GSLC GIAC Security Leadership Certification (GSLC) Free Practice Exam Questions (2025 Updated)
Prepare effectively for your GIAC GSLC GIAC Security Leadership Certification (GSLC) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare-secure.com. You are working on the Windows Server 2003 operating system. You suspect that your friend has installed the keyghost keylogger onto your computer. Which of the following countermeasures would you employ in such a situation?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following features of IE prevent users from a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?
John works as a professional Ethical Hacker. He has been assigned the task of testing the security of www.we-are-secure.com. He installs a sniffer on the We-are-secure server thinking that the following protocols of the We-are-secure server are being used in the network:
HTTP
SSL
SSH
IPSec
Considering the above factors, which of the following types of packets can he expect to see captured in encrypted form when he checks the sniffer's log file?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. You have configured a VPN server for remote users to connect to the company's network. Which of the following encryption types will Linux use?
Which of the following types of cryptography algorithms is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation?
Which of the following options is an approach to restricting system access to authorized users?
Which of the following statements about Encapsulating Security Payload (ESP) are true?
Each correct answer represents a complete solution. Choose two.
You have been asked to create a project charter for a new database project. Management has stressed that in order to effectively create a project charter, you'll first need to understand all of the following except for which one?
Which of the following protocols does IPsec use to perform various security functions in the network?
Each correct answer represents a complete solution. Choose all that apply.
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker's intentions?
Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.
Which of the following domains of the DNS hierarchy consists of categories found at the end of domain names, such as .com or .uk and divides the domains into organizations (.org), businesses (.com), countries (.uk), and other categories?
Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?
Which of the following can provide security against man-in-the-middle attack?
You are an Administrator for a network at an investment bank. You are concerned about individuals breeching your network and being able to steal data before you can detect their presence and shut down their access. Which of the following is the best way to address this issue?
Which of the following relies on a physical characteristic of the user to verify his identity?
Which of the following is used to communicate with an authentication server commonly used in UNIX networks?
You are taking over the security of an existing network. You discover a machine that is not being used as such, but has software on it that emulates the activity of a sensitive database server. What is this?
Which of the following statements is true about the difference between worms and Trojan horses?
Which of the following federal laws are related to hacking activities?
Each correct answer represents a complete solution. Choose three.
Which of the following is a signature-based intrusion detection system (IDS) ?
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.
Which of the following activities result in change requests?
Each correct answer represents a complete solution. Choose all that apply.
John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?
Which of the following tools monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools?
You work as a Network Administrator for Blue Well Inc. The company has a Windows Server 2008 domain-based network. All client computers on the network run Windows Vista Ultimate. Andy, a Finance Manager, uses Windows Mail to download his e-mails to his inbox. He complains that every now and then he gets mails asking for revealing personal or financial information. He wants that such mails are not shown to him. Which of the following steps will you take to accomplish the task?
You are a Network Administrator in an enterprise. You have been assigned the task of installing Windows 2000 and some other applications, on each computer on the network. But in the enterprise environment, it is not cost effective to install Windows 2000 and other applications, using the standard interactive setup on each computer. You plan to perform automated installation on multiple computers. Which of the following installation tasks can be automated?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following are the countermeasures against WEP cracking?
Each correct answer represents a part of the solution. Choose all that apply.
Which of the following types of attacks entices a user to disclose personal information such as social security number, bank account details, or credit card number?
You work as an Administrator for Bluesky Inc. The company has 145 Windows XP Professional client computers and eighty Windows 2003 Server computers. You want to install a security layer of WAP specifically designed for a wireless environment. You also want to ensure that the security layer provides privacy, data integrity, and authentication for client-server communications over a wireless network. Moreover, you want a client and server to be authenticated so that wireless transactions remain secure and the connection is encrypted. Which of the following options will you use to accomplish the task?
