At ValidExamDumps, we consistently monitor updates to the GIAC GSNA exam questions by GIAC. Whenever our team identifies changes in the exam questions,exam objectives, exam focus areas or in exam requirements, We immediately update our exam questions for both PDF and online practice exams. This commitment ensures our customers always have access to the most current and accurate questions. By preparing with these actual questions, our customers can successfully pass the GIAC Systems and Network Auditor exam on their first attempt without needing additional materials or study guides.
Other certification materials providers often include outdated or removed questions by GIAC in their GIAC GSNA exam. These outdated questions lead to customers failing their GIAC Systems and Network Auditor exam. In contrast, we ensure our questions bank includes only precise and up-to-date questions, guaranteeing their presence in your actual exam. Our main priority is your success in the GIAC GSNA exam, not profiting from selling obsolete exam questions in PDF or Online Practice Test.
Web applications are accessed by communicating over TCP ports via an IP address. Choose the two most common Web Application TCP ports and their respective protocol names.
Each correct answer represents a complete solution. Choose two.
The two most common Web Application TCP ports are Port 443 and Port 80. HTTPS or SSL uses TCP port 443, whereas HTTP uses TCP Port 80.
Answer B is incorrect. Port 80 is used for HTTP, not HTTPS.
Answer A is incorrect. S-HTTP is not the protocol name for Port 443. HTTPS or SSL is the name used for Port 443 traffic.
You are responsible for a number of Windows Server 2003 DNS servers on a large corporate network. You have decided to audit the DNS server logs. Which of the following are likely errors you could encounter in the log?
Each correct answer represents a complete solution. Choose two.
There are a number of errors one could find in a Windows Server 2003 DNS log. They are as follows:
The DNS server could not create a Transmission Control Protocol.
The DNS server could not open socket for address.
The DNS server could not initialize the Remote Procedure Call (RPC) service.
The DNS server could not bind the main datagram socket.
The DNS Server service relies on Active Directory to store and retrieve information for Active Directory-integrated zones. And several
active directory errors are possible.
Answer A is incorrect. DNS Servers do not create FTP connections.
Answer B is incorrect. A DNS server looks up a name to return an IP, it would not and cannot connect to a domain name, it must connect to an IP address.
Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
SSID stands for Service Set Identifier. It is used to identify a wireless network. SSIDs are case sensitive text strings and have a maximum
length of 32 characters. All wireless devices on a wireless network must have the same SSID in order to communicate with each other.
The SSID on computers and the devices in WLAN can be set manually and automatically. Configuring the same SSID as that of the other
Wireless Access Points (WAPs) of other networks will create a conflict. A network administrator often uses a public SSID that is set on the
access point. The access point broadcasts SSID to all wireless devices within its range. Some newer wireless access points have the ability to
disable the automatic SSID broadcast feature in order to improve network security.
In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The
information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone
transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a
Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker
use to perform a DNS zone transfer?
Each correct answer represents a complete solution. Choose all that apply.
An attacker can use Host, Dig, and NSLookup to perform a DNS zone transfer.
Answer A is incorrect. DSniff is a sniffer that can be used to record network traffic. Dsniff is a set of tools
that are used for sniffing
passwords, e-mail, and HTTP traffic. Some of the tools of Dsniff include dsniff, arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. Dsniff
is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched
networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:
C .\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements
about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
'Printenv' vulnerability allows an attacker to input specially crafted links and/or other malicious scripts. For example,
http://www/cgi-bin/printenv/<script>alert (An attacker can misuse it!)</script>
Since 'printenv' is just an example CGI script (It comes with various versions of the Apache Web server.) that has no real use and has its
own problems, there is no problem in removing it.
Answer B is incorrect. 'Printenv' does not maintain any log file of user activities.
