← Back to exam page

GISF GIAC Information Security Fundamentals

Loading demo links...

Showing 1–3 of 15 questions

Question 1 (Volume A)

Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions, which is available to the Internet. Which of the following security threats may occur if DMZ protocol attacks are performed?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Attacker can exploit any protocol used to go into the internal network or intranet of the com pany.

  • Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.

  • Attacker can gain access to the Web server in a DMZ and exploit the database.

  • Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.
Question 2 (Volume B)

You work as a Software Developer for uCertify Inc. You have developed a Data Access Logic (DAL) component that will be part of a distributed application. You are conducting integration testing with other components of the distributed application. Which of the following types of testing methods will you need to perform to identify potential security-related issues? Each correct answer represents a part of the solution. Choose two.

Select all that apply, then click Submit answer.

  • Unit testing

  • Stress testing

  • Load testing

  • Black box testing

  • White box testing
Question 3 (Volume C)

Which of the following are parts of applying professional knowledge? Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Maintaining cordial relationship with project sponsors

  • Reporting your project management appearance

  • Staying up-to-date with project management practices

  • Staying up-to-date with latest industry trends and new technology