GSLC GIAC Security Leadership Certification (GSLC) Free Practice Exam Questions (2025 Updated)

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server. Now, he suggests some countermeasures to avoid such brute force attacks on the We-are-secure server. Which of the following are countermeasures against a brute force attack?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a structured review of the procurement process originated at the Plan Procurements process?

You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

Which of the following viruses infects Word 97 documents and the NORMAL.DOT file of Word 97 and Word 2000?

Which firewall architecture uses two NICs with a screening router inserted between the host and the untrusted network?

In which type of person-to-person attack does an attacker pretend to be someone else?

Which of the following is a process of monitoring data packets that travel across a network?

Which of the following RAID levels is supported by an operating system?

Which of the following tools can be used to perform polymorphic shell code attacks?

Which of the following attacks can be performed by Brutus for cracking a password?

Each correct answer represents a complete solution. Choose two.

Which of the following generates MD5 hashes to check the MD5 value for each file processed and compares it with other MD5 strings?

Which of the following programs collects email addresses of users and creates a mailing list?

Which of the following is used to detect malicious activity such as port scans or even attempts for cracking into computers by monitoring network traffic?

You work as a Network Administrator in a company. The NIDS is implemented on the network. You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

Which of the following terms refers to a prolonged loss of power?

Which field is NOT defined while creating rules for the Network Honeypot rulebase?

Which of the following are the types of access controls?

Each correct answer represents a complete solution. Choose three.

Ned is the program manager for his organization and he's considering some new materials for his program. He and his team have never worked with these materials before and he wants to ask the vendor for some additional information, a demon, and even some samples. What type of a document should Ned send to the vendor?

John works as a network security officer in Gentech Inc. The company uses a TCP/IP network. While working on the network, a problem occurs related to the DNS resolution. Which of the following utilities can he use to diagnose the problem?

Which of the following wireless standards has a transmission speed of up to 720 Kbps?

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. Which of the following tools can you use to accomplish the task?

Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?

Each correct answer represents a complete solution. Choose two.

Which of the following is a method of defeating a cryptographic scheme by trying a large number of possibilities?

Which of the following is not a man-made threat?

Which of the following types of virus is capable of changing its signature to avoid detection?

You work as a Software Developer for PassGuide Inc. The company has several branches worldwide. The company uses Visual Studio.NET 2005 as its application development platform. You have recently finished the development of an application using .NET Framework 2.0. The application can be used only for cryptography. Therefore, you have implemented the application on a computer. What will you call the computer that implemented cryptography?

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP). Which of the following statements is true in such situation?

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?

Each correct answer represents a part of the solution. Choose all that apply.