
Updated Jan-2024 100% Cover Real GSEC Exam Questions Make Sure You 100% Pass
GSEC dumps Accurate Questions and Answers with Free and Fast Updates
NEW QUESTION # 18
You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. Mark, a Sales Manager, complains that he is unable to logon to the server. You verify that his computer is working properly and that another user is able to logon to the server from Mark's computer. The shadow password policy is implemented in the company. Mark's account entry in the /etc/passwd file is as follows: mark:*:501:100:Mark Smith:/home/mark:bin/tcsh What will you do to resolve the issue?
- A. Change the second field value to x.
- B. Delete the command shell entry /bin/tcsh.
- C. Create a new user account for Mark.
- D. Change the user ID from 501 to 50.
Answer: A
NEW QUESTION # 19
What is the command-line tool for Windows XP and later that allows administrators the ability to get or set configuration data for a very wide variety of computer and user account settings?
- A. WMIC.EXE
- B. C0NF1G.EXE
- C. IPCONFIG.EXE
- D. NETSTAT.EXE
Answer: A
NEW QUESTION # 20
You have an automated system for patching the operating systems of all your computers. All patches are supposedly current. Yet your automated vulnerability scanner has just reported vulnerabilities that you believe have been patched. Which of the actions below should you take next?
- A. Contact the incident response team.
- B. Check some systems manually.
- C. Ignore the findings as false positives.
- D. Rerun the system patching routines.
Answer: B
NEW QUESTION # 21
When a packet leaving the network undergoes Network Address Translation (NAT), which of the following is changed?
- A. TCP Sequence Number
- B. Source address
- C. Destination port
- D. Destination address
Answer: B
NEW QUESTION # 22
What is the discipline of establishing a known baseline and managing that condition known as?
- A. Security establishment
- B. Condition deployment
- C. Configuration management
- D. Observation discipline
Answer: A
NEW QUESTION # 23
In PKI, when someone wants to verify that the certificate is valid, what do they use to decrypt the signature?
- A. Receiver's digital signature
- B. CA's public key
- C. Secret passphrase
- D. X.509 certificate CA's private key
Answer: B
NEW QUESTION # 24
Which of the following types of attacks occurs when attackers enter a system or capture network traffic and make changes to selected files or data packets?
- A. Dictionary attack
- B. Brute force attack
- C. Teardrop attack
- D. Data diddling attack
Answer: D
NEW QUESTION # 25
In trace route results, what is the significance of an * result?
- A. A listening port was identified.
- B. The target host was successfully reached.
- C. No reply was received for a particular hop.
- D. A reply was returned in less than a second.
Answer: C
NEW QUESTION # 26
If a Linux administrator wanted to quickly filter out extraneous data and find a running process named RootKit, which command could he use?
- A. cat/proc;grep Rootkit
- B. tail/var/log/messages> Rootkit
- C. top-u Rootkit
- D. ps-ef/ grep Rootkit
- E. sed's/Rootkit/g'/var/log/messages
Answer: D
NEW QUESTION # 27
An attacker gained physical access to an internal computer to access company proprietary data. The facility is protected by a fingerprint biometric system that records both failed and successful entry attempts. No failures were logged during the time periods of the recent breach. The account used when the attacker entered the facility shortly before each incident belongs to an employee who was out of the area. With respect to the biometric entry system, which of the following actions will help mitigate unauthorized physical access to the facility?
- A. Try raising the Crossover Error Rate (CER)
- B. Try to lower the False Accept Rate (FAR)
- C. Try to set a lower False Reject Rate (FRR)
- D. Try setting the Equal Error Rate (EER) to zero
Answer: B
Explanation:
Explanation/Reference:
NEW QUESTION # 28
You are reviewing a packet capture file from your network intrusion detection system. In the packet stream, you come across a long series of "no operation" (NOP) commands. In addition to the NOP commands, there appears to be a malicious payload. Of the following, which is the most appropriate preventative measure for this type of attack?
- A. Controls against time of check/time of use attacks
- B. Boundary checks on program inputs
- C. Restrictions on file permissions
- D. Limits on the number of failed logins
Answer: A
NEW QUESTION # 29
Which of the following protocols is responsible for requesting Web pages from a Web server and sending back the responses to the Web browser?
