GISP GIAC Information Security Professional Free Practice Exam Questions (2025 Updated)

Which of the following statements about DES (Data Encryption Standard) is true?

Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?

Which of the following protocols implements VPN using IPSec?

You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company's network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?

Identify whether the given statement is true or false.

"Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network."

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain-based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?

Which of the following tools can be used by a user to hide his identity?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?

Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?

Which of the following are the types of access controls?

Each correct answer represents a complete solution. Choose three.

In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?

Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?

Which of the following is a source port forwarder and redirector tool?

Which of the following types of virus is capable of changing its signature to avoid detection?

Which of the following is executed when a predetermined event occurs?

Which of the following is not a level of military data-classification system?

Which of the following methods is a behavior-based IDS detection method?

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

Which of the following is the most secure method of authentication?

What are packet sniffers?

Which of the following are the ways of sending secure e-mail messages over the Internet?

Each correct answer represents a complete solution. Choose two.

Which of the following is the method of hiding data within another media type such as graphic or document?

Which of the following are examples of passive attacks?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?

Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?

Which of the following is not a level of military data-classification system?

Which of the following task force was formed to examine the impact of Electronic Publishing on the intellectual property rights?