GISP GIAC Information Security Professional Free Practice Exam Questions (2025 Updated)
Prepare effectively for your GIAC GISP GIAC Information Security Professional certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
Which of the following is used to repair missing or damaged system files that might prevent Windows from starting correctly?
Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?
Fill in the blank with the appropriate layer name of the OSI model.
Secure Socket Layer (SSL) operates at the _____ layer of the OSI model.
You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following is the default port for Secure Shell (SSH)?
Which of the following classes of fire comes under Class C fire?
Which of the following ports is used by the control connection on the FTP server?
Which of the following needs to be documented to preserve evidences for presentation in court?
Which of the following methods is a behavior-based IDS detection method?
Which of the following protocols work at the session layer of the OSI model?
Each correct answer represents a complete solution. Choose two.
Which of the following defines the communication link between a Web server and Web applications?
Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:
•Network diagrams of the we-are-secure infrastructure
•Source code of the security tools
•IP addressing information of the we-are-secure network
Which of the following testing methodologies is we-are-secure.com using to test the security of its network?
Routers and firewalls use _______ to determine which packets should be forwarded or dropped.
Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?
Which of the following tools was developed by the FBI and is used for keystroke logging in order to capture encryption keys and other information useful for deciphering transmissions?
Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?
Which of the following protocols is used with a tunneling protocol to provide security?
Brutus is a password cracking tool that can be used to crack the following authentications:
•HTTP (Basic Authentication)
•HTTP (HTML Form/CGI)
•POP3 (Post Office Protocol v3)
•FTP (File Transfer Protocol)
•SMB (Server Message Block)
•Telnet
Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following authentication methods is used to access public areas of a Web site?
You are a salesperson. You are authorized to access only the information that is essential for your work. Which of the following access control models is used in your organization?
You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. You want to prevent malicious e-mails from entering the network from the non-existing domains. What will you do to accomplish this?
In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?
Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?
An attacker sends a large number of packets to a target computer that causes denial of service. Which of the following type of attacks is this?
Which of the following is not a major concern in traditional business transactions as compare to online transactions?
Which of the following federal laws are related to hacking activities?
Each correct answer represents a complete solution. Choose three.
Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.
Which of the following processes is known as Declassification?