- A. FTP
- B. PPP
- C. IP
- D. HTTP
Answer: D
NEW QUESTION # 30
Two clients connecting from the same public IP address (for example - behind the same NAT firewall) can connect simultaneously to the same web server on the Internet, provided what condition is TRUE?
- A. The clients are on different subnets.
- B. The server is on a different network.
- C. The server is not using a well-known port.
- D. The client-side source ports are different.
Answer: D
NEW QUESTION # 31
Why would someone use port 80 for deployment of unauthorized services?
- A. If someone were to randomly browse to the rogue port 80 service they could be compromised.
- B. HTTP traffic is usually allowed outbound to port 80 through the firewall in most environments.
- C. This is a technique commonly used to perform a denial of service on the local web server.
- D. Google will detect the service listing on port 80 and post a link, so that people all over the world will surf to the rogue service.
Answer: B
Explanation:
Explanation/Reference:
NEW QUESTION # 32
A VPC is created with a CIDR block of 10.22.0.0/16, which of the following private subnets could be Included?
- A. 10.23.12.0/26
- B. 10.22.12.0/24
- C. 10.10.10.0/24
- D. 10.23.0.0/16
Answer: B
NEW QUESTION # 33
You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer.
The company asks you to implement a RAID system to provide fault tolerance to a database. You want to
implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
- A. RAID-0
- B. RAID-1
- C. RAID-10
- D. RAID-5
Answer: B
NEW QUESTION # 34
Which of the following directories in Linux operating system contains device files, which refers to physical devices?
- A. /bin
- B. /dev
- C. /etc
- D. /boot
Answer: B
NEW QUESTION # 35
Which of the following ports is the default port for IMAP4 protocol?
- A. TCP port 80
- B. TCP port 25
- C. TCP port 443
- D. TCP port 143
Answer: D
NEW QUESTION # 36
You work as an Administrator for McRoberts Inc. The company has a Linux-based network. You are logged in as a non-root user on your client computer. You want to delete all files from the /garbage directory. You want that the command you will use should prompt for the root user password. Which of the following commands will you use to accomplish the task?
- A. rm -rf /garbage*
- B. su -c "RM -rf /garbage*"
- C. rm -rf /garbage* /SU
- D. del /garbage/*.*
Answer: B
Explanation:
Explanation/Reference:
NEW QUESTION # 37
The previous system administrator at your company used to rely heavily on email lists, such as vendor lists and Bug Traq to get information about updates and patches. While a useful means of acquiring data, this requires time and effort to read through. In an effort to speed things up, you decide to switch to completely automated updates and patching. You set up your systems to automatically patch your production servers using a cron job and a scripted apt-get upgrade command. Of the following reasons, which explains why you may want to avoid this plan?
- A. The command apt-get upgrade is incorrect, you need to run the apt-get update command
- B. Automated patching of production servers without prior testing may result in unexpected behavior or failures
- C. Relying on vendor and 3rd party email lists enables updates via email, for even faster patching
- D. The apt-get upgrade command doesn't work with the cron command because of incompatibility
Answer: A
NEW QUESTION # 38
Which class of IDS events occur when the IDS fails to alert on malicious data?
- A. False Positive
- B. False Negative
- C. True Negative
- D. True Positive
Answer: B
NEW QUESTION # 39
Which of the following prevents malicious programs from attacking a system?
- A. Anti-virus program D. Biometric devices
- B. Smart cards
- C. Firewall
Answer: A
NEW QUESTION # 40
The Linux command to make the /etc/shadow file, already owned by root, readable only by root is which of the following?
- A. chmod 444/etc/shadow
- B. chmod 400/etc/shadow
- C. chown 400 /etc/shadow
- D. chown root: root/etc/shadow
Answer: B
Explanation:
Explanation
NEW QUESTION # 41
You work as a Network Administrator for Net World Inc. The company has a Linux-based network. You want to mount an SMBFS share from a Linux workstation. Which of the following commands can you use to accomplish the task?
Each correct answer represents a complete solution. Choose two.
- A. mount -t smbfs
- B. mount smb
- C. smbmount
- D. smbfsmount
Answer: A,C
NEW QUESTION # 42
......
Real GSEC Quesions Pass Certification Exams Easily: https://www.actualvce.com/GIAC/GSEC-valid-vce-dumps.html
Practice with these GSEC dumps Certification Sample Questions: https://drive.google.com/open?id=1Or1X1Ds3hPkvORqpKd_fH6Jcnulh1Ivb