Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

GCIA GIAC GCIA – GIAC Certified Intrusion Analyst Practice Test Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GCIA GCIA – GIAC Certified Intrusion Analyst Practice Test certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GCIA Premium Access     Download Demo    
Page: 4 / 6
Total 508 questions

Which of the following are the two sub-layers present in Data Link layer of the OSI Reference model?

A.

Logical control and Link control

B.

Data control and Media Access control

C.

Machine Link control and Logical Link control

D.

Logical Link control and Media Access control

Mark works as a Network administrator for SecureEnet Inc. His system runs on Mac OS X. He wants to boot his system from the Network Interface Controller (NIC). Which of the following snag keys will Mark use to perform the required function?

A.

D

B.

N

C.

Z

D.

C

Which of the following can be applied as countermeasures against DDoS attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Limiting the amount of network bandwidth

B.

Blocking IP address

C.

Using LM hashes for passwords

D.

Using Intrusion detection systems

E.

Using the network-ingress filtering

Which of the following utilities allows to view all files including invisible files and folders on a Macintosh OS X?

A.

Directory Scan

B.

Folder Scan

C.

File Scan

D.

System Scan

What is the maximum size of an IP datagram for Ethernet?

A.

1200 bytes

B.

1024 bytes

C.

1500 bytes

D.

4500 bytes

Which of the following attacks is designed to deduce the brand and/or version of an operating system or application?

A.

Vulnerability assessment

B.

Banner grabbing

C.

OS fingerprinting

D.

Port scanning

Which of the following techniques is used to log network traffic?

A.

Cracking

B.

IP address spoofing

C.

Tunneling

D.

Sniffing

Which of the following is not a Denial of Service (DoS) attack?

A.

Smurf attack

B.

Code injection attack

C.

Ping of Death attack

D.

Teardrop attack

Which of the following parts of hard disk in Mac OS X File system stores information related to the files?

A.

Resource fork

B.

Data fork

C.

System fork

D.

Log fork

Which of the following is a technique of attacks in which the attacker secretly listens to the private conversation between victims?

A.

Dialler attack

B.

Denial of service

C.

Eavesdropping

D.

Intrusion

Routers work at which layer of the OSI reference model?

A.

Transport

B.

Physical

C.

Presentation

D.

Network

Which of the following Windows XP system files handles memory management, I/O operations, and interrupts?

A.

Ntoskrnl.exe

B.

Advapi32.dll

C.

Kernel32.dll

D.

Win32k.sys

Which of the following methods is used by forensic investigators to acquire an image over the network in a secure manner?

A.

Linux Live CD

B.

DOS boot disk

C.

Secure Authentication for EnCase (SAFE)

D.

EnCase with a hardware write blocker

Which of the following DNS resource records is used to resolve a host name to an IPv6 address?

A.

AAAA

B.

HINFO

C.

CNAME

D.

A

What is the name of the group of blocks which contains information used by the operating system in Linux system?

A.

logblock

B.

Bootblock

C.

Superblock

D.

Systemblock

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?

A.

PsExec

B.

PsList

C.

Fpipe

D.

Cain

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

A.

TCP port 110

B.

TCP port 25

C.

TCP port 80

D.

UDP port 161

Which of the following wireless network standards operates on the 5 GHz band and transfers data at a rate of 54 Mbps?

A.

802.11g

B.

802.11a

C.

802.11u

D.

802.11b

You work as a Network Administrator for McNeil Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You want to configure intrusion detection on the server. You find that the different types of attacks on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box are disabled. What is the most likely cause?

A.

The PPTP through ISA firewall check box on the PPTP tab page of the IP Packet Filters Properties dialog box is not enabled.

B.

The Enable IP routing check box on the General tab page of the IP Packet Filters Properties dialog box is not selected.

C.

The Log packets from Allow filters check box on the Packet Filters tab page of the IP Packet Filters Properties dialog box is not enabled.

D.

The Enable Intrusion detection check box on the General tab page of the IP Packet Filters

Properties dialog box is not selected.

What is the process of detecting unauthorized access known as?

A.

Intrusion detection

B.

Misuse detection

C.

Anomaly detection

D.

Integrity detection

Which of the following methods is a behavior-based IDS detection method?

A.

Knowledge-based detection

B.

Protocol detection

C.

Statistical anomaly detection

D.

Pattern matching detection

Which of the following ports can be used for IP spoofing?

A.

NNTP 119

B.

POP 110

C.

Rlogin 513

D.

Whois 43

Which of the following algorithms produces a digital signature which is used to authenticate the bit-stream images?

A.

MD6

B.

MD5

C.

BOINIC

D.

HashClash

Sandra, a novice computer user, works on Windows environment. She experiences some problem regarding bad sectors formed in a hard disk of her computer. She wants to run CHKDSK command to check the hard disk for bad sectors and to fix the errors, if any, occurred. Which of the following switches will she use with CHKDSK command to accomplish the task?

A.

CHKDSK /I

B.

CHKDSK /R /F

C.

CHKDSK /C /L

D.

CHKDSK /V /X

John enters a URL http://www.cisco.com/web/learning in the web browser. A web page appears after he enters the URL. Which of the following protocols is used to resolve www.cisco.com into the correct IP address?

A.

DNS

B.

SMTP

C.

DHCP

D.

ARP

You work as a Network Administrator for Tech2tech Inc. You have configured a network-based IDS for your company.

You have physically installed sensors at all key positions throughout the network such that they all report to the command console.

What will be the key functions of the sensors in such a physical layout?

Each correct answer represents a complete solution. Choose all that apply.

A.

To collect data from operating system logs

B.

To notify the console with an alert if any intrusion is detected

C.

To analyze for known signatures

D.

To collect data from Web servers

Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized

Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.

Which of the following security threats may occur if DMZ protocol attacks are performed?

Each correct answer represents a complete solution. Choose all that apply.

A.

Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.

B.

Attacker can gain access to the Web server in a DMZ and exploit the database.

C.

Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.

D.

Attacker can exploit any protocol used to go into the internal network or intranet of the com pany

Which of the following techniques allows probing firewall rule-sets and finding entry points into the targeted system or network?

A.

Network enumerating

B.

Packet collision

C.

Distributed Checksum Clearinghouse

D.

Packet crafting

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

A.

History folder

B.

Download folder

C.

Cookies folder

D.

Temporary Internet Folder

What does a firewall check to prevent certain ports and applications from getting the packets into an Enterprise?

A.

The application layer port numbers and the transport layer headers

B.

The presentation layer headers and the session layer port numbers

C.

The network layer headers and the session layer port numbers

D.

The transport layer port numbers and the application layer headers

GIAC GCIA Premium Access     Download Demo    
Page: 4 / 6
Total 508 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved