation:
QUESTION NO: 82 Which of the following is a process of identifying and documenting project roles, responsibilities, and reporting relationships? A. Capacity planning B. Enterprise resource planning C. Business Continuity planning D. Human resource planning Answer: D Explanation:
QUESTION NO: 83 Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats? A. Risk transference B. Risk avoidance C. Risk acceptance D. Risk mitigation Answer: D Explanation:
QUESTION NO: 84 Business Continuity Planning (BCP) determines the risks to the organizational processes and creates policies, plans, and procedures in order to minimize the impact of those risks. What are the different steps in the Business Continuity Planning process? Each correct answer represents a part of the solution. Choose all that apply. A. Business Analysis "Pass Any Exam. Any Time." - www.actualtests.com 32
GIAC G2700: Practice Exam B. Continuity planning C. Project scope and planning D. Approval and implementation E. Business Impact Assessment Answer: B,C,D,E Explanation:
QUESTION NO: 85 Which of the following statements is correct about the Annual Loss Expectancy? A. It is the size of the damage claims resulting from not having carried out risk analyses effec tively. B. It is the average damage calculated by insurance companies for businesses in a country. C. It is the minimum amount for which a company should insure itself. D. It is the amount of damage that can occur as a result of an incident during the year. Answer: D Explanation:
QUESTION NO: 86 Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two. A. It backs up only the files changed since the most recent backup and clears the archive bit. B. It is the fastest method of backing up data. C. It is the slowest method for taking a data backup. D. It backs up the entire database, including the transaction log. Answer: A,B Explanation:
QUESTION NO: 87 John works as an IT Technician for uCertify Inc. One morning, John receives an e-mail from the company's Manager asking him to provide his logon ID and password, but the company policy "Pass Any Exam. Any Time." - www.actualtests.com 33
GIAC G2700: Practice Exam restricts users from disclosing their logon IDs and passwords. Which type of possible attack is this? A. DoS B. Trojan horse C. Social engineering D. Replay attack Answer: C Explanation:
QUESTION NO: 88 Sam works as a Network Administrator for Blue Well Inc. The company decides to opt for a strategy of a mix of measures to minimize risks. A stand-by arrangement is organized for the company. To which of the following categories of measures does a stand-by arrangement belong? A. Corrective measures B. Detective measures C. Repressive measures D. Preventive measures Answer: C Explanation:
QUESTION NO: 89 You work as an Information Security Manager for uCertify Inc. You are working on a document regarding the PDCA methodology. Which of the following elements of the PDCA (Plan-Do-CheckAct) methodology is used to continually improve the process performance? A. Act B. Check C. Do D. Plan Answer: A Explanation:
34
GIAC G2700: Practice Exam QUESTION NO: 90 David works as the Chief Information Security Officer for uCertify Inc. Which of the following are the responsibilities that should be handled by David? Each correct answer represents a complete solution. Choose all that apply. A. Information security B. Information risk management C. Information privacy D. Information development Answer: A,B,C Explanation:
QUESTION NO: 91 Mark works as a Software Developer for TechNet Inc. He has recently been fired, as he was caught doing some illegal work in the organization. Before leaving the organization, he decided to retaliate against the organization. He deleted some of the system files and made some changes in the registry files created by him. Which of the following types of attacks has Mark performed? A. DDoS B. Smurf C. Logic bomb D. Sabotage Answer: C Explanation:
QUESTION NO: 92 Which of the following are features of protocol and spectrum analyzers? Each correct answer represents a complete solution. Choose all that apply. A. A protocol analyzer can identify physical layer errors in a network switch. B. A packet analyzer can be used to capture real-time packets and can monitor the network packets on the LAN and the Internet. C. A protocol analyzer can be used to analyze network traffic to trace specific transactions. D. A spectrum analyzer should have the sensitive measuring equipment capability for detecting "Pass Any Exam. Any Time." - www.actualtests.com 35
GIAC G2700: Practice Exam waveform frequencies and can identify and locate the interfering transmitter. Answer: B,C,D Explanation:
QUESTION NO: 93 Which of the following states that a user should never be given more privileges than are required to carry out a task? A. Principle of least privilege B. Role-based security C. Security through obscurity D. Segregation of duties Answer: A Explanation:
QUESTION NO: 94 Which of the following are the various types of risk analysis? Each correct answer represents a complete solution. Choose all that apply. A. Corrective B. Quantitative C. Repressive D. Qualitative Answer: B,D Explanation:
QUESTION NO: 95 Which of the following statements describes the purpose of information security policy? A. The security policy makes the security plan flawless by providing the necessary details. B. The security policy provides direction and support to the management regarding information
36
GIAC G2700: Practice Exam security. C. Analysis of risks and search for countermeasures are known as Policy Documents. D. The security policy provides details about threats and the consequences. Answer: B Explanation:
QUESTION NO: 96 Which of the following is the correct formula of single loss expectancy? A. SLE= Annualized rate of occurrence*exposure factor B. SLE=asset value*exposure factor C. SLE= exposure factor*exposure factor D. SLE= Annualized loss expectancy*exposure factor Answer: B Explanation:
QUESTION NO: 97 Which of the following statements are true about Information Security Management? Each correct answer represents a complete solution. Choose all that apply. A. It is not designed to recognize, control, or protect information or any equipment that is used in connection with its processing. B. It is designed to recognize, control, and protect information and any equipment that is used in connection with its storage and transmission. C. Information Security is a system of policies and procedures. D. Information Security Management has the objective to manage information security effectively within all service providers. Answer: B,C,D Explanation:
QUESTION NO: 98 Which of the following is the process of removing sensitive information from a document or any "Pass Any Exam. Any Time." - www.actualtests.com 37
GIAC G2700: Practice Exam other medium, so that it may be distributed to a broader audience? A. Sanitization B. Censorship C. Pixelization D. Data remanence Answer: A Explanation:
QUESTION NO: 99 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to make a document on the usage of information assets. Which of the following controls of the ISO standard deals with the documentation and implementation of rules for the acceptable use of information assets? A. Control A.7.2.1 B. Control A.7.1.2 C. Control A.7.1.3 D. Control A.7.2 Answer: D Explanation:
QUESTION NO: 100 Which of the following is a formal state transition model of computer security policy that is used to describe a set of access control rules which use security labels on objects and clearances for subjects? A. Five Pillars model B. Classic information security model C. Bell-LaPadula model D. Clark-Wilson integrity model Answer: C Explanation:
38
GIAC G2700: Practice Exam QUESTION NO: 101 Mark works as a Network Security Administrator for uCertify Inc. He has installed IDS for matching incoming packets against known attacks. Which of the following types of intrusion detection techniques is being used? A. Host-based IDS B. Signature-based IDS C. Pattern Matching IDS D. Network-based IDS Answer: C Explanation:
QUESTION NO: 102 You work as a Security Professional for uCertify Inc. You have been assigned the task to calculate the Recovery Time Objective for particular outage duration. Which of the following should be included in the Recovery Time Objective? Each correct answer represents a complete solution. Choose all that apply. A. Running applications back online B. Recovering data C. Fault detection D. Sales estimation Answer: A,B,C Explanation:
QUESTION NO: 103 Which of the following are the basics of Business Continuity Management? Each correct answer represents a complete solution. Choose all that apply. A. Identification of human resources according to the requirements B. Regular checking of business continuity plans C. Identification of authentication techniques according to the requirements D. Implementation of a risk assessment technique to identify the causes and consequences of failures "Pass Any Exam. Any Time." - www.actualtests.com 39
GIAC G2700: Practice Exam Answer: A,B,D Explanation:
QUESTION NO: 104 David works as the Chief Information Security Officer for uCertify Inc. Which of the following are the responsibilities that should be handled by David? Each correct answer represents a complete solution. Choose all that apply. A. Information development B. Information risk management C. Information privacy D. Information security Answer: B,C,D Explanation:
QUESTION NO: 105 Which formula will you use to calculate the estimated average cost of 1 hour of downtime? A. (Employee costs per hour / Number of employees affected by outage) + (Average income per hour) B. (Employee costs per hour - Number of employees affected by outage) + (Average income per hour) C. (Employee costs per hour X Number of employees affected by outage) - (Average income per hour) D. (Employee costs per hour X Number of employees affected by outage) + (Average income per hour) Answer: D Explanation:
QUESTION NO: 106 You work as a Network Security Administrator for uCertify Inc. Your organization has set up a new Internet connection in place of the previous one. It is your responsibility to ensure that employees use the Internet only for official purposes. While reviewing Internet usages, you find that a few "Pass Any Exam. Any Time." - www.actualtests.com 40
GIAC G2700: Practice Exam people have traversed and downloaded some inappropriate and illegal information. You want to make a policy to stop all these activities in the future. Which of the following policies will you implement to accomplish the task? A. Security policy B. Privacy policy C. Acceptable use policy D. Due care policy Answer: C Explanation:
QUESTION NO: 107 You work as a Security Administrator for uCertify Inc. You have installed ten separate applications for your employees to work. All the applications require users to log in before working on them; however, this takes a lot of time. Therefore, you decide to use SSO to resolve this issue. Which of the following are the other benefits of Single Sign-On (SSO)? Each correct answer represents a complete solution. Choose all that apply. A. Centralized reporting for compliance adherence B. Reducing IT costs due to lower number of IT help desk calls about passwords C. Reduces the user experience D. Reduces phishing success, because users are not trained to enter password everywhere without thinking Answer: A,B,D Explanation:
QUESTION NO: 108 Sam is the CEO of Gentech Inc. The company is located in New York. He has to start a new project in order to increase the overall revenue of the company. Sam has to develop an ISMS policy. In which of the following phases of the PDCA cycle will Sam accomplish the task? A. Do B. Plan C. Act "Pass Any Exam. Any Time." - www.actualtests.com 41
GIAC G2700: Practice Exam D. Check Answer: B Explanation:
QUESTION NO: 109 Mark works as a System Administrator for uCertify Inc. He is responsible for securing the network of the organization. He is configuring some of the advanced features of the Windows firewall so that he can block the client machine from responding to pings. Which of the following advanced setting types should Mark change for accomplishing the task? A. UDP B. SMTP C. ICMP D. SNMP Answer: C Explanation:
QUESTION NO: 110 David works as the Manager for Tech Mart Inc. An incident had occurred ten months ago due to which the company suffered too much losses. David has been assigned the task to submit a report on the losses incurred by the company in a year. Which of the following should David calculate in order to submit the report containing annualized loss expectancy? Each correct answer represents a complete solution. Choose all that apply. A. Asset Value B. Single Loss Expectancy C. Annualized Rate of Occurrence D. Number of employees in the company Answer: A,B,C Explanation:
42
GIAC G2700: Practice Exam QUESTION NO: 111 You work as the Network Security Administrator for uCertify Inc. You are responsible for protecting your network from unauthorized access from both inside and outside the organization. For outside attacks, you have installed a number of security tools that protect your network. For internal security, employees are using passwords more than 8 characters; however, a few of them having the same designation often exchange their passwords, making it possible for others to access their accounts. There is already a policy to stop this practice, but still employees are doing so. Now, you want to stop this and ensure that this never happens again. Which of the following will be the best step to stop this practice? A. Create a policy that forces users to create a password combined with special characters. B. Create a policy to enter their personal email id while logged in to the system. C. Create a policy to enter their employee code while logged in to the system. D. Create a new policy that forces users to change their passwords once every 15 days. Answer: D Explanation:
QUESTION NO: 112 You work as a Security Administrator for uCertify Inc. You are working on the disaster recovery plan (DRP) for IT related infrastructure recovery / continuity. Which of the following should you include in your plan? Each correct answer represents a complete solution. Choose all that apply. A. Resumption of applications B. Resumption of hardware C. Resumption of data D. Resumption of sales Answer: A,B,C Explanation:
QUESTION NO: 113 Sam works as the Chief Information Security Officer for Blue Well Inc. There are a number of teams for the security purposes. Which of the following are the types of teams of which Sam can be a part of? Each correct answer represents a complete solution. Choose all that apply. "Pass Any Exam. Any Time." - www.actualtests.com 43
GIAC G2700: Practice Exam A. Computer Emergency Response Team B. Computer Data Development Team C. Computer Security Incident Response Team D. Computer Information Development Team Answer: A,C Explanation:
QUESTION NO: 114 You work as a Security Administrator for uCertify Inc. You need to install a honeypot inside network firewalls to monitor and track hackers. What should you install on the system before deploying the honeypot? Each correct answer represents a complete solution. Choose all that apply. A. Install the IAS server on the system to verify Internet related activities. B. Install the RADIUS server to check the authentication of the invader. C. Install the application that is designed to record the activities of the invader. D. Install the operating system without patches installed and use typical defaults and options. Answer: C,D Explanation:
QUESTION NO: 115 Mark works as a Software Developer for TechNet Inc. He has recently been fired, as he was caught doing some illegal work in the organization. Before leaving the organization, he decided to retaliate against the organization. He deleted some of the system files and made some changes in the registry files created by him. Which of the following types of attacks has Mark performed? A. Logic bomb B. Sabotage C. Smurf D. DDoS Answer: A Explanation:
44
GIAC G2700: Practice Exam QUESTION NO: 116 Which of the following tools can be used to detect steganography? A. Blindside B. Snow C. Dskprobe Answer: C Explanation:
QUESTION NO: 117 Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task: 1. Smoothening and decreasing contrast by averaging the pixels of the area where significant color transitions occurs. 2. Reducing noise by adjusting color and averaging pixel value. 3. Sharpening, Rotating, Resampling, and Softening the image. Which of the following Steganography attacks is Victor using? A. Chosen-Stego Attack B. Active Attacks C. Stegdetect Attack D. Steg-Only Attack Answer: B Explanation:
QUESTION NO: 118 Which of the following paragraphs of the Turnbull Report stated that a company's internal control system encompasses the policies, processes, tasks, behaviors, and other aspects of the company? "Pass Any Exam. Any Time." - www.actualtests.com 45
GIAC G2700: Practice Exam A. Paragraph 20 B. Paragraph 21 C. Paragraph 28 D. Paragraph 22 Answer: A Explanation:
QUESTION NO: 119 Which of the following activities are performed by the 'Do' cycle component of PDCA (plandocheck- act)? Each correct answer represents a complete solution. Choose all that apply. A. It manages resources that are required to achieve a goal. B. It determines controls and their objectives. C. It performs security awareness training. D. It detects and responds to incidents properly. E. It operates the selected controls. Answer: A,C,D,E Explanation:
QUESTION NO: 120 Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management? A. At every status meeting of the project team, project risk management is an agenda item. B. Project risk management is scheduled for every month in the 18-month project. C. Project risk management happens at every milestone. D. Project risk management has been concluded with the project planning. Answer: A Explanation:
46
GIAC G2700: Practice Exam QUESTION NO: 121 You work as a Security Administrator for uCertify Inc. You observe that an employee is spreading personal data of your organization. Which of the following standards of information security deals with the employees handling personal data in an organization? A. Personal security B. Network Security C. Physical security D. Human resource security Answer: D Explanation:
QUESTION NO: 122 Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors? A. Utility model B. Cookie C. Trade secret D. Copyright Answer: C Explanation:
QUESTION NO: 123 Which of the following types of cyberstalking damages the reputation of their victim and turns other people against them by setting up their own Websites, blogs, or user pages for this purpose? A. False accusation B. False victimization C. Encouraging others to harass the victim D. Attempts to gather information about the victim Answer: A
47
GIAC G2700: Practice Exam Explanation:
QUESTION NO: 124 Which of the following statements are true about Regulation of Investigatory Powers Act 2000? Each correct answer represents a complete solution. Choose all that apply. A. It enables certain public bodies to demand ISPs fit equipment to facilitate surveillance. B. It enables mass surveillance of communications in transit. C. It enables certain private bodies to demand that someone hand over keys to protected information. D. It allows certain public bodies to monitor people's Internet activities. Answer: A,B,D Explanation:
QUESTION NO: 125 Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using? Each correct answer represents a part of the solution. Choose all that apply. A. Linguistic steganography B. Technical steganography C. Perceptual masking D. Text Semagrams Answer: A,D Explanation:
QUESTION NO: 126 You are consulting with a small budget conscious accounting firm. Each accountant keeps "Pass Any Exam. Any Time." - www.actualtests.com 48
GIAC G2700: Practice Exam individual records on their PC and checks them in and out of a server. They are concerned about losing data should the server hard drive crash. Which of the following RAID levels would you recommend? A. RAID 1 B. RAID 6 C. RAID 5 D. RAID 0 Answer: A Explanation:
QUESTION NO: 127 Which of the following policies defines the acceptable methods of remotely connecting a system to the internal network? A. Remote access policy B. Computer security policy C. Network security policy D. User Account Policy Answer: A Explanation:
QUESTION NO: 128 Which of the following creates policies, plans, and procedures to minimize the impact of risks to the organizational processes? A. Configuration Management B. Business Continuity Planning C. Social engineering D. Change Management Answer: B Explanation:
49
GIAC G2700: Practice Exam QUESTION NO: 129 In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem. A. Impersonation attack B. Reverse social engineering attack C. Important user posing attack D. In person attack Answer: B Explanation:
QUESTION NO: 130 Which of the following tools can be used for steganography? Each correct answer represents a complete solution. Choose all that apply. A. Snow.exe B. Stegbreak C. Anti-x D. Image hide Answer: A,D Explanation:
QUESTION NO: 131 You work as the Network Administrator for a defense contractor. Your company works with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that one individual could perhaps compromise the network (intentionally or unintentionally) by setting up improper or unauthorized remote access. What is the best way to avoid this problem? A. Implement least privileges. B. Implement RBAC. C. Implement three way authentication. D. Implement separation of duties.
50
GIAC G2700: Practice Exam Answer: D Explanation:
QUESTION NO: 132 You work as an Information Security Manager for uCertify Inc. You are working on a software asset management plan to provide backup for Active Directory. Which of the following data is required to be backed up for this purpose? A. System state data B. Users manual C. DNS record D. Cache memory Answer: A Explanation:
QUESTION NO: 133 Which of the following laws or acts enforces the prohibition against cyber stalking? A. Malicious Communications Act (1998) B. Anti-Cyber-Stalking law (1999) C. Stalking Amendment Act (1999) D. Stalking by Electronic Communications Act (2001) Answer: C Explanation:
QUESTION NO: 134 Which of the following are the various domains in the ISO/IEC 27002? Each correct answer represents a complete solution. Choose all that apply. A. Management policy B. Security policy C. Access security "Pass Any Exam. Any Time." - www.actualtests.com 51
GIAC G2700: Practice Exam D. Compliance Answer: B,C,D Explanation:
QUESTION NO: 135 Which of the following needs to be documented to preserve evidences for presentation in court? A. Account lockout policy B. Chain of custody C. Incident response policy D. Separation of duties Answer: B Explanation:
QUESTION NO: 136 You work as a Security Administrator for uCertify Inc. You are concerned about the password security. Therefore, you have decided to apply a policy that will be helpful for others to create strong passwords. Which of the following are the important things that should be remembered to create a strong password? Each correct answer represents a complete solution. Choose all that apply. A. It should be of eight characters. B. It should be a known word. C. It should contain at least one number or punctuation character. D. It should contain at least one capital letter. Answer: A,C,D Explanation:
QUESTION NO: 137 Which of the following are features of protocol and spectrum analyzers? Each correct answer represents a complete solution. Choose all that apply. "Pass Any Exam. Any Time." - www.actualtests.com 52
GIAC G2700: Practice Exam A. A protocol analyzer can be used to analyze network traffic to trace specific transactions. B. A protocol analyzer can identify physical layer errors in a network switch. C. A packet analyzer can be used to capture real-time packets and can monitor the network packets on the LAN and the Internet. D. A spectrum analyzer should have the sensitive measuring equipment capability for detecting waveform frequencies and can identify and locate the interfering transmitter. Answer: A,C,D Explanation:
QUESTION NO: 138 A helpdesk technician received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account on UNIX servers and asked for it. Although the technician didn't know any administrator at the branch office, the guy sounded really friendly and since he knew the root password himself, he supplied the caller with the password. What type of attack has just occurred? A. Brute Force attack B. War dialing attack C. Social Engineering attack D. Replay attack Answer: C Explanation:
QUESTION NO: 139 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset? A. Equipment B. Electricity C. Reputation of the company D. Personal data Answer: C Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 53
QUESTION NO: 140 You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task? A. RAID-10 B. RAID-1 C. RAID-5 D. RAID-0 Answer: B Explanation:
QUESTION NO: 141 Which of the following is the method of hiding data within another media type such as graphic or document? A. Packet sniffing B. Spoofing C. Cryptanalysis D. Steganography Answer: D Explanation:
QUESTION NO: 142 Service Level Agreement (SLA) provides one service for all customers of that service. Which of the following are the contents included by SLAs? Each correct answer represents a complete solution. Choose all that apply. A. Scope B. Mutual responsibilities
54
GIAC G2700: Practice Exam C. Vocations D. Service description Answer: A,B,D Explanation:
QUESTION NO: 143 By gaining full control of a router, hackers often acquire full control of the network. Which of the following methods are commonly used to attack routers? Each correct answer represents a complete solution. Choose all that apply. A. Launching a Max Age attack B. Route table poisoning C. Launching a Sequence++ attack D. Launching a social engineering attack Answer: A,B,C Explanation:
QUESTION NO: 144 Which of the following honeypots provides an attacker access to the real operating system without any restriction and collects a vast amount of information about the attacker? A. Medium-interaction honeypot B. Honeyd C. High-interaction honeypot D. Low-interaction honeypot Answer: C Explanation:
QUESTION NO: 145 Fill in the blank with an appropriate phrase. The______ is concerned with rebuilding production processing and determining the criticality of "Pass Any Exam. Any Time." - www.actualtests.com 55
GIAC G2700: Practice Exam data. A. recovery team Answer: A Explanation:
QUESTION NO: 146 Which of the following attacks can be mitigated by providing proper training to the employees in an organization? A. Social engineering B. Smurf C. Denial-of-Service D. Man-in-the-middle Answer: A Explanation:
QUESTION NO: 147 John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task? A. Steganography B. Email spoofing C. Web ripping D. Social engineering Answer: A Explanation:
GIAC G2700: Practice Exam You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to make a document on the classification of information assets. Which of the following controls of the ISO standard provides guidelines on the classification of information? A. Control A.7.1.3 B. Control A.7.1.2 C. Control A.7.2 D. Control A.7.2.1 Answer: D Explanation:
QUESTION NO: 149 Which of the following statements is true about annualized loss expectancy? A. It is defined as the cost related to a single realized risk against a particular asset. B. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. C. It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year. D. It is defined as the yearly cost of all instances of a particular threat against a particular ass et. Answer: D Explanation:
QUESTION NO: 150 Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk? A. Risk avoidance B. Risk mitigation C. Risk transference D. Risk acceptance Answer: D Explanation:
57
GIAC G2700: Practice Exam QUESTION NO: 151 You work as an Information Security Manager for uCertify Inc. The company has made a contract with a third party software company to make a software program for personal use. You have been assigned the task to share the organization's personal requirements regarding the tool to the third party. Which of the following documents should be first signed by the third party? A. Acknowledgement papers B. Legal disclaimer C. Non disclosure agreement (NDA) D. Copyright papers Answer: C Explanation:
QUESTION NO: 152 Which of the following are the primary rules defined for RBAC? Each correct answer represents a complete solution. Choose all that apply. A. Transaction authorization B. Role authorization C. Role assignment D. Transaction assignment Answer: A,B,C Explanation:
QUESTION NO: 153 Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using? A. Risk transfer B. Risk mitigation C. Risk avoidance D. Risk acceptance Answer: A "Pass Any Exam. Any Time." - www.actualtests.com 58
QUESTION NO: 154 Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response? A. Risk owner B. Project sponsor C. Diane D. Subject matter expert Answer: A Explanation:
QUESTION NO: 155 Mark works as a Software Developer for TechNet Inc. He has recently been fired, as he was caught doing some illegal work in the organization. Before leaving the organization, he decided to retaliate against the organization. He deleted some of the system files and made some changes in the registry files created by him. Which of the following types of attacks has Mark performed? A. DDoS B. Logic bomb C. Sabotage D. Smurf Answer: B Explanation:
QUESTION NO: 156 Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention? A. Snooping B. Copyright "Pass Any Exam. Any Time." - www.actualtests.com 59
GIAC G2700: Practice Exam C. Patent D. Utility model Answer: C Explanation:
QUESTION NO: 157 Which of the following standard file formats is used by Apple's iPod to store contact information? A. vCard B. hCard C. HFS+ D. FAT32 Answer: A Explanation:
QUESTION NO: 158 You work as a Network Security Administrator for uCertify Inc. You feel that someone has accessed your computer and used your e-mail account. To check whether there is any virus installed into your computer, you scan your computer but do not find any illegal software. Which of the following types of security attacks generally runs behind the scenes on your computer? A. Zero-day B. Rootkit C. Hybrid D. Replay Answer: B Explanation:
QUESTION NO: 159 You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?
60
GIAC G2700: Practice Exam A. Poor resource management. B. The principle of maximum control. C. The principle of least privileges. D. Proper use of an ACL. Answer: C Explanation:
QUESTION NO: 160 Drop the appropriate value to complete the formula.
QUESTION NO: 161 You work as the project manager for Bluewell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decide, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project, what is likely to increase? A. Human resource needs B. Risks C. Costs D. Quality control concerns Answer: B Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 61
QUESTION NO: 162 CORRECT TEXT Fill in the blank with the appropriate term. ______is a prime example of a high-interaction honeypot.
Answer: Honeynet
QUESTION NO: 163 In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization? A. Impersonation attack B. Third-party authorization attack C. Important user posing attack D. In person attack Answer: A Explanation:
QUESTION NO: 164 Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats? A. Risk acceptance B. Risk transference C. Risk avoidance D. Risk mitigation Answer: D Explanation:
GIAC G2700: Practice Exam Which of the following individuals calculates the recovery time and cost estimates while performing a business impact analysis (BIA)? A. Business process owner B. Business continuity coordinator C. Risk Executive D. Information security manager Answer: A Explanation:
QUESTION NO: 166 Which of the following statements is true about residual risks? A. It is a weakness or lack of safeguard that can be exploited by a threat. B. It is the probabilistic risk after implementing all security measures. C. It can be considered as an indicator of threats coupled with vulnerability. D. It is the probabilistic risk before implementing all security measures. Answer: B Explanation:
QUESTION NO: 167 You work as a Security Administrator for uCertify Inc. You have been assigned a task for helping employees in determining appropriate technical security measures available for electronic information that is deemed sensitive. Which of the following policies will you apply to accomplish the task? A. Default policy B. Enterprise policy C. Information security policy D. Security policy Answer: C Explanation:
63
GIAC G2700: Practice Exam QUESTION NO: 168 Sam works as a Project Manager for Blue Well Inc. He is working on a new project. He wants to access high level risks for the project. Which of the following steps should Sam take in order to accomplish the task? A. Developing risk management plan to identify risks based on documents B. Developing project charter and risk management plan to identify risks based on documents C. Developing project charter to identify risks based on documents D. Identifying and analyzing risk events using qualitative and quantitative techniques Answer: B Explanation:
QUESTION NO: 169 A honey pot is a computer trap that is used to attract potential intruders or attackers. Which of the following are some advantages of honey pots? Each correct answer represents a complete solution. Choose all that apply. A. Risk of takeover B. Limited view C. Small set of data D. Reduced false positives Answer: C,D Explanation:
QUESTION NO: 170 Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two. A. It is the slowest method for taking a data backup. B. It is the fastest method of backing up data. C. It backs up the entire database, including the transaction log. D. It backs up only the files changed since the most recent backup and clears the archive bit. Answer: B,D "Pass Any Exam. Any Time." - www.actualtests.com 64
QUESTION NO: 171 Mark is the project manager of the NHQ project in StarTech Inc. The project has an asset valued at $195,000 and is subjected to an exposure factor of 35 percent. What will be the Single Loss Expectancy of the project? A. $67,250 B. $92,600 C. $72,650 D. $68,250 Answer: D Explanation:
QUESTION NO: 172 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to assign ownership of some assets of the organization. Which of the following statements correctly describe the responsibilities of an asset owner? Each correct answer represents a complete solution. Choose all that apply. A. The owner is allowed to delegate accountability of the asset. B. The owner should have a document describing the security controls for the asset. C. The owner is allowed to delegate responsibility for maintaining the asset. D. The owner has property rights to the asset. Answer: B,C Explanation:
QUESTION NO: 173 Which of the following is a list of specific actions being taken to deal with specific risks associated with the threats? A. Risk mitigation "Pass Any Exam. Any Time." - www.actualtests.com 65
GIAC G2700: Practice Exam B. Risk acceptance C. Risk avoidance D. Risk transference Answer: A Explanation:
QUESTION NO: 174 Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk? A. Risk acceptance B. Risk mitigation C. Risk avoidance D. Risk transference Answer: A Explanation:
