GSLC GIAC Security Leadership Certification (GSLC) Free Practice Exam Questions (2025 Updated)
Prepare effectively for your GIAC GSLC GIAC Security Leadership Certification (GSLC) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
Which of the following tools works both as an encryption-cracking tool and as a keylogger?
Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc. In which of the following steps of malicious hacking does dumpster diving come under?
A user has opened a Web site that automatically starts downloading malicious code onto his computer. What should he do to prevent this?
Each correct answer represents a complete solution. Choose two.
Which of the following standards is used in wireless local area networks (WLANs)?
John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he noted down the passwords of the employees while they were typing them on their computer screens.
Which of the following social engineering attacks did he just perform?
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?
You have installed Windows Vista Home Premium on your home computer. The computer is connected to the Internet through an ADSL connection. You want to protect yourself from the traps of fraudulent sites. Which of the following features of Internet Explorer 7+ will you use?
Fill in the blank with the appropriate word.
________ is also used to refer to any attempt to circumvent the security of other types of cryptographic algorithms and protocols in general, and not just encryption.
One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?
You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?
You are responsible for security on your network. One particular concern is the theft of sensitive data. You want to make sure that end users do not (purposefully or accidentally) take data off the premises. Which of the following should you be concerned about?
Each correct answer represents a complete solution. Choose all that apply.
Fill in the blank with the appropriate word.
A_______ is a computer system on the Internet that is expressly set up to attract and trap people who attempt to penetrate other people's computer systems.
You are the program manager for your organization. You have proposed a program that will cost $750,000 and will last for four years. Management is concerned with the cost of the program in relation to the return your program will bring. If the rate of return is six percent what is the minimum value your project should return in four years based on the investment of the program?
Which of the following is the method of hiding data within another media type such as graphic or document?
In Which of the following types of white box testing are the test cases designed based on data flow within the code?
Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level Agreement (SLA)?
Which of the following can be performed to verify the effectiveness of a quality management system?
Which wireless security protocol is also known as IEEE 802.11i?
Which type of repudiation states that the creator of the message denies ever creating the message even after creating it?
Which networking protocol is used to authenticate users or devices before granting them access to a network?
Which of the following is used for high-level or comprehensive analysis, as well as for root cause analysis?
Which of the following encrypts its code differently with each infection or generation of infections?
You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection?
Each correct answer represents a complete solution. Choose two.
Which of the following is the rating for gasoline or oil fires?
You are the Administrator of a Windows 2000 based network for Info Tech Inc. You install and configure Certificate Authorities (CAs) on the network. You are currently configuring the public key group policy for the domain.
You configure the group policy to specify automatic enrollment and renewal for certificates. But when you attempt to test this configuration, you find that the enrollment is not working properly.
What is the most likely cause?
Which of the following is NOT an input of the Administer Procurements process?
All of the following steps should be taken to prevent a Web server from IIS buffer overflow attacks except for which one?
Which of the following viruses replaces the boot sector data with its own malicious code?
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?
Which of the following is a computer file used in an operating system to map hostnames to IP addresses?
