GCIA – GIAC Certified Intrusion Analyst

Loading demo links...

Showing 1–3 of 20 questions

Question 1 (Volume A)

HOTSPOT

You work as a Network Administrator for McRobert Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You are configuring intrusion detection on the server. You want to get notified when a TCP SYN packet is sent with a spoofed source IP address and port number that match the destination IP address and port number. Mark the alert that you will enable on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box to accomplish the task.

Hot Area:

Answer is in the explanation below.

Question 2 (Volume A)

SIMULATION Fill in the blank with the appropriate facts regarding IP version 6 (IPv6).

IP addressing version 6 uses_____ -bit address. Its____ IP address assigned to a single host allows the host to send and receive data.

Answer is in the explanation below.

Question 3 (Volume C)

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple smallsized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

○
Nessus
○
Whisker
○
Y.A.T.
○
Fragroute

← Prev 1 2 3 4 5 6 7 Next →

Page 1 of 7

Sale Ends In

2h 0m 0s