Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

GISP GIAC Information Security Professional Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GISP GIAC Information Security Professional certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GISP Premium Access     Download Demo    
Page: 2 / 7
Total 659 questions

What is the hash value length of the Secure Hash Algorithm (SHA-1)?

A.

164-bit

B.

320-bit

C.

128-bit

D.

160-bit

You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?

A.

Take a full backup daily and use six-tape rotation.

B.

Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday's backup offsite.

C.

Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday's backup offsite.

D.

Take a full backup daily with the previous night's tape taken offsite.

E.

Take a full backup daily with one tape taken offsite weekly.

F.

Take a full backup on alternate days and keep rotating the tapes.

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

A.

Microsoft Point-to-Point Encryption (MPPE)

B.

Pretty Good Privacy (PGP)

C.

Data Encryption Standard (DES)

D.

IP Security (IPSec)

Which of the following protocols is responsible for the resolution of IP addresses to media access control (MAC) addresses?

A.

ARP

B.

PPP

C.

ICMP

D.

HTTP

Which of the following is a process of monitoring data packets that travel across a network?

A.

Packet sniffing

B.

Packet filtering

C.

Shielding

D.

Password guessing

Which of the following are intrusion detection device?

A.

Fingerprint reader

B.

Smart card reader

C.

Retinal scanner

D.

CCTV

You work as a Network Administrator for Rick International. The company has a TCP/IP-based network. A user named Kevin wants to set an SSH terminal at home to connect to the company's network. You have to configure your company's router for it. By default, which of the following standard ports does the SSH protocol use for connection?

A.

21

B.

443

C.

80

D.

22

Which of the following statements about RSA algorithm are true?

Each correct answer represents a complete solution. Choose two.

A.

It is a block cipher in which plain text and cipher text are integers between 0 and n-1.

B.

It is a stream cipher in which plain text and cipher text are integers between 0 and n-1.

C.

It is an asymmetric algorithm.

D.

It is a symmetric algorithm.

Which of the following tools is used for breaking digital watermark?

A.

TRACERT

B.

Trin00

C.

Fpipe

D.

2Mosaic

Which of the following types of computers is used for attracting potential intruders?

A.

Honey pot

B.

Bastion host

C.

Data pot

D.

Files pot

Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?

A.

Anti-x

B.

LIDS

C.

Scanlogd

D.

KFSensor

Which of the following refers to going through someone's trash to find out useful or confidential information?

A.

Dumpster diving

B.

Hacking

C.

Phishing

D.

Spoofing

Which of the following policies is set by a network administrator to allow users to keep their emails and documents for a fixed period of time?

A.

Retention policy

B.

Password policy

C.

Audit policy

D.

Backup policy

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

A.

Access control list (ACL)

B.

Discretionary access control entry (DACE)

C.

Security Identifier (SID)

D.

Access control entry (ACE)

Which of the following statements about Due Care policy is true?

A.

It provides information about new viruses.

B.

It is a method used to authenticate users on a network.

C.

It identifies the level of confidentiality of information.

D.

It is a method for securing database servers.

John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?

A.

Session splicing attack

B.

Evasion attack

C.

Insertion attack

D.

Polymorphic shell code attack

You work as a Network Administrator for NetTech Inc. To ensure the security of files, you encrypt data files using Encrypting File System (EFS). You want to make a backup copy of the files and maintain security settings. You can backup the files either to a network share or a floppy disk. What will you do to accomplish this?

A.

Copy the files to a network share on a FAT32 volume.

B.

Copy the files to a network share on an NTFS volume.

C.

Place the files in an encrypted folder. Then, copy the folder to a floppy disk.

D.

Copy the files to a floppy disk that has been formatted using Windows 2000 Professional.

Which of the following are the responsibilities of the owner with regard to data in an information classification program?

Each correct answer represents a complete solution. Choose three.

A.

Delegating the responsibility of the data protection duties to a custodian.

B.

Determining what level of classification the information requires.

C.

Running regular backups and routinely testing the validity of the backup data.

D.

Reviewing the classification assignments at regular time intervals and making changes as the business needs change.

Fill in the blank with the appropriate term.

A ___________ is a digital representation of information that identifies authorized users on the Internet and intranets.

A.

certificate

Which of the following statements about Discretionary Access Control List (DACL) is true?

A.

It is a rule list containing access control entries.

B.

It specifies whether an audit activity should be performed when an object attempts to access a resource.

C.

It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

D.

It is a unique number that identifies a user, group, and computer account.

Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?

A.

Spoofing

B.

PING attack

C.

SYN attack

D.

Hacking

Which of the following tools can be used to perform polymorphic shell code attacks?

A.

TrueCrypt

B.

Fragroute

C.

Mendax

D.

ADMutate

Which of the following components come under the network layer of the OSI model?

Each correct answer represents a complete solution. Choose two.

A.

Firewalls

B.

Hub

C.

Routers

D.

MAC addresses

Which of the following methods backs up all changes made since the last full or normal backup?

A.

Half backup

B.

Incremental backup

C.

Differential backup

D.

Full backup

Which of the following functions are performed by a firewall?

Each correct answer represents a complete solution. Choose all that apply.

A.

It hides vulnerable computers that are exposed to the Internet.

B.

It logs traffic to and from the private network.

C.

It enhances security through various methods, including packet filtering, circuit-level filtering, and application filtering.

D.

It blocks unwanted traffic.

You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering?

Each correct answer represents a complete solution. Choose two.

A.

Load balancing

B.

Ease of maintenance

C.

Failover

D.

Reduce power consumption

Mark the list that mentions the correct levels of classification of the military data-classification system.

A.

未命名-4

Which of the following statements about extranet are true?

Each correct answer represents a complete solution. Choose two.

A.

It is an area of a company's Web site, which is only available to selected customers, suppliers, an business partners.

B.

It is an area of a company's Web site, which is available to Internet users.

C.

It is an arrangement commonly used for business-to-business relationships.

D.

It is an arrangement commonly used for a company's employees.

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

A.

Collusion

B.

Eavesdropping

C.

Buffer overflow

D.

Phishing

Which of the following terms refers to the act of obtaining plain text from cipher text without a cryptographic key?

A.

Hacking

B.

Algorithm

C.

Cryptanalysis

D.

Ciphertext

GIAC GISP Premium Access     Download Demo    
Page: 2 / 7
Total 659 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved