Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

GPPA by GIAC - Page 1 | ExamCademy

Mode Selection

Sort:

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Page 1 of 12 • Questions 1-25 of 280

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

A Snort
B NetWitness
C Wireshark
D Netresident

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.abc.com. You have searched all open ports of the ABC server. Now, you want to perform the next information-gathering step, i.e., passive OS fingerprinting.
Which of the following tools can you use to accomplish the task?

A P0f
B Superscan
C Nmap
D NBTscan

Which of the following protocols is used by TFTP as a file transfer protocol?

A SMTP
B UDP
C TCP
D SNMP

Which of the following steps are generally followed in computer forensic examinations?
Each correct answer represents a complete solution. (Choose three.)

A Analyze
B Acquire
C Authenticate
D Encrypt

Which of the following monitors program activities and modifies malicious activities on a system?

A HIDS
B Back door
C NIDS
D RADIUS

Which of the following wireless security features provides the best wireless security mechanism?

A WPA with Pre Shared Key
B WPA
C WPA with 802.1X authentication
D WEP

David works as the Security Manager for ABC Inc. He has been assigned a project to detect the attacks over multiple connections and sessions and to count the number of scanned ports in a defined time period.
Which of the following rulebases will he use to accomplish the task?

A SYN Protector rulebase
B Exempt rulebase
C Traffic Anomalies rulebase
D Network Honeyport rulebase

Which of the following terms is used to represent IPv6 addresses?

A Colon-dot
B Dot notation
C Hexadecimal-dot notation
D Colon-hexadecimal

You work as a Security Administrator for ABC Inc. You have implemented and configured a web application security scanner in the company's network. It helps in the automated review of the web applications with the defined purpose of discovering security vulnerabilities. In order to perform this task, the web application security scanner examines a number of vulnerabilities.
What are these vulnerabilities?
Each correct answer represents a complete solution. (Choose three.)

A Input/Output validation
B Denials of service against the TCP/IP stack
C Server configuration mistakes/errors/version
D Specific application problems

Which of the following information must the fragments carry for the destination host to reassemble them back to the original unfragmented state?
Each correct answer represents a complete solution. (Choose all that apply.)

A Offset field
B MF flag
C Length of the data
D IP identification number
E IP address
F MAC address

Which of the following types of IP actions are supported by an IDP rulebase? (Choose three.)

A Initiate rules of the rulebase
B Notify
C Drop/block session
D Close connection

You work as a Network Administrator for ABC Inc. You want to configure Snort as an IDS for your company's wireless network, but you are concerned that Snort does not support all types of traffic.
What traffic does Snort support?
Each correct answer represents a complete solution. (Choose all that apply.)

A ICMP
B UDP
C TCP
D IP

Which of the following parts of IP header is used to specify the correct place of the fragment in the original un-fragmented datagram?

A Fragment offset
B TTL
C Source address
D Fragment ID

An attacker changes the address of a sub-routine in such a manner that it begins to point to the address of the malicious code. As a result, when the function has been exited, the application can be forced to shift to the malicious code. The image given below explains this phenomenon:

Question Image

Which of the following tools can be used as a countermeasure to such an attack?

A SmashGuard
B Obiwan
C Kismet
D Absinthe

Which of the following forms on NAT maps multiple unregistered IP addresses to a single registered IP address by using different ports?

A Overclocking
B Dynamic NAT
C Overloading
D Static NAT

Which of the following tools is used to detect wireless LANs using the 802.11b, 802.11a, and 802.11g WLAN standards on the Windows platform?

A Snort
B NetStumbler
C AiroPeek
D Cain

Which of the following applications cannot proactively detect anomalies related to a computer?

A NIDS
B HIDS
C Anti-virus scanner
D Firewall installed on the computer

You work as a Network Administrator for ABC Inc. The company has a TCP/IP-based routed network. Two routers have been configured on the network. A router receives a packet.
Which of the following actions will the router take to route the incoming packet?
Each correct answer represents a part of the solution. (Choose two.)

A Read the source IP address.
B Add the path covered by the packet to the routing table.
C Use the routing table to determine the best path to the destination network address.
D Read the destination IP address.
E Use the routing table to determine the best path to the source network address.

Which of the following techniques allows probing firewall rule-sets and finding entry points into the targeted system or network?

A Packet collision
B Network enumerating
C Packet crafting
D Distributed Checksum Clearinghouse

Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?

A Honeynet
B Production honeypot
C Research honeypot
D Honeyfarm

The simplest form of a firewall is a packet filtering firewall. Typically, a router works as a packet-filtering firewall and has the capability to filter on some of the contents of packets.
On which of the following layers of the Open System Interconnection (OSI) reference model do these routers filter information?
Each correct answer represents a complete solution. (Choose all that apply.)

A Transport layer
B Data Link layer
C Physical layer
D Network layer

Which of the following utilities provides an efficient way to give specific users permission to use specific system commands at the root level of a Linux operating system?

A Apache
B Snort
C SSH
D SUDO

Which of the following firewalls operates at three layers - Layer3, Layer4, and Layer5?

A Dynamic packet-filtering firewall
B Application layer firewall
C Proxy firewall
D Circuit-level firewall

Which of the following hexadecimal values in the boot field in the configuration register loads the first IOS file found in Flash memory?

A 2
B 0
C 1
D F

Jain works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.abc.com.
He has successfully completed the following steps of the preattack phase:
>> Information gathering
>> Determining network range
>> Identifying active machines
>> Finding open ports and applications
>> OS fingerprinting
>> Fingerprinting services
Now Jain wants to perform network mapping of the ABC network.
Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. (Choose all that apply.)

A Traceroute
B Cheops
C NeoTrace
D Ettercap

GPPAPreview