Cyber Monday Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

GSEC GIAC Security Essentials Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GSEC GIAC Security Essentials certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GSEC Premium Access     Download Demo    
Page: 3 / 6
Total 385 questions

What is a limitation of deploying HIPS on a workstation?

A.

Requires more frequent system patching

B.

Requires an HIDS to Identify an attack

C.

Restricted support for custom applications

D.

Runs as a non-privileged user

You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. You want to kill a process running on a Linux server. Which of the following commands will you use to know the process identification number (PID) of the process?

A.

killall

B.

ps

C.

getpid

D.

kill

You are the security director for an off-shore banking site. From a business perspective, what is a major factor to consider before running your new vulnerability scanner against the company's business systems?

A.

It may harm otherwise healthy systems.

B.

It may produce false negative results.

C.

It may generate false positive results.

D.

It may not return enough benefit for the cost.

Analyze the screenshot below. What is the purpose of this message?

A.

To gather non-specific vulnerability information

B.

To get the user to download malicious software

C.

To test the browser plugins for compatibility

D.

To alert the user to infected software on the computer.

Which of the following applications would be BEST implemented with UDP instead of TCP?

A.

A multicast streaming application.

B.

A web browser.

C.

A DNS zone transfer.

D.

A file transfer application.

If an attacker compromised a host on a site's internal network and wanted to trick other machines into using that host as the default gateway, which type of attack would he use?

A.

MAC Flooding

B.

CDP Manipulation

C.

Telnet Attack

D.

DHCP Spoofing

E.

VLAN Hopping

To be considered a strong algorithm, an encryption algorithm must be which of the following?

A.

Secret

B.

Well-known

C.

Confidential

D.

Proprietary

On an NTFS file system, what will happen when a conflict exists between Allow and Deny permissions?

A.

The resolution depends on the groups that the user belongs to.

B.

Allow permission will take precedence over the Deny permission.

C.

Deny permission will take precedence over the Allow permission.

D.

The resolution depends on the user's machine rights.

Which of the following commands is used to change file access permissions in Linux?

A.

chgrp

B.

chperm

C.

chmod

D.

chown

Which of the following activities would take place during the containment phase?

A.

Disseminating change management documentation regarding the steps taken during incident.

B.

Rebuild a virtual server from scratch using the original installation media.

C.

Correlating logs from the firewall, PCAPs from an IPS, and syslogs from a server to

build a timeline.

D.

Creating a binary backup of the system's Infected hard drive for usage in a forensic

Investigation.

You are examining a packet capture session in Wire shark and see the packet shown in the accompanying image. Based on what you see, what is the appropriate protection against this type of attempted attack?

A.

Block DNS traffic across the router

B.

Disable forwarding of unsolicited TCP requests

C.

Disable IP-directed broadcast requests

D.

Block UDP packets at the firewall

Many IIS servers connect to Microsoft SQL databases. Which of the following statements about SQL server security is TRUE?

A.

SQL Server patches are part of the operating system patches.

B.

SQL Server should be installed on the same box as your IIS web server when they communicate as part of the web application.

C.

It is good practice to never use integrated Windows authentication for SQL Server.

D.

It is good practice to not allow users to send raw SQL commands to the SQL Server.

Which of the following best describes the level of risk associated with using proprietary crypto algorithms.?

A.

Proprietary cryptographic algorithms are required by law to use shorter key lengths in the United States, so the risk is high.

B.

Proprietary algorithms have not been subjected to public scrutiny, so they have been checked less throughly for vulnerabilities.

C.

Proprietary algorithms are less likely be vulnerable than algorithms that have been publicly disclosed because of enhanced secrecy of the algorithm.

D.

Proprietary algorithms are not known to generally be any more or less vulnerable than publicly scrutinized algorithms.

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

A.

Visitors

B.

Customers

C.

Employees

D.

Hackers

Which of the following are advantages of Network Intrusion Detection Systems (NIDS)?

A.

Analysis of encrypted traffic

B.

Provide insight into network traffic

C.

Detection of network operations problems

D.

Provide logs of network traffic that can be used as part of other security measures.

E.

Inexpensive to manage

F.

B, C, and D

G.

A, C, and E

Launch Calculator (calc.exe). Using PowerShell, retrieve the Calculator Process Information. What is the value of the File Version property?

Hint: The process name of Calculator is calculator

A.

10.1705.12507.0

B.

10.1902.1603.06155

C.

10.0.19041.1

D.

8.1.2017.26587

E.

8.2017.1009.04153

F.

10.1705.1809.07007

G.

8.2017.0908.29102

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain- based network. The network contains ten Windows 2003 member servers, 150 Windows XP Professional client computers. According to the company's security policy, Mark needs to check whether all the computers in the network have all available security updates and shared folders. He also needs to check the file system type on each computer's hard disk. Mark installs and runs MBSACLI.EXE with the appropriate switches on a server. Which of the following tasks will he accomplish?

A.

None of the tasks will be accomplished.

B.

He will be able to check the file system type on each computer's hard disk.

C.

He will be able to accomplish all the tasks.

D.

He will be able to check all available security updates and shared folders.

What is SSL primarily used to protect you against?

A.

Session modification

B.

SQL injection

C.

Third-patty sniffing

D.

Cross site scripting

What type of attack can be performed against a wireless network using the tool Kismet?

A.

IP spoofing

B.

Eavesdropping

C.

Masquerading

D.

Denial of Service

What technique makes it difficult for attackers to predict the memory address space location for code execution?

A.

Security Cookies

B.

DFP

C.

SLMOP

D.

ASLR

E.

Stack Canaries

GIAC GSEC Premium Access     Download Demo    
Page: 3 / 6
Total 385 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved