GCFW GIAC Certified Firewall Analyst Free Practice Exam Questions (2025 Updated)
Prepare effectively for your GIAC GCFW GIAC Certified Firewall Analyst certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. You have searched all open ports of the we-are-secure server. Now, you want to perform the next information-gathering step, i.e., passive OS fingerprinting. Which of the following tools can you use to accomplish the task?
Distributed Checksum Clearinghouse (DCC) is a hash sharing method of spam email detection.
Which of the following protocols does the DCC use?
A packet filtering firewall inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Based on which of the following information are these rules set to filter the packets?
Each correct answer represents a complete solution. Choose all that apply.
You have just taken over as the Network Administrator for a medium sized company. You want to check to see what services are exposed to the outside world. What tool would you use to accomplish this?
Which of the following is a chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event?
Which of the following protocols is used with a tunneling protocol to provide security?
Which of the following attacking methods allows the bypassing of access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate another computer by changing the Media Access Control address?
John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?
Which of the following vulnerability scanners is used to test Web servers for dangerous files/CGIs, outdated server software, and other problems?
Passive OS fingerprinting (POSFP) is configured in an organization's network in order to improve the alert output by reporting some information. Which of the following information does it include?
Each correct answer represents a part of the solution. Choose all that apply.
Which of the following firewall types operates at the Network layer of the OSI model and can filter data by port, interface address, source address, and destination address?
Which of the following are open-source vulnerability scanners?
What is the easiest way to verify that name resolution is functioning properly on a TCP/IP network?
Which of the following devices is used to identify out-of-date software versions, applicable patches, system upgrades, etc?
Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?
Which of the following statements are true about an IPv6 network?
Each correct answer represents a complete solution. Choose all that apply.
Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?
You are tasked with configuring your routers with a minimum security standard that includes the following:
l A local Username and Password configured on the router
l A strong privilege mode password
l Encryption of user passwords
l Configuring telnet and ssh to authenticate against the router user database
Choose the configuration that best meets these requirements.
An organization has a TCP/IP based network. It uses IPv6 addressing in its network. IPv6 tackles addressing and routing-table problems, and improves the protocol as well. Which of the following statements is true about IPv6?
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. What is the cause of the issue?