QUESTION NO: 175 Which of the following statements is true about exposure factor? A. It is defined as the cost related to a single realized risk against a particular asset. B. It is defined as the yearly cost of all instances of a particular threat against a particular ass et. C. It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year. D. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. Answer: D Explanation:
QUESTION NO: 176 Which of the following paragraphs of the Turnbull Report stated that a company's system of internal control will include information and communication processes?
66
GIAC G2700: Practice Exam A. Paragraph 28 B. Paragraph 20 C. Paragraph 21 D. Paragraph 22 Answer: C Explanation:
QUESTION NO: 177 You work as a System Administrator for uCertify Inc. You have been given the task to create a new corporate policy. Which of the following approaches must be followed to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. A. Strategic approach B. Approach to Risk Management C. Clear and unambiguous approach D. Industry best practice Answer: A,B,C Explanation:
QUESTION NO: 178 David works as the Network Administrator for uCertify Inc. He has been asked to perform risk analysis. He decides to do it by using CRAMM. The CEO wants to know the negative points of CRAMM which is going to be used by David. Which of the following points will David tell the CEO of the organization? A. It maintains consistency that results from similar solutions for similar risk profiles. B. It regularly updates extensive hierarchical countermeasure databases covering non-technical areas. C. It requires qualified and experienced practitioners to use it. D. It helps in developing full reviews and rapid reviews. Answer: C Explanation:
67
GIAC G2700: Practice Exam QUESTION NO: 179 Which of the following policies is a set of rules applied by the owner/manager of a network, Website or large computer system that restrict the ways in which the network site or system may be used? A. Default policy B. Certificate policy C. Informative policy D. Acceptable use policy Answer: D Explanation:
QUESTION NO: 180 You work as a Network Security Administrator for uCertify Inc. Your organization has set up a new Internet connection in place of the previous one. It is your responsibility to ensure that employees use the Internet only for official purposes. While reviewing Internet usages, you find that a few people have traversed and downloaded some inappropriate and illegal information. You want to make a policy to stop all these activities in the future. Which of the following policies will you implement to accomplish the task? A. Acceptable use policy B. Privacy policy C. Security policy D. Due care policy Answer: A Explanation:
QUESTION NO: 181 Which of the following paragraphs of the Turnbull Guidance provide clear description of the principles of a risk treatment plan? Each correct answer represents a complete solution. Choose all that apply. A. 16 B. 18 "Pass Any Exam. Any Time." - www.actualtests.com 68
GIAC G2700: Practice Exam C. 17 D. 19 Answer: B,C,D Explanation:
QUESTION NO: 182 Which of the following statements is true about annualized rate of occurrence? A. It is defined as the cost related to a single realized risk against a particular asset. B. It is defined as the yearly cost of all instances of a particular threat against a particular ass et. C. It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year. D. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. Answer: C Explanation:
QUESTION NO: 183 John works as a Security Administrator for uCertify Inc. As per his past experience, he wants to make a policy stating that any hardware devices containing information about the organization should be destroyed properly before they are thrown. After applying this policy, John will be able to ensure that the information on the devices will not fall into the hands of unauthorized persons after properly discarding the devices. Which of the following types of policies is John going to create? A. Due Care B. Disposal and destruction C. Privacy D. Security Answer: B Explanation:
QUESTION NO: 184 You work as a Security Administrator for uCertify Inc. You have been assigned the task to apply a "Pass Any Exam. Any Time." - www.actualtests.com 69
GIAC G2700: Practice Exam data availability solution based on a striped disk array without redundancy. Which of the following will you use to accomplish the task? A. RAID 5 B. RAID 0 C. RAID 1 D. RAID 3/4 Answer: B Explanation:
QUESTION NO: 185 Which of the following are the primary rules defined for RBAC? Each correct answer represents a complete solution. Choose all that apply. A. Role authorization B. Transaction authorization C. Role assignment D. Transaction assignment Answer: A,B,C Explanation:
QUESTION NO: 186 You work as a Security Professional for uCertify Inc. You have been assigned the task to calculate the Recovery Time Objective for particular outage duration. Which of the following should be included in the Recovery Time Objective? Each correct answer represents a complete solution. Choose all that apply. A. Recovering data B. Sales estimation C. Running applications back online D. Fault detection Answer: A,C,D Explanation:
70
QUESTION NO: 187 You work as an Information Security Manager for uCertify Inc. You are working on an asset management plan for protecting software tools used in your organization. Which of the following are included in Software Asset Management (SAM)? Each correct answer represents a complete solution. Choose all that apply. A. Maintaining software license compliance B. Tracking inventory and software asset use C. Maintaining standard policies and procedures D. Tracking issues related with IT equipment Answer: A,B,C Explanation:
QUESTION NO: 188 You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following is the governing principle behind ISMS? A. An organization should design, implement, and maintain a coherent set of policies to ensure proper marketing of products. B. An organization should design, implement, and maintain a coherent set of policies, processes, and systems to manage risks to its information assets. C. An organization should apply encryption to its information assets. D. An organization should implement and maintain IDS to manage risks to the network. Answer: B Explanation:
QUESTION NO: 189 Which of the following are responsibilities of the Service Level Manager? Each correct answer represents a complete solution. Choose all that apply. A. To define Service Level Agreement "Pass Any Exam. Any Time." - www.actualtests.com 71
GIAC G2700: Practice Exam B. To define the Service Level Agreement structure C. To define the Underpinning Contracts (UC) with external providers D. To define the Operational Level Agreements with internal providers Answer: B,C,D Explanation:
QUESTION NO: 190 Which of the following is used to hide the existence of a message from a third party? A. Steganography B. SNORT C. Packet sniffing D. Spoofing Answer: A Explanation:
QUESTION NO: 191 What is the name given to the system that guarantees the coherence of information security in the organization? A. Information Security Management System B. Rootkit C. Stemkit D. Security regulations for special information for the government Answer: A Explanation:
QUESTION NO: 192 You work as a Security Administrator for uCertify Inc. You are working on the disaster recovery plan (DRP) for IT related infrastructure recovery / continuity. Which of the following should you include in your plan? Each correct answer represents a complete solution. Choose all that apply. "Pass Any Exam. Any Time." - www.actualtests.com 72
GIAC G2700: Practice Exam A. Resumption of hardware B. Resumption of data C. Resumption of sales D. Resumption of applications Answer: A,B,C Explanation:
QUESTION NO: 193 Which of the following is established during the Business Impact Analysis by the owner of a process in accepted business continuity planning methodology? A. Recovery Consistency Objective B. Recovery Time Actual C. Recovery Time Objective D. Recovery Point Objective Answer: C Explanation:
QUESTION NO: 194 As an attacker, you are sending very small sized packets with durations of 15 minutes per packet to the IIS Web server. Since an IIS session remains alive for a long time, the IDS may be tricked into accepting them as regular packet transformations. Which of the following types of attacking methods are you using? A. Session splicing B. Nonblind spoofing C. Session hijacking D. Security Logging Answer: A Explanation:
QUESTION NO: 195 Mark works as a Security Administrator for uCertify Inc. Somehow Mark comes to know that an "Pass Any Exam. Any Time." - www.actualtests.com 73
GIAC G2700: Practice Exam employee is keeping illegal software on his workstation. After investigating, Mark finds that this is indeed true. Therefore, Mark decides to file a law suit against the organization, as it is against organization's norms to store illegal information. Now, the organization decides to call the police and suspend Mark from work till further internal inquiries. Which of the following practices has been implemented in this scenario? A. Due diligence B. Due process C. Privacy D. Due care Answer: B Explanation:
QUESTION NO: 196 Which of the following are the steps of the Do stage of the project? Each correct answer represents a part of the solution. Choose all that apply. A. Operations and resources are managed. B. Training and awareness programs for affected staff are scheduled. C. The risk treatment plan is implemented and controls are planned. D. The options are identified and evaluated for the treatment of the risks. Answer: A,B,C Explanation:
QUESTION NO: 197 You work as a Security Administrator for uCertify Inc. You have developed a user manual for internal use, which will help your colleagues to work efficiently in the organization. However, you are concerned about the possibility of the user manual being distributed to the public. Therefore, you have decided to implement a system of classification so that you can secure information. Which of the following information classification levels will you use to implement the system? A. Classified B. Public or unclassified C. Department specific D. Private or confidential
74
QUESTION NO: 198 You work as an Information Security Manager for uCertify Inc. You are working on a software asset management plan to provide backup for Active Directory. Which of the following data is required to be backed up for this purpose? A. System state data B. DNS record C. Users manual D. Cache memory Answer: A Explanation:
QUESTION NO: 199 A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated? A. Privacy law B. Copyright law C. Security law D. Trademark law Answer: A Explanation:
QUESTION NO: 200 Which of the following statements is true about pattern matching IDS? A. IDS can match empty list only. B. IDS can only be effective unless the company's security policies are not defined and followed in "Pass Any Exam. Any Time." - www.actualtests.com 75
GIAC G2700: Practice Exam practice. C. IDS can trigger only on signatures that are stored in the database of the IDS. D. IDS can detect only when an attacker is passively sniffing data. Answer: C Explanation:
QUESTION NO: 201 Which of the following is not one of the objectives of risk analysis? A. Determining the risk that threats will become a reality B. Identifying assets and their value C. Removing the risks D. Determining vulnerabilities and threats Answer: C Explanation:
QUESTION NO: 202 You are the project manager for a construction project. The project involves casting of a column in a very narrow space. Because of the lack of space, casting is highly dangerous. High technical skill will be required for casting that column. You decide to hire a local expert team for casting that column. Which of the following types of risk response are you following? A. Avoidance B. Transference C. Mitigation D. Acceptance Answer: B Explanation:
QUESTION NO: 203 Who of the following receive reports after the Check phase of the PDCA model is completed? Each correct answer represents a complete solution. Choose all that apply.
76
GIAC G2700: Practice Exam A. Security Officer B. Management C. CEO D. Chief Information Security Officer Answer: B,D Explanation:
QUESTION NO: 204 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You are making the documentation on control A.7.2. Which of the following are the main objectives of control A.7.2? Each correct answer represents a complete solution. Choose all that apply. A. Using B. Identifying C. Sharing D. Restricting Answer: C,D Explanation:
QUESTION NO: 205 You work as a Security Administrator for uCertify Inc. The organization has signed a legal contract with another company for maintaining network security. According to the contract, both companies can share any confidential material, knowledge, or information with one another for certain purposes, but they cannot share these with others. Which of the following terms best describes this agreement? A. Organizational Level B. Service Level C. Operating Level D. Non-disclosure Answer: D Explanation:
77
GIAC G2700: Practice Exam QUESTION NO: 206 Which of the following procedures is to reduce the risk to personnel, property, and other assets while minimizing work disorders in the event of an emergency? A. Disaster Recovery Plan B. Cyber Incident Response Plan C. Occupant Emergency Plan D. Crisis Communication Plan Answer: C Explanation:
QUESTION NO: 207 Which of the following is used to align and realign IT Services to changing business needs by identifying and implementing improvements to IT services? A. Business Impact Analysis (BIA) B. Continual Service Improvement (CSI) C. Recovery Point Objective (RPO) D. Business Continuity Plan (BCP) Answer: B Explanation:
QUESTION NO: 208 Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk? A. Risk transference B. Risk acceptance C. Risk avoidance D. Risk mitigation Answer: A Explanation:
78
GIAC G2700: Practice Exam QUESTION NO: 209 Risk analysis provides a great deal of useful information. It has four main objectives. Which of the following is not an objective of risk analysis? A. To identify assets and their value B. To determine a balance between the costs of an incident and a security measure C. To determine vulnerabilities and threats D. To determine the costs of threats Answer: D Explanation:
QUESTION NO: 210 You work as an Information Security Manager for uCertify Inc. The company is releasing the documentation about a software product. You have been assigned the task to include information about the company in a legal disclaimer before releasing the documentation. What is the purpose of using the legal disclaimer? A. To advertise the product B. To identify the usage of the documentation C. To protect organizations against libel actions D. To ensure the security of the documentation Answer: C Explanation:
QUESTION NO: 211 Sam works as the Security Administrator for Blue Well Inc. He has to develop controls as the countermeasures to risks. Which of the following are the types of controls that Sam may employ for security? Each correct answer represents a complete solution. Choose all that apply. A. Transitive B. Corrective C. Preventive D. Detective
79
GIAC G2700: Practice Exam Answer: B,C,D Explanation:
QUESTION NO: 212 Which of the following defines the amount of data loss a business can endure? A. RTO B. RTA C. BCP D. RPO Answer: D Explanation:
QUESTION NO: 213 Which of the following tasks are accomplished in the Act phase of the PDCA cycle? Each correct answer represents a complete solution. Choose all that apply. A. The improvements to ISMS are identified. B. The improvements to ISMS are implemented. C. The improvements to ISMS are developed. D. The improvements to ISMS are documented. Answer: A,B,D Explanation:
QUESTION NO: 214 Which of the following activities are performed by the 'Do' cycle component of PDCA (plandocheck- act)? Each correct answer represents a complete solution. Choose all that apply. A. It performs security awareness training. B. It operates the selected controls.
80
GIAC G2700: Practice Exam C. It detects and responds to incidents properly. D. It determines controls and their objectives. E. It manages resources that are required to achieve a goal. Answer: A,B,C,E Explanation:
QUESTION NO: 215 You work as a Security Administrator for uCertify Inc. You have been assigned a task to provide a solution that has a striped set with distributed parity or interleave parity. Which of the following will help you to meet the organizational requirements? A. RAID 3/4 B. RAID 0 C. RAID 10 D. RAID 5 Answer: D Explanation:
QUESTION NO: 216 You work as a Security Administrator for uCertify Inc. You observe that an employee is spreading personal data of your organization. Human resource security deals with the employees handling personal data in an organization. Which section of ISO 27002 describes human resource security? A. Section 4 B. Section 8 C. Section 3 D. Section 5 Answer: B Explanation:
QUESTION NO: 217 You work as a Security Administrator for uCertify Inc. You found that a person is coming inside the working area. Now, you want to ensure the authenticity of that person. By which of the following "Pass Any Exam. Any Time." - www.actualtests.com 81
GIAC G2700: Practice Exam factors can you determine the accuracy of the authentication? Each correct answer represents a complete solution. Choose all that apply. A. Two-factor authentication B. Three-factor authentication C. Many-factor authentication D. One-factor authentication Answer: A,B,D Explanation:
QUESTION NO: 218 Which of the following are steps of vulnerability management programs? Each correct answer represents a complete solution. Choose all that apply. A. Prioritize Vulnerabilities B. Baseline the Environment C. Shield and monitor D. Define Policy Answer: A,B,D Explanation:
QUESTION NO: 219 Which of the following formulas is used to represent the annualized loss expectancy (ALE)? A. ALE=asset value ($)*exposure factor (EF) B. ALE=single loss expectancy (SLE)/annualized rate of occurrence (ARO) C. ALE=asset value ($)/exposure factor (EF) D. ALE=single loss expectancy (SLE)*annualized rate of occurrence (ARO) Answer: D Explanation:
82
GIAC G2700: Practice Exam QUESTION NO: 220 Which of the following statements is related to residual risks? A. It can be considered as an indicator of threats coupled with vulnerability. B. It is the probabilistic risk before implementing all security measures. C. It is a weakness or lack of safeguard that can be exploited by a threat. D. It is the probabilistic risk after implementing all security measures. Answer: D Explanation:
QUESTION NO: 221 Which of the following is the right approach for the identification and management of information security risks? A. Encryption of system state data B. Storage of topology records C. Establishment and continuous update of ISMS D. Indication of natural disaster Answer: C Explanation:
QUESTION NO: 222 You work as an HR Manager for uCertify Inc. You are working on a checklist to develop an orderly exit process for the employees leaving your company. Which of the following actions should be included in that checklist? Each correct answer represents a complete solution. Choose all that apply. A. To ensure that assets return in an expedited time frame B. To ensure that employees' access is removed C. To validate the references and the level of background checks D. To ensure that employees understand information security threats Answer: A,B Explanation:
83
QUESTION NO: 223 Which of the following are computer clusters that are implemented primarily for the purpose of providing high availability of services which the cluster provides? A. Load balancing clusters B. Globular clusters C. Tightly-coupled compute clusters D. High-availability clusters Answer: D Explanation:
QUESTION NO: 224 Which of the following surveys found that the smaller organizations had had a better understanding of their information assets? A. DTI Survey B. CBI Cyber Crime Survey C. Information Security Breaches Survey (ISBS) 2006 D. KPMG's Information Security Survey 2000 Answer: C Explanation:
QUESTION NO: 225 Which of the following is NOT a module of FaultTree+? A. Kerchief Analysis B. Fault Tree Analysis C. Event Tree Analysis D. Markov Analysis Answer: A Explanation:
84
QUESTION NO: 226 The usage of pre-numbered forms for initiating a transaction is an example of which of the following types of control? A. Deterrent control B. Application control C. Preventive control D. Detective control Answer: C Explanation:
QUESTION NO: 227 Which of the following statements MOST closely depicts the difference between qualitative risk analysis and quantitative risk analysis? A. A quantitative RA does not use the hard costs of losses and a qualitative RA does. B. A quantitative RA cannot use a number of calculations. C. A qualitative RA uses a number of complex calculations. D. Lesser amount of guesswork is used in a quantitative RA. Answer: D Explanation:
QUESTION NO: 228 What does CRAMM stand for? A. CCTA Risk Analyzer and Manager Methodology B. Continuous Risk Analysis and Management Method C. CCTA Risk Analysis and Management Method D. Continuous Risk Analyzer and Manager Methodology Answer: C Explanation:
85
QUESTION NO: 229 Which of the following is NOT a type of FMEA? A. BFMEA B. CFMEA C. DFMEA D. PFMEA Answer: A Explanation:
QUESTION NO: 230 Which of the following is a measure taken by a program to protect the system against misuse of itself? A. Privilege separation B. Privilege bracketing C. Privilege escalation D. Privilege revocation Answer: D Explanation:
QUESTION NO: 231 Which of the following is used to govern the disclosure of financial and accounting information? A. Gramm-Leach-Bliley Act B. Privacy act of 1974 C. Sarbanes-Oxley D. Health Insurance Portability and Accountability Act Answer: C Explanation:
86
GIAC G2700: Practice Exam QUESTION NO: 232 Which of the following is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory? A. Ping of death B. Self-modifying code C. Heap overflow D. Buffer overflow Answer: D Explanation:
QUESTION NO: 233 Which of the following protects original works of authorship including literary, dramatic, musical, artistic, and other intellectual works? A. Criminal law B. Civil law C. Copyright law D. Administrative law Answer: C Explanation:
QUESTION NO: 234 Which of the following terms refers to the time duration during which a system or service is unavailable? A. Uptime B. Slowtime C. Downtime D. Peaktime Answer: D Explanation:
87
GIAC G2700: Practice Exam QUESTION NO: 235 Which of the following can be protected by the RAID implementation? A. Disk failure B. Switch failure C. Host failure D. Network failure Answer: A Explanation:
QUESTION NO: 236 Which of the following is the process of restoring a previous copy of the data to a known point of consistency? A. Disaster Restart B. Downtime Restart C. Downtime D. Disaster Recovery Answer: D Explanation:
QUESTION NO: 237 Which of the following specifies value of each asset? A. Asset importance B. Asset protection C. Asset responsibility D. Asset identification Answer: A Explanation:
GIAC G2700: Practice Exam You work as an Information Security Manager for uCertify Inc. You need to make the documentation on change management. What are the advantages of change management? Each correct answer represents a complete solution. Choose all that apply. A. Improved adverse impact of changes on the quality of IT services B. Improved IT personnel productivity, since there is a reduced number of urgent changes and a back-out of erroneous changes C. Improved productivity of users due to more stable and better IT services D. Increased ability to absorb frequent changes without making an unstable IT environment Answer: B,C,D Explanation:
QUESTION NO: 239 Which of the following statements is true about Return On Investment? A. It is the profit achieved through realization of improvements. B. It is the outcome that is once compared to the earlier state, which shows a computable increase in a desirable metric or decrease in an undesirable metric. C. It is the difference between the benefit achieved and the amount spent to achieve that benefit; it is expressed as a percentage. D. It is the extra value produced by establishment of benefits that include long-term outcomes. ROI is a sub-component of VOI. Answer: C Explanation:
QUESTION NO: 240 Which of the following are process elements for remote diagnostics? Each correct answer represents a complete solution. Choose all that apply. A. After detected performance degradation, predict the failure moment by extrapolation. B. Remotely monitor selected vital system parameters. C. Compare with known or expected behavior data. D. Perform analysis of data to detect trends. Answer: A,B,C,D "Pass Any Exam. Any Time." - www.actualtests.com 89
QUESTION NO: 241 Which of the following tools can be used to detect steganography? A. Dskprobe B. ImageHide C. Blindside D. Snow Answer: A Explanation:
QUESTION NO: 242 Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response? A. Risk avoidance B. Risk transference C. Risk mitigation D. Risk acceptance Answer: B Explanation:
QUESTION NO: 243 You work as a Security Administrator for uCertify Inc. You have been assigned the task to verify the identity of the employees recruited in your organization. Which of the following components of security deals with an employee's verification in the organization? A. Access security B. Human resource security C. Physical security D. Network Security
90
QUESTION NO: 244 Which of the following should be considered while calculating the costs of the outage? Each correct answer represents a complete solution. Choose all that apply. A. Cost of lost income from missed sales B. Sales aspect of the business C. Cost of low productivity D. Innovations in electronic funds transfer Answer: A,C Explanation:
QUESTION NO: 245 Which of the following phases of the PDCA model is the controlling and maintaining phase of the Information Security Management System (ISMS)? A. Check B. Act C. Do D. Plan Answer: B Explanation:
QUESTION NO: 246 Which of the following are the valid reasons for the occurrence of Drive-by download? Each correct answer represents a complete solution. Choose all that apply. A. Clicking on a deceptive pop-up window B. Updating windows files automatically
91
GIAC G2700: Practice Exam C. Visiting a website D. Viewing an e-mail message Answer: A,C,D Explanation:
QUESTION NO: 247 John, a novice web user, makes a new e-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply. A. Hybrid attack B. Brute Force attack C. Dictionary attack D. Rule based attack Answer: A,B,C Explanation:
QUESTION NO: 248 Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using? Each correct answer represents a part of the solution. Choose all that apply. A. Text Semagrams B. Technical steganography C. Linguistic steganography D. Perceptual masking Answer: A,C Explanation:
92
QUESTION NO: 249 In which of the following mechanisms does an authority, within limitations, specify what objects can be accessed by a subject? A. Role-Based Access Control B. Task-based Access Control C. Discretionary Access Control D. Mandatory Access Control Answer: C Explanation:
QUESTION NO: 250 Which of the following states that a user should never be given more privileges than are required to carry out a task? A. Principle of least privilege B. Segregation of duties C. Security through obscurity D. Role-based security Answer: A Explanation:
QUESTION NO: 251 Peter works as a Security Administrator for SecureEnet Inc. He observes that the database server of the company has been compromised and the data is stolen. Peter immediately wants to report this crime to the law enforcement authorities. Which of the following organizations looks after computer crime investigations in the United States? A. National Institute of Standards and Technology B. Federal Bureau of Investigation C. Local or National office of the US secret service D. Incident response team
93
GIAC G2700: Practice Exam Answer: C Explanation:
QUESTION NO: 252 You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following is the governing principle behind ISMS? A. An organization should implement and maintain IDS to manage risks to the network. B. An organization should design, implement, and maintain a coherent set of policies, processes, and systems to manage risks to its information assets. C. An organization should design, implement, and maintain a coherent set of policies to ensure proper marketing of products. D. An organization should apply encryption to its information assets. Answer: B Explanation:
QUESTION NO: 253 You work as an Information Security Manager for uCertify Inc. You are working on the documentation of ISMS. Which of the following steps are concerned with the development of ISMS? Each correct answer represents a complete solution. Choose all that apply. A. Risk management B. Selection of appropriate controls C. HR security planning D. Statement of Applicability Answer: A,B,D Explanation:
QUESTION NO: 254 CORRECT TEXT Sam uses Monte Carlo simulation to quantitatively assess cost and schedule risks of his project during planning processes. During risk monitoring and control, Sam repeats the technique, but it "Pass Any Exam. Any Time." - www.actualtests.com 94
GIAC G2700: Practice Exam leads to different results. Which of the following cannot be the reason for the difference in results?
Answer: New risks may have been identified. These cannot influence the input data used for Monte Carlo simulation in a way which was not predictable at the time when the simulation was run. Answer: New risks may have been identified. These influence the input data used for Monte Carlo simulation in a way which was not predictable at the time when the simulation was run. Answer: None of the dummy activities in the network logic has an element of uncertainty, which may get bigger over time. Answer: Some dummy activities in the network logic have an element of uncertainty, which gets bigger over time. While the project proceeds, it is getting even harder to predict how the team members assigned to them will perform. Answer: D
QUESTION NO: 255 Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)? A. SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO) B. SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF) C. SLE = Asset Value (AV) * Exposure Factor (EF) D. SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence Answer: C Explanation:
QUESTION NO: 256 You work as a Security Administrator for uCertify Inc. You have been assigned the task to apply a data availability solution based on a striped disk array without redundancy. Which of the following will you use to accomplish the task? A. RAID 3/4 B. RAID 1 C. RAID 5 D. RAID 0 Answer: D Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 95
QUESTION NO: 257 John works as a Security Administrator for uCertify Inc. As per his past experience, he wants to make a policy stating that any hardware devices containing information about the organization should be destroyed properly before they are thrown. After applying this policy, John will be able to ensure that the information on the devices will not fall into the hands of unauthorized persons after properly discarding the devices. Which of the following types of policies is John going to create? A. Due Care B. Privacy C. Disposal and destruction D. Security Answer: C Explanation:
QUESTION NO: 258 Which of the following creates policies, plans, and procedures to minimize the impact of risks to the organizational processes? A. Business Continuity Planning B. Change Management C. Social engineering D. Configuration Management Answer: A Explanation:
QUESTION NO: 259 You work as a Security Administrator for uCertify Inc. You have developed a user manual for internal use, which will help your colleagues to work efficiently in the organization. However, you are concerned about the possibility of the user manual being distributed to the public. Therefore, you have decided to implement a system of classification so that you can secure information.
96
GIAC G2700: Practice Exam Which of the following information classification levels will you use to implement the system? A. Department specific B. Public or unclassified C. Private or confidential D. Classified Answer: D Explanation:
QUESTION NO: 260 The Information Security Officer (ISO) of Blue Well Inc. wants to have a list of security measures put together. What should be done before security measures are selected by the Information Security Officer? A. Carry out an evaluation. B. Formulate information security policy. C. Carry out a risk analysis. D. Set up monitoring. Answer: C Explanation:
QUESTION NO: 261 An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition? A. Sharpen B. Rotate C. Blur D. Soften Answer: C Explanation:
97
GIAC G2700: Practice Exam QUESTION NO: 262 You are consulting with a small budget conscious accounting firm. Each accountant keeps individual records on their PC and checks them in and out of a server. They are concerned about losing data should the server hard drive crash. Which of the following RAID levels would you recommend? A. RAID 1 B. RAID 6 C. RAID 5 D. RAID 0 Answer: A Explanation:
QUESTION NO: 263 You work as a Security Administrator for uCertify Inc. You observe that an employee is spreading personal data of your organization. Which of the following standards of information security deals with the employees handling personal data in an organization? A. Human resource security B. Personal security C. Physical security D. Network Security Answer: A Explanation:
QUESTION NO: 264 Which of the following types of viruses is placed into the first sector of the hard drive? A. Multipartite B. Master boot record C. File D. Boot sector Answer: D Explanation:
98
QUESTION NO: 265 In which year was the Turnbull report published? A. 2005 B. 2000 C. 1999 D. 1992 Answer: C Explanation:
QUESTION NO: 266 The usage of pre-numbered forms for initiating a transaction is an example of which of the following types of control? A. Deterrent control B. Detective control C. Preventive control D. Application control Answer: C Explanation:
QUESTION NO: 267 How many modules are there in FaultTree+? A. 6 B. 5 C. 3 D. 4 Answer: C Explanation:
99
QUESTION NO: 268 Which of the following is NOT a common information-gathering technique while performing risk analysis? A. Review of existing policy documents B. Employment of automated risk assessment tools C. Distribution of questionnaire D. Interview of terminated employees Answer: D Explanation:
QUESTION NO: 269 An audit trail is an example of which of the following types of control? A. Detective control B. Application control C. Preventive control D. Deterrent control Answer: A Explanation:
QUESTION NO: 270 What does CRAMM stand for? A. Continuous Risk Analysis and Management Method B. CCTA Risk Analysis and Management Method C. Continuous Risk Analyzer and Manager Methodology D. CCTA Risk Analyzer and Manager Methodology Answer: B Explanation:
100
GIAC G2700: Practice Exam QUESTION NO: 271 Which of the following are computer clusters that are implemented primarily for the purpose of providing high availability of services which the cluster provides? A. High-availability clusters B. Globular clusters C. Load balancing clusters D. Tightly-coupled compute clusters Answer: A Explanation:
QUESTION NO: 272 Which of the following policies defines the goals and elements of an organization's computer systems? A. Public B. Corporate C. Human resource D. Computer security Answer: D Explanation:
QUESTION NO: 273 Which of the following is a legal system that gives great precedential weight to common law, on the principle that it is unfair to treat similar facts differently on different occasions? A. Religious law B. Common law C. Civil law D. Customary law Answer: B Explanation:
101
GIAC G2700: Practice Exam QUESTION NO: 274 Which of the following is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory? A. Self-modifying code B. Heap overflow C. Buffer overflow D. Ping of death Answer: C Explanation:
QUESTION NO: 275 Which of the following surveys found that the smaller organizations had had a better understanding of their information assets? A. Information Security Breaches Survey (ISBS) 2006 B. KPMG's Information Security Survey 2000 C. DTI Survey D. CBI Cyber Crime Survey Answer: A Explanation:
QUESTION NO: 276 Which of the following can be protected by the RAID implementation? A. Switch failure B. Disk failure C. Network failure D. Host failure Answer: B Explanation:
102
GIAC G2700: Practice Exam QUESTION NO: 277 Which of the following terms refers to the time duration during which a system or service is unavailable? A. Downtime B. Uptime C. Slowtime D. Peaktime Answer: A Explanation:
QUESTION NO: 278 An employee of your company has stolen some files and records. Which of the following security standards is concerned with this event? A. Business security B. Human right security C. Human security D. Human resource security Answer: D Explanation:
QUESTION NO: 279 Which of the following is an example of a corrective measure? A. To install a virus scanner B. To make a backup of the data that has been created or altered C. To restore a backup of the correct database D. To incorporate an Intrusion Detection System Answer: C Explanation:
103
GIAC G2700: Practice Exam QUESTION NO: 280 Mark works as a Network Security Administrator for uCertify Inc. He wants to implement a firewall technique over the network to inspect each packet passing through the network and to accept or reject it, based on user-defined rules. Which of the following types of firewall techniques is implemented by Mark to accomplish the task? A. Application gateway B. Proxy server C. Circuit-level gateway D. Packet filter Answer: D Explanation:
QUESTION NO: 281 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to create a document following the Business Model of information security to provide guidelines for information assets. Which of the following are the elements of the Business Model for information security? Each correct answer represents a complete solution. Choose all that apply. A. Process B. Technology C. People D. Training E. Organization Design and Strategy Answer: A,B,C,E Explanation:
QUESTION NO: 282 You have just taken control over network administration services for a sales and marketing firm. The sales staff (consisting of 10 people) rely heavily on both phone and internet connections for business. You notice that the sales staff has a single T1 line handling their phone and internet connections. Which of the following would be the best suggestion for improving this situation? A. Move to fiber optic. "Pass Any Exam. Any Time." - www.actualtests.com 104
GIAC G2700: Practice Exam B. Move them to a T3 line. C. Nothing, the system is fine as is. D. Add an additional T1 line for redundancy. Answer: D Explanation:
QUESTION NO: 283 In which of the following mechanisms does an authority, within limitations, specify what objects can be accessed by a subject? A. Mandatory Access Control B. Task-based Access Control C. Discretionary Access Control D. Role-Based Access Control Answer: C Explanation:
QUESTION NO: 284 In which of the following categories can a computer security policy be categorized? Each correct answer represents a complete solution. Choose all that apply. A. Availability B. Integrity C. Reliability D. Confidentiality Answer: A,B,C Explanation:
QUESTION NO: 285 You work as a Security Administrator for uCertify Inc. You have installed ten separate applications for your employees to work. All the applications require users to log in before working on them; however, this takes a lot of time. Therefore, you decide to use SSO to resolve this issue. Which of "Pass Any Exam. Any Time." - www.actualtests.com 105
GIAC G2700: Practice Exam the following are the other benefits of Single Sign-On (SSO)? Each correct answer represents a complete solution. Choose all that apply. A. Centralized reporting for compliance adherence B. Reducing IT costs due to lower number of IT help desk calls about passwords C. Reduces phishing success, because users are not trained to enter password everywhere without thinking D. Reduces the user experience Answer: A,B,C Explanation:
QUESTION NO: 286 Which of the following are the various types of security measures? Each correct answer represents a complete solution. Choose all that apply. A. Reductive B. Preventive C. Quantitative D. Qualitative Answer: A,B Explanation:
QUESTION NO: 287 You work as a CRO for uCertify Inc. You and your team are involved in the pre-assessment phase of the risk governance framework. One of your newly joined team member wants to know the steps involved in the pre-assessment phase. Choose and reorder the steps performed in the preassessment phase.
106
GIAC G2700: Practice Exam A. Answer: A Explanation:
QUESTION NO: 288 Which of the following sections come under the ISO/IEC 27002 standard? Each correct answer represents a complete solution. Choose all that apply. A. Asset management B. Security policy C. Financial assessment D. Risk assessment Answer: A,B,D Explanation:
QUESTION NO: 289 Which of the following refers to the process of adjusting the capacity of a company to meet the changed or predicted demands? A. Business continuity planning B. Capacity planning C. DR planning D. ER planning Answer: B Explanation:
QUESTION NO: 290 You work as a Security Administrator for uCertify Inc. You need to install a honeypot inside network firewalls to monitor and track hackers. What should you install on the system before deploying the honeypot? Each correct answer represents a complete solution. Choose all that apply. "Pass Any Exam. Any Time." - www.actualtests.com 107
GIAC G2700: Practice Exam A. Install the IAS server on the system to verify Internet related activities. B. Install the operating system without patches installed and use typical defaults and options. C. Install the application that is designed to record the activities of the invader. D. Install the RADIUS server to check the authentication of the invader. Answer: B,C Explanation:
QUESTION NO: 291 You work as a Network Administrator for uCertify Inc. You are responsible for selecting the access control method that will be used for kiosk system software. Your manager wants to have full access to all information about all categories, but the visitors can access only general information about the organization. Which of the following types of access controls is suitable to accomplish this task? A. Attribute-based access control B. Rule-based access control C. Discretionary access control D. Mandatory access control Answer: D Explanation:
QUESTION NO: 292 Mark works as a Data Center Manager for TechNet Inc. A few days ago, he published a blog about himself during his working hours. However, as per the organization's policy, any member of the organization cannot use any resources of the organization for his personal use. Since Mark has violated the policy, he should go to an internal committee and be informed of his rights in the matter. Which of the following practices is being implemented? A. Due process B. Integrity Management Consulting C. Due diligence D. Due care Answer: A Explanation:
108
GIAC G2700: Practice Exam QUESTION NO: 293 Which of the following are the limitations of Redundant Array of Inexpensive Disks (RAID)? Each correct answer represents a complete solution. Choose all that apply. A. It is difficult to move RAID to a new system. B. It cannot simplify disaster recovery. C. It cannot provide a performance boost in all applications. D. It cannot protect the data on the array. Answer: A,B,C,D Explanation:
QUESTION NO: 294 You work as an Information Security Manager for uCertify Inc. You are working on an asset management plan. Which of the following controls of the ISO 27000 standard deals with asset management? A. Control A.1 B. Control A.8 C. Control A.2 D. Control A.7 Answer: D Explanation:
QUESTION NO: 295 Which of the following are security design principles required for information protection? Each correct answer represents a complete solution. Choose all that apply. A. Closed design B. Least privilege C. Separation of duties D. Complete meditation Answer: B,C,D Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 109
QUESTION NO: 296 Sam is one of the four network administrators in Blue Well Inc. They have been assigned together the task to implement PDCA on the project. Sam has to work on the Plan stage of the project. Which of the following tasks should be performed by Sam? Each correct answer represents a complete solution. Choose all that apply. A. Preparing a statement of applicability B. Defining the scope of ISMS C. Defining the information security policy D. Managing operations and resources Answer: A,B,C Explanation:
QUESTION NO: 297 Which of the following are the purposes of security awareness, training, and education? Each correct answer represents a complete solution. Choose all that apply. A. Make computer system users aware of their security responsibilities and teaching them correct practices, which helps users change their behavior. B. Enhance the skills and knowledge so that the computer users can perform their jobs more securely. C. Improve awareness of the need to protect system resources. D. Construct in-depth knowledge, as needed, to design, implement, or operate security programs for organizations and systems. Answer: A,B,C,D Explanation:
QUESTION NO: 298 Which of the following are process elements for remote diagnostics? Each correct answer represents a complete solution. Choose all that apply.
110
GIAC G2700: Practice Exam A. Compare with known or expected behavior data. B. Perform analysis of data to detect trends. C. After detected performance degradation, predict the failure moment by extrapolation. D. Remotely monitor selected vital system parameters. Answer: A,B,C,D Explanation:
QUESTION NO: 299 You work as a Security Administrator for uCertify Inc. You have been assigned the task to improve the security of the organization. For accomplishing the task, you need to improve the layers of physical security. Which of the following are the layers of physical security? Each correct answer represents a complete solution. Choose all that apply. A. Video monitoring B. Immigration system C. Intrusion detection D. Environmental design E. Personnel Identification Answer: A,C,D,E Explanation:
QUESTION NO: 300 Which of the following roles is responsible for the review and risk analysis of all the contracts on regular basis? A. The IT Service Continuity Manager B. The Configuration Manager C. The Supplier Manager D. The Service Catalogue Manager Answer: C Explanation:
QUESTION NO: 301 You are the Network Administrator for a school. You are concerned that end users' might "Pass Any Exam. Any Time." - www.actualtests.com 111
GIAC G2700: Practice Exam accidentally have access to resources they do not require. What concept should you implement in your network security management to best address this concern? A. ACL B. Explicit Deny C. The principle of least privileges D. Implicit Allow Answer: C Explanation:
QUESTION NO: 302 Which of the following considerations should be kept in mind while working on the business continuity planning process? Each correct answer represents a complete solution. Choose all that apply. A. Clustering B. Network connectivity C. Facilities D. SLA Answer: A,B,C Explanation:
QUESTION NO: 303 The System Management department has the pass to enter the computer room. The access to that computer room is closed off using the pass reader. Which of the following categories of security defines the above scenario? A. Repressive security measure B. Physical security measure C. Corrective security measure D. Logical security measure Answer: B Explanation:
112
QUESTION NO: 304 Which of the following elements of the PDCA (Plan-Do-Check-Act) methodology describes the objectives and processes required to deliver results according to the customer requirements and the organization's policies? A. Act B. Do C. Check D. Plan Answer: D Explanation:
QUESTION NO: 305 Which of the following statements is true about annualized loss expectancy? A. It is defined as the cost related to a single realized risk against a particular asset. B. It is defined as the yearly cost of all instances of a particular threat against a particular ass et. C. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. D. It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year. Answer: B Explanation:
QUESTION NO: 306 Which of the following is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state? A. Supply chain management B. Inventory management C. Information security management D. Change management
113
GIAC G2700: Practice Exam Answer: D Explanation:
QUESTION NO: 307 Which of the following are implemented in the Do phase of the PDCA model? Each correct answer represents a complete solution. Choose all that apply. A. Information security policy B. Development of an information security policy C. Underlying procedures and measures of the information security policy D. Documentation of an information security policy Answer: A,C Explanation:
QUESTION NO: 308 Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response? A. Risk transference B. Risk avoidance C. Risk acceptance D. Risk mitigation Answer: A Explanation:
QUESTION NO: 309 Which of the following organizations provides a reference-method for publicly-known informationsecurity vulnerabilities and exposures? A. IEEE B. FCC C. ITU "Pass Any Exam. Any Time." - www.actualtests.com 114
GIAC G2700: Practice Exam D. CVE Answer: D Explanation:
QUESTION NO: 310 In which of the following sections of the Computer Misuse Act 1990 are amendments made by Part 5 of the Police and Justice Act 2006? Each correct answer represents a complete solution. Choose all that apply. A. Section 39 B. Section 38 C. Section 36 D. Section 35 Answer: B,C,D Explanation:
QUESTION NO: 311 Mark works as a security manager for SoftTech Inc. He is performing a security awareness program. To be successful in performing the awareness program, he should take into account the needs and current levels of training and understanding of the employees and audience. There are five key ways, which Mark should keep in mind while performing this activity: l Current level of computer usage l What the audience really wants to learn l How receptive the audience is to the security program l How to gain acceptance l Who might be a possible ally Which of the following activities is performed in this security awareness process? A. Audience segmentation B. Audience participation C. Separation of duties D. Stunned owl syndrome "Pass Any Exam. Any Time." - www.actualtests.com 115
QUESTION NO: 312 You work as an Information Security Manager for uCertify Inc. You are implementing an asset management strategy. Which of the following should you include in your strategy to make it effective? Each correct answer represents a complete solution. Choose all that apply. A. Software assets B. Organization's reputation C. Outage duration D. IT equipment Answer: A,B,D Explanation:
QUESTION NO: 313 You work as a Security Administrator for uCertify Inc. You are concerned about the password security. Therefore, you have decided to apply a policy that will be helpful for others to create strong passwords. Which of the following are the important things that should be remembered to create a strong password? Each correct answer represents a complete solution. Choose all that apply. A. It should contain at least one number or punctuation character. B. It should contain at least one capital letter. C. It should be a known word. D. It should be of eight characters. Answer: A,B,D Explanation:
QUESTION NO: 314 Which of the following is the method of hiding data within another media type such as graphic or "Pass Any Exam. Any Time." - www.actualtests.com 116
GIAC G2700: Practice Exam document? A. Spoofing B. Packet sniffing C. Cryptanalysis D. Steganography Answer: D Explanation:
QUESTION NO: 315 Which of the following are the rights that are given to the person who has processed data? Each correct answer represents a complete solution. Choose all that apply. A. To require that their data is used for direct marketing B. To view the data an organization holds on them, for a small fee, known as 'subject access f ee' C. To require that data is not used in any way that may potentially cause damage or distress D. To request that incorrect information be corrected Answer: B,C,D Explanation:
QUESTION NO: 316 Mark works as a System Administrator for uCertify Inc. He has recently installed freeware software from the Internet. He finds that the software displays some advertisements in a corner of the window. He notices that even when he is not downloading anything from the web, downloads are still increasing very frequently, despite the fact he is not using any web browser or Internet applications. After doing some research, Mark finds that the new software is downloading these files. Which of the following types of programs has Mark installed on his computer? A. Macro B. MBR C. Tarpit D. Adware Answer: D Explanation:
117
