Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

GISP GIAC Information Security Professional Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GISP GIAC Information Security Professional certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GISP Premium Access     Download Demo    
Page: 7 / 7
Total 659 questions

Which of the following types of attacks occurs when attackers enter a system or capture network traffic and make changes to selected files or data packets?

A.

Brute force attack

B.

Teardrop attack

C.

Dictionary attack

D.

Data diddling attack

Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are true?

Each correct answer represents a complete solution. Choose two.

A.

It is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site.

B.

It uses TCP port 80 as the default port.

C.

It uses TCP port 443 as the default port.

D.

It is a protocol used to provide security for a database server in an internal network.

Which of the following need to be reduced to suppress a fire?

Each correct answer represents a complete solution. Choose all that apply.

A.

Oxygen

B.

Fuel

C.

CO2

D.

High temperature

Which of the following statements about Discretionary Access Control List (DACL) is true?

A.

It contains a list of any events that are set to audit for that particular object.

B.

It is a mechanism for reducing the need for globally unique IP addresses.

C.

It contains a list of both users and groups and whatever permissions they have.

D.

It exists for each and every permission entry assigned to any object.

Which of the following is a signature-based intrusion detection system (IDS) ?

A.

StealthWatch

B.

Snort

C.

RealSecure

D.

Tripwire

A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated?

A.

Privacy law

B.

Trademark law

C.

Security law

D.

Copyright law

Which of the following statements best explains how encryption works on the Internet?

A.

Encryption encodes information using specific algorithms with a string of numbers known as a key

B.

Encryption helps in transaction processing by e-commerce servers on the Internet.

C.

Encryption validates a username and password before sending information to the Web server.

D.

Encryption allows authorized users to access Web sites that offer online shopping.

Which of the following terms refers to a momentary low voltage?

A.

Blackout

B.

Spike

C.

Noise

D.

Sag

Which of the following is an asymmetric encryption algorithm?

A.

RC5

B.

Diffie-Hellman

C.

RC4

D.

Blowfish

Which of the following are threats to network security?

Each correct answer represents a complete solution. Choose two.

A.

Dial-up connections

B.

Rogue employees

C.

Disabled user accounts

D.

Events auditing

Which of the following terms ensures that no intentional or unintentional unauthorized modification is made to data?

A.

Non-repudiation

B.

Confidentiality

C.

Authentication

D.

Integrity

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?

Each correct answer represents a complete solution. Choose all that apply.

A.

WEP uses the RC4 encryption algorithm.

B.

The Initialization Vector (IV) field of WEP is only 24 bits long.

C.

Automated tools such as AirSnort are available for discovering WEP keys.

D.

It provides better security than the Wi-Fi Protected Access protocol.

Which of the following are the causes of power noise?

Each correct answer represents a complete solution. Choose two.

A.

Electromagnetic interference

B.

Shielded line

C.

Power regulator

D.

Radio frequency interference

Which of the following statements is true about a polymorphic virus?

A.

It is a type of virus that removes access permissions from files.

B.

This type of virus hides system files.

C.

It copies itself onto the boot sector of hard disk drives.

D.

It has the ability to change its own signature at the time of infection.

Which of the following types of Network Address Translation (NAT) uses a pool of public IP addresses?

A.

Port Address Translation (PAT)

B.

Dynamic NAT

C.

Static NAT

D.

Cache NAT

Which of the following command-line utilities queries the DNS server to check whether or not the zone database contains the correct information?

A.

IPCONFIG

B.

TELNET

C.

NSLOOKUP

D.

NETSTAT

Which of the following is an open source network intrusion detection system?

A.

Sourcefire

B.

NETSH

C.

Macof

D.

Snort

GIAC GISP Premium Access     Download Demo    
Page: 7 / 7
Total 659 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved