GCIA Online Practice Questions and Answers

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

A. Enable verbose logging on the firewall

B. Install a network-based IDS

C. Install a DMZ firewall

D. Install a host-based IDS

You work as a Network Administrator for McRobert Inc. Your company has a TCP/IP-based network. You have configured a WAN link for the network. You are facing connectivity problem across the WAN link. What will be your first step in troubleshooting the issue?

A. Reinstall TCP/IP protocol.

B. Check that the correct default gateway is set.

C. Enable DNS.

D. Ensure that NetBEUI protocol is loaded.

E. Use the NETSTAT utility to view TCP/IP statistics.

Which of the following statements about FTP is true?

A. It holds files transmitted through POP3 mail.

B. It manages network devices.

C. It connects file servers on the World Wide Web.

D. It transfers files between computers.

E. It allows password free file transfers.

Which of the following is allowed by a company to be addressed directly from the public network and is hardened to screen the rest of its network from security exposure?

A. Intrusion detection system

B. A computer installed in the network and configured with sender reputation

C. bastion host

D. Exchange ActiveSync

Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:

Which of the following types of port scan is Adam running?

A. XMAS scan

B. ACK scan

C. Idle scan

D. FIN scan

Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?

A. Propagating Cipher Block Chaining (PCBC) Mode

B. Cipher Block Chaining (CBC) Mode

C. Cipher Feedback (CFB) Mode

D. Electronic Codebook (ECB) Mode

Which of the following proxy servers can be used for spamming?

A. Caching proxy server

B. Web proxy server

C. Open proxy server

D. Anonymizing proxy server

Which of the following types of attacks uses ICMP to consume bandwidth and crash sites?

A. MITM attack

B. SYN flood attack

C. TFN attack

D. XSS attack

Which of the following ports can be used for IP spoofing?

A. NNTP 119

B. POP 110

C. Rlogin 513

D. Whois 43

Which of the following TCP/UDP port is used by the toolkit program netstat?

A. Port 23

B. Port 15

C. Port 7

D. Port 69