QUESTION NO: 317 Which of the following controls are related to Business Continuity and disaster recovery? A. Detective controls B. Preventive controls C. Corrective controls D. Recovery controls Answer: D Explanation:
QUESTION NO: 318 Andrew works as one of the four network administrators for Doliver Inc. They have been assigned together the task to implement PDCA on the project. Andrew has to work on the Check stage of the project. Which of the following tasks should be performed by Andrew? Each correct answer represents a complete solution. Choose all that apply. A. Monitor B. Audit C. Review D. Documentation Answer: A,B,C Explanation:
QUESTION NO: 319 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to classify different information assets used in your organization. Which of the following should be the basis of your classification? A. Usage of the information for the organization B. Owner of the information C. Origin of the information
118
GIAC G2700: Practice Exam D. Impact on the organization if information is disclosed Answer: D Explanation:
QUESTION NO: 320 Which of the following is the basic requirement to install WinDump on a Windows computer system? A. tcptrace B. WinPcap C. pcap D. EtherPeek Answer: B Explanation:
QUESTION NO: 321 Which of the following is a system for detecting computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous? A. Intrusion Prevention System B. Anomaly-Based Intrusion Detection System C. Network-based Intrusion Prevention (NIPS) D. Wireless Intrusion Prevention Systems (WIPS) Answer: B Explanation:
QUESTION NO: 322 NIST Special Publication 800-50 is a security awareness program. It is designed for those people who are currently working in the information technology field and want information on security policies. Which of the following are some of its critical steps? Each correct answer represents a complete solution. Choose two.
119
GIAC G2700: Practice Exam A. Awareness and Training Material Development B. Awareness and Training Material Implementation C. Awareness and Training Program Design D. Awareness and Training Material Effectiveness Answer: A,C Explanation:
QUESTION NO: 323 David has identified a technical risk in his project and has been assigned a contingency for that. Which part of the risk response strategy does planning contingency reserves come under? A. Active risk acceptance B. Risk avoidance C. Risk transfer D. Passive risk acceptance Answer: A Explanation:
QUESTION NO: 324 Peter works as a Security Administrator for SecureEnet Inc. He observes that the database server of the company has been compromised and the data is stolen. Peter immediately wants to report this crime to the law enforcement authorities. Which of the following organizations looks after computer crime investigations in the United States? A. Local or National office of the US secret service B. National Institute of Standards and Technology C. Federal Bureau of Investigation D. Incident response team Answer: A Explanation:
QUESTION NO: 325 Which of the following standards was concerned with corporate governance and directors' "Pass Any Exam. Any Time." - www.actualtests.com 120
GIAC G2700: Practice Exam remuneration and issued in 1998? A. ISO 27001 B. Combined Code C. Turnbull Report D. Sarbanes-Oxley Act Answer: B Explanation:
QUESTION NO: 326 What is the order of the steps in the incident cycle? A. Incident, Threat, Damage, Recovery B. Incident, Recovery, Damage, Threat C. Threat, Damage, Incident, Recovery D. Threat, Incident, Damage, Recovery Answer: D Explanation:
QUESTION NO: 327 You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following elements are included in ISMS? Each correct answer represents a complete solution. Choose all that apply. A. Implement B. Plan C. Evaluation D. Encrypt Answer: A,B,C Explanation:
121
GIAC G2700: Practice Exam QUESTION NO: 328 John's organization has collected several applications for an employment position within his organization. The data collected from these applications must be kept secure and private, especially in light of the Privacy Act of what year? A. 1968 B. 2007 C. 1964 D. 1974 Answer: D Explanation:
QUESTION NO: 329 Gary is the project manager for his organization. He is working with the project stakeholders on the project requirements and how risks may affect their project. One of the stakeholders is confused about what constitutes risks in the project. Which of the following is the most accurate definition of a project risk? A. It is an uncertain event or condition within the project execution. B. It is an uncertain event that can affect at least one project objective. C. It is an unknown event that can affect the project scope. D. It is an uncertain event that can affect the project costs. Answer: B Explanation:
QUESTION NO: 330 Mark works as a Webmaster for Infonet Inc. He sets up an e-commerce site. He wants to accept online payments through credit cards on this site. He wants the credit card numbers to be encrypted. What will Mark do to accomplish the task? A. Use PGP. B. Use SET. C. Use HTTP. D. Use MIME. Answer: B "Pass Any Exam. Any Time." - www.actualtests.com 122
QUESTION NO: 331 Which of the following persons is responsible for testing and verifying whether the security policy is properly implemented, and the derived security solutions are adequate or not? A. Data custodian B. User C. Auditor D. Data owner Answer: C Explanation:
QUESTION NO: 332 Which of the following formulas is used to represent the annualized loss expectancy (ALE)? A. ALE=asset value ($)/exposure factor (EF) B. ALE=single loss expectancy (SLE)*annualized rate of occurrence (ARO) C. ALE=single loss expectancy (SLE)/annualized rate of occurrence (ARO) D. ALE=asset value ($)*exposure factor (EF) Answer: B Explanation:
QUESTION NO: 333 Which of the following is the method of hiding data within another media type such as graphic or document? A. Steganography B. Packet sniffing C. Cryptanalysis D. Spoofing Answer: A "Pass Any Exam. Any Time." - www.actualtests.com 123
QUESTION NO: 334 In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem. A. Reverse social engineering attack B. Impersonation attack C. Important user posing attack D. In person attack Answer: A Explanation:
QUESTION NO: 335 Which of the following defines the interdependent relationships among the internal support groups of an organization working to support a Service Level Agreement? A. Two-way Connection Agreement B. System Security Authorization Agreement C. Operational Level Agreement D. Non Disclosure Agreement Answer: C Explanation:
QUESTION NO: 336 Which of the following are the steps of the Do stage of the project? Each correct answer represents a part of the solution. Choose all that apply. A. The options are identified and evaluated for the treatment of the risks. B. Training and awareness programs for affected staff are scheduled. C. The risk treatment plan is implemented and controls are planned. "Pass Any Exam. Any Time." - www.actualtests.com 124
GIAC G2700: Practice Exam D. Operations and resources are managed. Answer: B,C,D Explanation:
QUESTION NO: 337 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to create a document following the Business Model of information security to provide guidelines for information assets. Which of the following are the elements of the Business Model for information security? Each correct answer represents a complete solution. Choose all that apply. A. Technology B. People C. Training D. Organization Design and Strategy E. Process Answer: A,B,D,E Explanation:
QUESTION NO: 338 Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response? A. Risk mitigation B. Risk avoidance C. Risk transference D. Risk acceptance Answer: C Explanation:
QUESTION NO: 339 You work as a Security Administrator for uCertify Inc. You have been assigned the task to verify "Pass Any Exam. Any Time." - www.actualtests.com 125
GIAC G2700: Practice Exam the identity of the employees recruited in your organization. Which of the following components of security deals with an employee's verification in the organization? A. Access security B. Physical security C. Human resource security D. Network Security Answer: C Explanation:
QUESTION NO: 340 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset? A. Equipment B. Electricity C. Personal data D. Reputation of the company Answer: D Explanation:
QUESTION NO: 341 Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system? A. Cross site scripting attack B. Mail bombing C. Password guessing attack D. Social engineering attack Answer: D Explanation:
126
GIAC G2700: Practice Exam QUESTION NO: 342 Andrew is the CEO of uCertify Inc. He wants to improve the resources and revenue of the company. He uses the PDCA methodology to accomplish the task. Which of the following are the phases of the PDCA methodology? Each correct answer represents a complete solution. Choose all that apply. A. Calculate B. Act C. Plan D. Deviate Answer: B,C Explanation:
QUESTION NO: 343 Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two. A. It is the fastest method of backing up data. B. It backs up the entire database, including the transaction log. C. It is the slowest method for taking a data backup. D. It backs up only the files changed since the most recent backup and clears the archive bit. Answer: A,D Explanation:
QUESTION NO: 344 You work as a Security Administrator for uCertify Inc. You have been assigned a task to provide a solution that has a striped set with distributed parity or interleave parity. Which of the following will help you to meet the organizational requirements? A. RAID 5 B. RAID 0 C. RAID 10 D. RAID 3/4
127
QUESTION NO: 345 Which of the following groupings is correct regarding security measures? A. Physical, logical, preventive, detective B. Preventive, detective, repressive, corrective C. Logical, repressive, preventive, corrective D. Organizational, preventive, corrective, physical Answer: B Explanation:
QUESTION NO: 346 Which of the following defines the amount of data loss a business can endure? A. RTA B. RTO C. RPO D. BCP Answer: C Explanation:
QUESTION NO: 347 Which of the following are the variables on which the structure of Service Level Agreement depends? Each correct answer represents a complete solution. Choose all that apply. A. It depends on the physical aspects of the organization. B. It depends on the nature of the business activities, in terms of general terms and conditions, and business hours. C. It depends on the cultural aspects. "Pass Any Exam. Any Time." - www.actualtests.com 128
GIAC G2700: Practice Exam D. It depends on the infrastructure aspects of the organization. Answer: A,B,C Explanation:
QUESTION NO: 348 Which of the following are the purposes of security awareness, training, and education? Each correct answer represents a complete solution. Choose all that apply. A. Improve awareness of the need to protect system resources. B. Make computer system users aware of their security responsibilities and teaching them correct practices, which helps users change their behavior. C. Enhance the skills and knowledge so that the computer users can perform their jobs more securely. D. Construct in-depth knowledge, as needed, to design, implement, or operate security programs for organizations and systems. Answer: A,B,C,D Explanation:
QUESTION NO: 349 Which of the following phases of the PDCA model is the monitoring and controlling phase of the Information Security Management System (ISMS)? A. Act B. Do C. Check D. Plan Answer: C Explanation:
QUESTION NO: 350 Which of the following best describes the identification, analysis, and ranking of risks?
129
GIAC G2700: Practice Exam A. Plan Risk management B. Design of experiments C. Fast tracking D. Fixed-price contract Answer: A Explanation:
QUESTION NO: 351 You work as a Network Administrator for uCertify Inc. You are responsible for selecting the access control method that will be used for kiosk system software. Your manager wants to have full access to all information about all categories, but the visitors can access only general information about the organization. Which of the following types of access controls is suitable to accomplish this task? A. Attribute-based access control B. Mandatory access control C. Discretionary access control D. Rule-based access control Answer: B Explanation:
QUESTION NO: 352 Which of the following is a technical measure? A. Encryption of data B. Creation of a policy that defines what is and what is not permitted in the e-mail C. Allocation of information to an owner D. Storage of system management passwords Answer: A Explanation:
QUESTION NO: 353 You are the Network Administrator for a school. You are concerned that end users' might "Pass Any Exam. Any Time." - www.actualtests.com 130
GIAC G2700: Practice Exam accidentally have access to resources they do not require. What concept should you implement in your network security management to best address this concern? A. Explicit Deny B. Implicit Allow C. ACL D. The principle of least privileges Answer: D Explanation:
QUESTION NO: 354 Mark works as a Network Security Administrator for uCertify Inc. He has installed IDS for matching incoming packets against known attacks. Which of the following types of intrusion detection techniques is being used? A. Host-based IDS B. Pattern Matching IDS C. Network-based IDS D. Signature-based IDS Answer: B Explanation:
QUESTION NO: 355 You work as an Information Security Manager for uCertify Inc. The company is releasing the documentation about a software product. Which of the following documents is required by the company to protect it against a libel action if information is corrupted, lost, and destroyed? A. Non disclosure agreement B. Copyright C. Acknowledgement D. Legal disclaimer Answer: D Explanation:
131
GIAC G2700: Practice Exam QUESTION NO: 356 Sam works as the Chief Information Security Officer for Blue Well Inc. There are a number of teams for the security purposes. Which of the following are the types of teams of which Sam can be a part of? Each correct answer represents a complete solution. Choose all that apply. A. Computer Data Development Team B. Computer Security Incident Response Team C. Computer Information Development Team D. Computer Emergency Response Team Answer: B,D Explanation:
QUESTION NO: 357 Which of the following utilize information system in order to recognize, control, and protect information or any equipment used? Each correct answer represents a complete solution. Choose all that apply. A. Storage B. Processing C. Development D. Transmission Answer: A,B,D Explanation:
QUESTION NO: 358 You work as a Network Security Administrator for uCertify Inc. You feel that someone has accessed your computer and used your e-mail account. To check whether there is any virus installed into your computer, you scan your computer but do not find any illegal software. Which of the following types of security attacks generally runs behind the scenes on your computer? A. Zero-day B. Rootkit C. Replay "Pass Any Exam. Any Time." - www.actualtests.com 132
GIAC G2700: Practice Exam D. Hybrid Answer: B Explanation:
QUESTION NO: 359 Which of the following individuals are responsible for identifying, planning, documenting, overseeing, budgeting, maintaining, and monitoring security of the individual systems in an organization? Each correct answer represents a complete solution. Choose all that apply. A. Information System Security Officer B. Information System Owner C. Senior Information Security Officer D. Chief Information Officer Answer: A,B Explanation:
QUESTION NO: 360 You work as an Information Security Manager for uCertify Inc. You need to make the documentation on change management. What are the advantages of using change management? Each correct answer represents a complete solution. Choose all that apply. A. Improved estimates of the costs of proposed changes B. Reduced adverse impact of changes on the quality of IT services C. Maintenance of user passwords in a secure location D. Encryption of personal data when changing locations Answer: A,B Explanation:
QUESTION NO: 361 Which of the following concepts or terms states that changes related to one requirement, i.e., "Pass Any Exam. Any Time." - www.actualtests.com 133
GIAC G2700: Practice Exam scope, time, or cost, will at least influence one other element? A. Triple theory estimation B. Triple point theory C. Triple point estimation D. Triple constraint Answer: D Explanation:
QUESTION NO: 362 Which of the following are the negative points of CRAMM? Each correct answer represents a complete solution. Choose all that apply. A. Full reviews, which usually last long, generate a lot of hard-copy output. B. It regularly updates extensive hierarchical countermeasure databases covering non-technical areas. C. After rapid changes to system or network reviewed, there is a possibility of insignificance of some results in a full review due to delay between analysis and implementation. D. It requires qualified and experienced practitioners to use it. Answer: A,C,D Explanation:
QUESTION NO: 363 As per a password policy, which of the following rules should be followed by a user while creating a password? Each correct answer represents a complete solution. Choose all that apply. A. Inclusion of one or more numerical digits B. Inclusion of words found in a dictionary or the user's personal information C. Use of both upper- and lower-case letters (case sensitivity) D. Inclusion of special characters Answer: A,C,D Explanation:
134
QUESTION NO: 364 You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task? A. Snow B. Blindside C. ImageHide D. Stealth Answer: D Explanation:
QUESTION NO: 365 Which of the following are the elements of Information Security Management System framework? Each correct answer represents a complete solution. Choose all that apply. A. Implement B. Reset C. Plan D. Control Answer: A,C,D Explanation:
