Network administrators are often hesitant to patch the operating systems on CISCO router and switch operating systems, due to the possibility of causing network instability, mainly because of which of the following?
A. Having to rebuild all ACLs
B. Having to replace the kernel
C. Having to re-IP the device
D. Having to rebuild ARP tables
E. Having to rebuild the routing tables
Answer: B
Tuesday, March 10, 2020
Thursday, October 3, 2019
GIAC GCED Questions Answers
Which tool uses a Snort rules file for input and by design triggers Snort alerts?
A. snot
B. stick
C. Nidsbench
D. ftester
Answer: C
A. snot
B. stick
C. Nidsbench
D. ftester
Answer: C
Thursday, May 9, 2019
GIAC GCED Questions Answers
A security device processes the first packet from 10.62.34.12 destined to 10.23.10.7 and recognizes a malicious anomaly. The first packet makes it to 10.23.10.7 before the security devices sends a TCP RST to 10.62.34.12. What type of security device is this?
A. Host IDS
B. Active response
C. Intrusion prevention
D. Network access control
Answer: B
Visit For More Informations: GCED Exam Dumps
A. Host IDS
B. Active response
C. Intrusion prevention
D. Network access control
Answer: B
Visit For More Informations: GCED Exam Dumps
Friday, November 23, 2018
GIAC GCED Questions Answers
Which could be described as a Threat Vector?
A. A web server left6 unpatched and vulnerable to XSS
B. A coding error allowing remote code execution
C. A botnet that has infiltrated perimeter defenses
D. A wireless network left open for anonymous use
Answer: A
A. A web server left6 unpatched and vulnerable to XSS
B. A coding error allowing remote code execution
C. A botnet that has infiltrated perimeter defenses
D. A wireless network left open for anonymous use
Answer: A
Sunday, October 14, 2018
GIAC Certified Enterprise Defender (GCED)
Security professionals who want to demonstrate that they are qualified for the practical roles of computer systems with respect to security tasks. Applicants must demonstrate an understanding of information security that goes beyond simple terminology and concepts.
Defend network protocols.
The candidate will demonstrate an understanding of the OSI model and commonly used protocols that are found in multiple OSI layers. The candidate must also demonstrate a basic knowledge of the weaknesses of these protocols and the services that use them, as well as the tactics for a safer implementation.
Infrastructure and defensive tactics.
The candidate will demonstrate understanding of security infrastructures, such as firewalls, systems for preventing and detecting intruders in the host and the network, active defense measures and characteristics such as registration and use. effective
Concepts and application of digital forensics
The candidate will demonstrate an understanding of the methods and practices of digital forensics.
Concepts and application of response to incidents
The candidate will demonstrate that he understands the incident response process and its relationship to threat intelligence practices.
Interactive malware analysis
The candidate will demonstrate an understanding of the interactive analysis of malware behavior, knowledge of the tools and techniques used to perform the analysis and interpret the results of the analysis.
Intrusion detection and packet analysis.
The candidate will demonstrate understanding of intrusion prevention systems, location in the organization, configuration and adjustment, and response to alerts.
Concepts of malware analysis and basic analysis techniques
The candidate will demonstrate an understanding of the different types of malware, identify the symptoms of infection and methods to analyze it safely. The candidate will demonstrate an understanding of the advantages and disadvantages of static and automated malware analysis techniques, as well as their ability to perform these analyzes and interpret their results.
Manual analysis of malicious programs.
The candidate will demonstrate that he understands the manual inversion of malicious code, the disassembly and decompilation of malicious software and the code obfuscation techniques used by malicious software.
Concepts and forensic applications of networks
The candidate will demonstrate an understanding of the tools and legal practices of the network, which is used to analyze the stored traffic and in real time, to identify suspicious traffic or attack attempts.
Concepts and applications of network security monitoring
The candidate will demonstrate understanding of network packet analysis, their ability to use packet analysis tools and interpret the results of the analysis.
Concepts of vulnerability assessment and penetration test
The candidate will demonstrate that he understands the processes and techniques used in intrusion testing and vulnerability assessment missions. The candidate will demonstrate knowledge of the types of tools required for such missions.
Vulnerability assessment and penetration test application
The candidate will demonstrate understanding and skills using the intrusion testing and vulnerability assessment tools, and familiarity with the types of assessment objectives and types of testing.
Certification objectives of the GCED exam
Defend network protocols.
The candidate will demonstrate an understanding of the OSI model and commonly used protocols that are found in multiple OSI layers. The candidate must also demonstrate a basic knowledge of the weaknesses of these protocols and the services that use them, as well as the tactics for a safer implementation.
Infrastructure and defensive tactics.
The candidate will demonstrate understanding of security infrastructures, such as firewalls, systems for preventing and detecting intruders in the host and the network, active defense measures and characteristics such as registration and use. effective
Concepts and application of digital forensics
The candidate will demonstrate an understanding of the methods and practices of digital forensics.
Concepts and application of response to incidents
The candidate will demonstrate that he understands the incident response process and its relationship to threat intelligence practices.
Interactive malware analysis
The candidate will demonstrate an understanding of the interactive analysis of malware behavior, knowledge of the tools and techniques used to perform the analysis and interpret the results of the analysis.
Intrusion detection and packet analysis.
The candidate will demonstrate understanding of intrusion prevention systems, location in the organization, configuration and adjustment, and response to alerts.
Concepts of malware analysis and basic analysis techniques
The candidate will demonstrate an understanding of the different types of malware, identify the symptoms of infection and methods to analyze it safely. The candidate will demonstrate an understanding of the advantages and disadvantages of static and automated malware analysis techniques, as well as their ability to perform these analyzes and interpret their results.
Manual analysis of malicious programs.
The candidate will demonstrate that he understands the manual inversion of malicious code, the disassembly and decompilation of malicious software and the code obfuscation techniques used by malicious software.
Concepts and forensic applications of networks
The candidate will demonstrate an understanding of the tools and legal practices of the network, which is used to analyze the stored traffic and in real time, to identify suspicious traffic or attack attempts.
Concepts and applications of network security monitoring
The candidate will demonstrate understanding of network packet analysis, their ability to use packet analysis tools and interpret the results of the analysis.
Concepts of vulnerability assessment and penetration test
The candidate will demonstrate that he understands the processes and techniques used in intrusion testing and vulnerability assessment missions. The candidate will demonstrate knowledge of the types of tools required for such missions.
Vulnerability assessment and penetration test application
The candidate will demonstrate understanding and skills using the intrusion testing and vulnerability assessment tools, and familiarity with the types of assessment objectives and types of testing.
Tuesday, June 19, 2018
GIAC GCED Questions Answers
When an IDS system looks for a pattern indicating a known worm, what type of detection method is it using?
A. Signature-based
B. Anomaly-based
C. Statistical
D. Monitored
Answer: A
Why would an incident handler acquire memory on a system being investigated?
A. To determine whether a malicious DLL has been injected into an application
B. To identify whether a program is set to auto-run through a registry hook
C. To list which services are installed on they system
D. To verify which user accounts have root or admin privileges on the system
Answer: C
A. Signature-based
B. Anomaly-based
C. Statistical
D. Monitored
Answer: A
Why would an incident handler acquire memory on a system being investigated?
A. To determine whether a malicious DLL has been injected into an application
B. To identify whether a program is set to auto-run through a registry hook
C. To list which services are installed on they system
D. To verify which user accounts have root or admin privileges on the system
Answer: C
Subscribe to:
Posts (Atom)