QUESTION NO: 366 Which of the following refers to the amount of downtime that a business can endure to survive? A. RTA B. RTO C. BCP D. RPO Answer: B Explanation:
135
QUESTION NO: 367 You work as an Information Security Officer. You are working on an asset management plan. You need to assign ownership of some assets to an employee. You are making a documentation to explain the responsibilities of an owner of the business asset. Which of the following areas should you include in your documentation? Each correct answer represents a complete solution. Choose all that apply. A. Revenue tracking B. Management C. Development D. Production E. Security Answer: B,C,D,E Explanation:
QUESTION NO: 368 How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat? A. Asset Value X Exposure Factor (EF) B. Single Loss Expectancy (SLE)/ Exposure Factor (EF) C. Exposure Factor (EF)/Single Loss Expectancy (SLE) D. Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO) Answer: D Explanation:
QUESTION NO: 369 Choose and re-order the activities that are performed by the 'Plan' cycle component of PDCA (plan-docheck- act).
136
QUESTION NO: 370 Which of the following paragraphs of the Turnbull Guidance stated that the board of directors is responsible for the company's system of internal control? A. 19 B. 18 C. 17 D. 16 Answer: D Explanation:
QUESTION NO: 371 Which of the following types of software is used by organizations to arrange for different passwords on different systems to have the same value when they belong to the same person? A. Self-service password reset software B. Web single signon software C. Password synchronization software D. Enterprise Single signon software Answer: C Explanation:
137
QUESTION NO: 372 The guidelines that are defined in the ISO/IEC 27002:2005 standard deal with which of the following aspects of information security? Each correct answer represents a complete solution. Choose all that apply. A. Procedural B. Situational C. Logical D. Physical Answer: A,C,D Explanation:
QUESTION NO: 373 Which of the following are the malicious activities that can be performed by a bot/botnet? Each correct answer represents a complete solution. Choose all that apply. A. It can perform DDoS attacks. B. It can work as spambots that harvest email addresses from contact forms or guestbook pag es. C. It can work as virus or as a worm. D. It can be malicious File-name modifiers on anonymous file-sharing Answer: A,B,C Explanation:
QUESTION NO: 374 You work as a Security Administrator for uCertify Inc. You have been assigned the task to provide a solution based on high reliability combined with high performance. Which of the following will you use to accomplish the task? A. RAID 10 B. RAID 5 "Pass Any Exam. Any Time." - www.actualtests.com 138
GIAC G2700: Practice Exam C. RAID 0 D. RAID 1 Answer: A Explanation:
QUESTION NO: 375 You work as an Information Security Manager for uCertify Inc. You have been assigned the task to list down all procedures included in control A.7.2.2 of the ISO standard. Which of the following procedures are included in control A.7.2.2? Each correct answer represents a complete solution. Choose all that apply. A. Storage B. Encryption C. Destruction D. Acquisition of information Answer: A,C,D Explanation:
QUESTION NO: 376 You work as a Security Administrator for uCertify Inc. You are working on a disaster recovery plan. According to the plan, the remote site B will hold a copy of data that is 2 hours behind the production data at site A. It will take 4 hours after a downtime at site A to decide to shift production to site B. An additional 40 minutes will be needed to bring up the network and redirect users so that the site B can become productive. What is the RPO of the plan? A. 2 hours B. 50 minutes C. 4 hours D. 40 minutes Answer: A Explanation:
139
GIAC G2700: Practice Exam QUESTION NO: 377 Which of the following are elements of an information security policy document? Each correct answer represents a complete solution. Choose all that apply. A. Policy Text B. Policy scope C. Scope D. Sanctions Answer: A,C,D Explanation:
QUESTION NO: 378 David works as the Network Administrator for uCertify Inc. He has been assigned the task to analyze and manage risks in the computer network of the organization. Which of the following are the stages of the CRAMM review that David will go through? Each correct answer represents a complete solution. Choose all that apply. A. To identify and prioritize countermeasures B. To identify threats and vulnerabilities and calculate risks C. To remove risks and install antivirus D. To identify and value assets Answer: A,B,D Explanation:
QUESTION NO: 379 You work as a Network Auditor for Net Perfect Inc. The company has a Windows-based network. You need to audit the network of the company. You need to plan the audit process to minimize the audit risk. What steps will you take to minimize the possibility of audit risk?
140
QUESTION NO: 380 An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition? A. Sharpen B. Soften C. Blur D. Rotate Answer: C Explanation:
QUESTION NO: 381 What are the basic steps involved in Continuity Management? 1. Prioritizing the businesses to be recovered by conducting a Business Impact Analysis (BIA). 2. Performing a Risk Assessment (aka Risk Analysis) for each of the IT Services to identify the assets, threats, vulnerabilities, and countermeasures for each service. 3. Evaluating the options for recovery. 4. Producing the Contingency Plan.
141
GIAC G2700: Practice Exam 5. Testing, reviewing, and revising the plan on a regular basis. Each correct answer represents a complete solution. Choose two. A. 1, 3, and 5 only B. 1, 2, 3, 4, and 5 C. 3, 4, and 5 only D. 1, 2, and 5 only E. 2, 3, and 4 Answer: B,E Explanation:
QUESTION NO: 382 You work as an Information Security Manager for uCertify Inc. You are working on a project related to communications and operations security. Which of the following controls of the ISO standard deals with equipment security? A. Control A.8.1 B. Control A.10.1 C. Control A.7.1 D. Control A.9.2 Answer: D Explanation:
QUESTION NO: 383 Which of the following defines the interdependent relationships among the internal support groups of an organization working to support a Service Level Agreement? A. Two-way Connection Agreement B. Non Disclosure Agreement C. Operational Level Agreement D. System Security Authorization Agreement Answer: C Explanation:
142
QUESTION NO: 384 In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem. A. Reverse social engineering attack B. Important user posing attack C. Impersonation attack D. In person attack Answer: A Explanation:
QUESTION NO: 385 Which of the following Acts is a federal law enacted in the United States to control the ways that financial institutions deal with the private information of individuals? A. Privacy Act B. Equal Credit Opportunity Act C. Stalking Amendment Act (1999) D. Gramm-Leach-Bliley Act Answer: D Explanation:
QUESTION NO: 386 Which of the following is the correct formula of annualized loss expectancy? A. ALE=single loss expectancy*annualized rate of occurrence B. ALE= asset value*exposure factor C. ALE=single loss expectancy*exposure factor D. ALE=asset value*annualized rate of occurrence Answer: A Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 143
QUESTION NO: 387 CORRECT TEXT Sam uses Monte Carlo simulation to quantitatively assess cost and schedule risks of his project during planning processes. During risk monitoring and control, Sam repeats the technique, but it leads to different results. Which of the following cannot be the reason for the difference in results?
Answer: Some dummy activities in the network logic have an element of uncertainty, which gets bigger over time. While the project proceeds, it is getting even harder to predict how the team members assigned to them will perform. Answer: None of the dummy activities in the network logic has an element of uncertainty, which may get bigger over time. Answer: New risks may have been identified. These influence the input data used for Monte Carlo simulation in a way which was not predictable at the time when the simulation was run. Answer: New risks may have been identified. These cannot influence the input data used for Monte Carlo simulation in a way which was not predictable at the time when the simulation was run. Answer: A
QUESTION NO: 388 Which formula will you use to calculate the estimated average cost of 1 hour of downtime? A. (Employee costs per hour X Number of employees affected by outage) - (Average income per hour) B. (Employee costs per hour - Number of employees affected by outage) + (Average income per hour) C. (Employee costs per hour X Number of employees affected by outage) + (Average income per hour) D. (Employee costs per hour / Number of employees affected by outage) + (Average income per hour) Answer: C Explanation:
QUESTION NO: 389 Mark works as a Security Administrator for uCertify Inc. He is responsible to update Standard
144
GIAC G2700: Practice Exam Operating Procedures (SOPs) in his organization. In this process, Mark needs to update many programs and modify some registry files in the operating system. He wants to make a document of each step taken by him, so that he can come back and restore the system to its actual state if any problem occurred in the update. Which type of document should Mark create to accomplish the task? A. Technical documentation B. Change control documentation C. Compliance documentation D. Legal documentation Answer: B Explanation:
QUESTION NO: 390 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to make a document on the classification of information assets. Which of the following controls of the ISO standard provides guidelines on the classification of information? A. Control A.7.2 B. Control A.7.1.2 C. Control A.7.2.1 D. Control A.7.1.3 Answer: C Explanation:
QUESTION NO: 391 Which of the following are the goals of cryptography? Each correct answer represents a complete solution. Choose all that apply. A. Authentication B. Authorization C. Data integrity D. Confidentiality Answer: A,C,D Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 145
QUESTION NO: 392 Mark works as a Webmaster for Infonet Inc. He sets up an e-commerce site. He wants to accept online payments through credit cards on this site. He wants the credit card numbers to be encrypted. What will Mark do to accomplish the task? A. Use MIME. B. Use HTTP. C. Use SET. D. Use PGP. Answer: C Explanation:
QUESTION NO: 393 Which of the following Acts, enacted in the United States, amends Civil Rights Act of 1964, providing technical changes affecting the length of time allowed to challenge unlawful seniority provisions, to sue the federal government for discrimination and to bring age discrimination claims? A. The USA Patriot Act of 2001 B. Civil Rights Act of 1991 C. Sexual Predators Act D. PROTECT Act Answer: B Explanation:
QUESTION NO: 394 John, a novice web user, makes a new e-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply. A. Hybrid attack
146
GIAC G2700: Practice Exam B. Rule based attack C. Brute Force attack D. Dictionary attack Answer: A,C,D Explanation:
QUESTION NO: 395 A business impact analysis should be reviewed at a minimum annually but there are a few events in which it should be reviewed more frequently. Which of the following are these events? Each correct answer represents a complete solution. Choose all that apply. A. Significant changes in the internal business process, location, or technology B. A part of a service contract where the level of service is formally defined C. A particularly aggressive pace of business change D. Significant changes in the external business environment Answer: A,C,D Explanation:
QUESTION NO: 396 Which of the following provides high availability of data? A. Anti-virus software B. RAID C. EFS D. Backup Answer: B Explanation:
QUESTION NO: 397 Which of the following methods can be helpful to eliminate social engineering threat? Each correct answer represents a complete solution. Choose three. "Pass Any Exam. Any Time." - www.actualtests.com 147
GIAC G2700: Practice Exam A. Password policies B. Vulnerability assessments C. Data classification D. Data encryption Answer: A,B,C Explanation:
QUESTION NO: 398 Which of the following groupings is correct regarding security measures? A. Physical, logical, preventive, detective B. Organizational, preventive, corrective, physical C. Preventive, detective, repressive, corrective D. Logical, repressive, preventive, corrective Answer: C Explanation:
QUESTION NO: 399 Sam works as the Network Administrator for uCertify Inc. The information of a sensitive nature is processed. The highest-level security measures are to be implemented by management. What is this kind of risk strategy called? A. Risk compensating B. Risk avoiding C. Risk bearing D. Risk neutral Answer: B Explanation:
QUESTION NO: 400 Disaster recovery plan consists of various tiers for identifying the methods of recovering missioncritical computer systems that are necessary to support business continuity. All these tiers provide a simple method to define current service levels and associated risks. Choose and re-order the "Pass Any Exam. Any Time." - www.actualtests.com 148
GIAC G2700: Practice Exam tiers of disaster recovery plan.
QUESTION NO: 401 You work as the Network Security Administrator for uCertify Inc. The organization is using an intranet to distribute information to its employees. A database residing on the network contains employees' information, such as employee name, designation, department, phone extension, date of birth, date of joining, etc. You are concerned about the security because the database has all information about employees, which can help an unauthorized person to recognize an individual. Which Personally Identifiable Information should be removed from the database so that the unauthorized person cannot identify an individual? A. Date of birth B. Employee name C. Employee code D. Date of joining Answer: A Explanation:
QUESTION NO: 402 Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management? "Pass Any Exam. Any Time." - www.actualtests.com 149
GIAC G2700: Practice Exam A. Project risk management happens at every milestone. B. Project risk management has been concluded with the project planning. C. At every status meeting of the project team, project risk management is an agenda item. D. Project risk management is scheduled for every month in the 18-month project. Answer: C Explanation:
QUESTION NO: 403 For which of the following can risk analysis be used? A. Reducing risks to an acceptable level in conjunction with security measures B. Expressing the value of information for an organization in terms of money C. Ensuring that security measures are deployed in a cost-effective fashion D. Clarifying management about their responsibilities Answer: C Explanation:
QUESTION NO: 404 You work as a Security Administrator for uCertify Inc. You observe that an employee is spreading personal data of your organization. Which of the following standards of information security deals with the employees handling personal data in an organization? A. Physical security B. Network Security C. Human resource security D. Personal security Answer: C Explanation:
QUESTION NO: 405 Which of the following pillars of Basel II is concerned with maintenance of regulatory capital intended for three major components of risk that a bank faces, which are credit risk, operational risk, and market risk? "Pass Any Exam. Any Time." - www.actualtests.com 150
GIAC G2700: Practice Exam A. Pillar 4 B. Pillar 2 C. Pillar 3 D. Pillar 1 Answer: D Explanation:
QUESTION NO: 406 You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client? A. Cold site B. Hot site C. Off site D. Warm site Answer: A Explanation:
QUESTION NO: 407 You work as a Security Administrator for uCertify Inc. You have made a plan to increase the security of the organization and you want to show this to the CEO of the organization. But, you do not want to share this information with others. Therefore, you want to classify this information. Which of the following will be the suitable classification to accomplish the task? A. Private or confidential B. Management only C. Department specific D. Classified Answer: A Explanation:
151
GIAC G2700: Practice Exam QUESTION NO: 408 Which of the following represents the software component of IT asset management? A. RSG B. SAM C. NAS D. SAN Answer: B Explanation:
QUESTION NO: 409 Which of the following security design principles supports comprehensive and simple design and implementation of protection mechanisms, so that an unintended access path does not exist or can be readily identified and eliminated? A. Psychological acceptability B. Separation of duties C. Economy of mechanism D. Least privilege Answer: C Explanation:
QUESTION NO: 410 You work as an Information Security Manager for uCertify Inc. You have been assigned the task to establish ISO standards for your organization. Which of the following standards provides guidelines on specifications and use of measurement techniques for the assessment of the effectiveness of an implemented information security management system and controls? A. BS7799 B. ISO 27001 C. ISO 9001 D. ISO 27004 Answer: D Explanation:
152
QUESTION NO: 411 Which of the following is a technique for a threat, which creates changes to the project management plan? A. Risk transference B. Risk avoidance C. Risk mitigation D. Risk acceptance Answer: B Explanation:
QUESTION NO: 412 You work as an Information Security Manager for uCertify Inc. You are working on the documentation of ISMS. Which of the following steps are concerned with ISMS? Each correct answer represents a complete solution. Choose all that apply. A. Definition of the ISMS scope B. Disaster recovery planning C. Risk Management D. Definition of the security policy Answer: A,C,D Explanation:
QUESTION NO: 413 Which of the following best describes the identification, analysis, and ranking of risks? A. Fixed-price contract B. Plan Risk management C. Fast tracking D. Design of experiments
153
QUESTION NO: 414 You are setting up file permissions on a Windows server. Different users have different access needs. What should be your guiding principal in assigning file permissions? A. Make three groups (one with low access, 1 moderate, and 1 high) and fit everyone into one of these groups. B. Give users the minimal access required for their job, as this is more secure. C. Give everyone access, as this makes administration simpler. D. Block access to files until a user specifically requests any. Answer: B Explanation:
QUESTION NO: 415 You work as an Information Security Manager for uCertify Inc. You have been assigned the task to create the documentation on control A.7.1.3. Which of the following is the chief concern of control A.7.1.3? A. Classification of information B. Identification of assets C. Identification of inventory D. Acceptable use of information assets Answer: D Explanation:
QUESTION NO: 416 You work as a Security Administrator for uCertify Inc. You need to define security controls regarding the network of the organization. Which of the following information security standards deals with the management of technical security controls in systems and networks? A. Asset management "Pass Any Exam. Any Time." - www.actualtests.com 154
GIAC G2700: Practice Exam B. Organization of information security C. Information security incident management D. Communications and operations management Answer: D Explanation:
QUESTION NO: 417 Which of the following is the prime concern of ISO 27005? A. Asset Management B. Human resource security C. Information security risk management D. DR planning Answer: C Explanation:
QUESTION NO: 418 Which of the following is used for improving the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation? A. CBAC B. MAC C. UAC D. Implicit deny Answer: C Explanation:
QUESTION NO: 419 Service Level Agreement (SLA) provides one service for all customers of that service. Which of the following are the contents included by SLAs? Each correct answer represents a complete solution. Choose all that apply. "Pass Any Exam. Any Time." - www.actualtests.com 155
GIAC G2700: Practice Exam A. Vocations B. Mutual responsibilities C. Scope D. Service description Answer: B,C,D Explanation:
QUESTION NO: 420 Mark works as a Network Security Administrator for uCertify Inc. He is responsible for securing and analyzing the network of the organization. Mark is concerned about the current network security, as individuals can access the network with bypass authentication, thus allowing them to get more permissions than allotted. Which of the following is responsible for this type of privilege escalation? A. Rootkit B. Backdoor C. Boot sector D. Master Boot Record Answer: B Explanation:
QUESTION NO: 421 You work as an Information Security Manager for uCertify Inc. The company has made a contract with a third party software company to make a software program for personal use. You have been assigned the task to share organization's personal requirements regarding the tool to the third party using a non disclosure agreement (NDA). Which of the following is the purpose of using NDA? A. To ensure that the third-party organization respects the security of information to be share d B. To be used as an acknowledgement C. To ensure the protection of intellectual copyright of information D. To be used as a legal disclaimer Answer: A Explanation:
156
GIAC G2700: Practice Exam QUESTION NO: 422 Which of the following are social engineering techniques? Each correct answer represents a complete solution. Choose all that apply. A. Pretexting B. Phishing C. Baiting D. Salami attack Answer: A,B,C Explanation:
QUESTION NO: 423 You work as a Security Administrator for uCertify Inc. You are responsible for securing the network of the organization. While checking your network log files, you find that someone is sending too many data packets over a long period of time. These data packets are difficult to be detected by IDS. Which of the following types of attacks is this?
A. Blind spoofing B. Session hijacking C. Session splicing D. Nonblind spoofing Answer: C Explanation:
QUESTION NO: 424 David works as the Network Administrator for Blue Well Inc. One of his tasks is to develop and maintain risk management plan. Which of the following are the objectives of risk management plan? Each correct answer represents a complete solution. Choose all that apply. A. Eliminating risks B. Accepting risks cautiously that cannot be eliminated C. Developing required risks
157
GIAC G2700: Practice Exam D. Transferring risks by insurance Answer: A,B,D Explanation:
QUESTION NO: 425 Which of the following forms the basis for the assessment of information security management system (ISMS)? A. ISO 9000 B. ISO 27001 C. BS7799 D. ISO 9001 Answer: B Explanation:
QUESTION NO: 426 David is the owner of Blue Well Inc. The company provides courier services. He decides that it is time to draw up risk analysis for his information system. This includes an inventory of threats and risks. What is the relation among threat, risk, and risk analysis? A. Risk analysis is used for removing the risk of a threat. B. Risk analysis is used for finding a balance between threats and risks. C. Risk analysis is used for identifying threats from known risks. D. Risk analysis is used for clarifying the relevant threats and the involved risks. Answer: D Explanation:
QUESTION NO: 427 Which of the following identifies a company's exposure to threats and provides effective prevention and recovery for the company? A. Business Delegate "Pass Any Exam. Any Time." - www.actualtests.com 158
GIAC G2700: Practice Exam B. Business impact assessment C. Business continuity planning D. Business intelligence Answer: C Explanation:
QUESTION NO: 428 David works as the Manager for Tech Mart Inc. An incident had occurred ten months ago due to which the company suffered too much losses. David has been assigned the task to submit a report on the losses incurred by the company in a year. Which of the following should David calculate in order to submit the report containing annualized loss expectancy? Each correct answer represents a complete solution. Choose all that apply. A. Annualized Rate of Occurrence B. Number of employees in the company C. Single Loss Expectancy D. Asset Value Answer: A,C,D Explanation:
QUESTION NO: 429 You work as an Information Security Manager for uCertify Inc. You are working on asset management. You need to differentiate various assets of your organization. Which of the following is an intangible asset? A. Personal data B. Electricity C. Reputation of the company D. Equipment Answer: C Explanation:
159
GIAC G2700: Practice Exam QUESTION NO: 430 Which of the following phases of the PDCA model is the controlling and maintaining phase of the Information Security Management System (ISMS)? A. Do B. Plan C. Check D. Act Answer: A Explanation:
QUESTION NO: 431 You work as a Security Administrator for uCertify Inc. You are working on a project related to various security policies. Which of the following information security standards ensures conformance with information security policies, standards, laws, and regulations? A. Human resources security B. Business continuity management C. Compliance D. Asset management Answer: C Explanation:
QUESTION NO: 432 Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers? A. Honeynet B. Production honeypot C. Honeyfarm D. Research honeypot Answer: B Explanation:
160
QUESTION NO: 433 Which of the following is a technique for a threat which creates changes to the project management plan? A. Risk avoidance B. Risk mitigation C. Risk acceptance D. Risk transference Answer: A Explanation:
QUESTION NO: 434 You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this? A. Take a full backup daily with the previous night's tape taken offsite. B. Take a full backup on alternate days and keep rotating the tapes. C. Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday's backup offsite. D. Take a full backup daily and use six-tape rotation. E. Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday's backup offsite. F. Take a full backup daily with one tape taken offsite weekly. Answer: A Explanation:
QUESTION NO: 435 Which of the following are the activities of Incident Management? Each correct answer represents a complete solution. Choose all that apply. A. Incident closure
161
GIAC G2700: Practice Exam B. Incident detection and recording C. Classification and initial support D. Investigation and diagnosis Answer: A,B,C,D Explanation:
QUESTION NO: 436 Which of the following statements are true about Regulation of Investigatory Powers Act 2000? Each correct answer represents a complete solution. Choose all that apply. A. It enables certain public bodies to demand ISPs fit equipment to facilitate surveillance. B. It enables mass surveillance of communications in transit. C. It enables certain private bodies to demand that someone hand over keys to protected information. D. It allows certain public bodies to monitor people's Internet activities. Answer: A,B,D Explanation:
QUESTION NO: 437 Sam works as the Network Administrator for uCertify Inc. He has been asked to perform risk analysis. Sam decides to perform it by using CRAMM. The CEO of the organization wants to know the positive points of CRAMM which is going to be used by Sam. Which of the following points will Sam tell the CEO of the organization? Each correct answer represents a complete solution. Choose all that apply. A. It provides assistance in audits. B. It provides assistance in contingency planning. C. It promotes security awareness and acceptance. D. It provides a structured approach to risk analysis and management. Answer: A,B,C,D Explanation:
162
GIAC G2700: Practice Exam QUESTION NO: 438 You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two. A. Failover B. Reduce power consumption C. Load balancing D. Ease of maintenance Answer: A,C Explanation:
QUESTION NO: 439 Sam works as a Project Manager for Blue Well Inc. He is working on a new project. He wants to access high level risks for the project. Which of the following steps should Sam take in order to accomplish the task? A. Identifying and analyzing risk events using qualitative and quantitative techniques B. Developing risk management plan to identify risks based on documents C. Developing project charter to identify risks based on documents D. Developing project charter and risk management plan to identify risks based on documents Answer: D Explanation:
QUESTION NO: 440 You work as a Security Professional for uCertify Inc. You are working on a Disaster Recovery Plan (DRP). Which of the following are basic functions of DRP? Each correct answer represents a complete solution. Choose all that apply. A. It protects an organization from major computer services failure. B. It guarantees the reliability of standby systems through testing and simulation. C. It resists the same disaster to come in the future. D. It minimizes decision-making required by personnel during a disaster. Answer: A,B,D "Pass Any Exam. Any Time." - www.actualtests.com 163
QUESTION NO: 441 You work as a Security Manager for uCertify Inc. You have been assigned the task to implement clustering for Web servers. What are the advantages of clustering? Each correct answer represents a complete solution. Choose all that apply. A. Troubleshooting B. Load balancing C. Failover D. Network sharing Answer: B,C Explanation:
QUESTION NO: 442 Which of the following are the steps of the process of risk assessing? Each correct answer represents a complete solution. Choose all that apply. A. Deletion of threats B. Identification of the relationships C. Identification of potential threats D. Identification of assets Answer: B,C,D Explanation:
QUESTION NO: 443 Mark is the project manager of the NHQ project in StarTech Inc. The project has an asset valued at $195,000 and is subjected to an exposure factor of 35 percent. What will be the Single Loss Expectancy of the project? A. $72,650
164
GIAC G2700: Practice Exam B. $67,250 C. $68,250 D. $92,600 Answer: C Explanation:
QUESTION NO: 444 You work as an Information Security Manager for uCertify Inc. You are working on the documentation of ISMS. Which of the following steps are concerned with the development of ISMS? Each correct answer represents a complete solution. Choose all that apply. A. Risk management B. HR security planning C. Statement of Applicability D. Selection of appropriate controls Answer: A,C,D Explanation:
QUESTION NO: 445 Which of the following statements is true about single loss expectancy? A. It is defined as the cost related to a single realized risk against a particular asset. B. It is defined as the yearly cost of all instances of a particular threat against a particular ass et. C. It is defined as the expected frequency of occurrence of a particular threat or risk in a singl e year. D. It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. Answer: A Explanation:
QUESTION NO: 446 Which of the following plans provides measures for disseminating status report to personnel and "Pass Any Exam. Any Time." - www.actualtests.com 165
GIAC G2700: Practice Exam the public?
A. Contingency plan B. Disaster recovery plan C. Business continuity plan D. Crisis communication plan Answer: D Explanation:
QUESTION NO: 447 Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response? A. Risk mitigation B. Risk avoidance C. Risk acceptance D. Risk transference Answer: D Explanation:
QUESTION NO: 448 CORRECT TEXT Fill in the blank with the appropriate term. ______is the process of managing user authorizations based on the ITU-T Recommendation X.509.
Answer: Privilege Management
QUESTION NO: 449 David works as the Network Administrator for Blue Well Inc. He has been asked to perform risk analysis. He decides to perform it by using CRAMM. The CEO of the company wants to know the stronger points of CRAMM that is going to be used by David. Which of the following points will David tell the CEO of the organization? "Pass Any Exam. Any Time." - www.actualtests.com 166
GIAC G2700: Practice Exam Each correct answer represents a complete solution. Choose all that apply. A. It requires protecting a high risk system. B. It is effective to meet the objectives of its sub-group. C. It does not provide protection against any threat. D. It is expensive to implement. Answer: A,B,D Explanation:
QUESTION NO: 450 Which of the following are the valid reasons for the occurrence of Drive-by download? Each correct answer represents a complete solution. Choose all that apply. A. Viewing an e-mail message B. Updating windows files automatically C. Visiting a website D. Clicking on a deceptive pop-up window Answer: A,C,D Explanation:
QUESTION NO: 451 You work as a Network Administrator for uCertify Inc. You have been assigned the task to select an access control method for the organization's online library so that unethical access can be stopped. You want to apply a condition, i.e., the employee name and the employee code should match to access the library. Which of the following access controls is appropriate to accomplish the task? A. Attribute-based access control B. Discretionary access control C. Role-based access control D. Mandatory access control Answer: D Explanation:
167
GIAC G2700: Practice Exam QUESTION NO: 452 Which of the following paragraphs of the Turnbull Report stated that a company's internal control system encompasses the policies, processes, tasks, behaviors, and other aspects of the company? A. Paragraph 28 B. Paragraph 20 C. Paragraph 22 D. Paragraph 21 Answer: B Explanation:
QUESTION NO: 453 You work as a Security Administrator for uCertify Inc. You have been assigned a task for helping employees in determining appropriate technical security measures available for electronic information that is deemed sensitive. Which of the following policies will you apply to accomplish the task? A. Default policy B. Information security policy C. Security policy D. Enterprise policy Answer: B Explanation:
168

Practice Test: GIAC G2700

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Practice Test: GIAC G2700

Uploaded by

Copyright:

Available Formats

GIAC G2700

GIAC Certified ISO-2700 Specialist Practice Test

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam A. Answer: A Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

GIAC G2700: Practice Exam D. Recovery Answer: A,B,C Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 44 "Pass Any Exam. Any Time." - www.actualtests.com 17

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Answer: B Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Answer: A Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Answer: A,B,D Explanation:

GIAC G2700: Practice Exam D. Check Answer: B Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Answer: D Explanation:

GIAC G2700: Practice Exam D. Compliance Answer: B,C,D Explanation:

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam data. A. recovery team Answer: A Explanation:

QUESTION NO: 148 "Pass Any Exam. Any Time." - www.actualtests.com 56

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Explanation:

GIAC G2700: Practice Exam C. Patent D. Utility model Answer: C Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

QUESTION NO: 165 "Pass Any Exam. Any Time." - www.actualtests.com 62

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam C. 17 D. 19 Answer: B,C,D Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com

GIAC G2700: Practice Exam Answer: A Explanation: