Pass4Test est un site de vous ramener au succès. Pass4Test peut vous aider à promouvoir les connaissances essentielles pour le test GIAC G2700 et passer le test à la première fois.
Vous pouvez tout d'abord télécharger le démo GIAC G2700 gratuit dans le site Pass4Test. Une fois que vous décidez à choisir le Pass4Test, Pass4Test va faire tous efforts à vous permettre de réussir le test. Si malheureusement, vous ne passez pas le test, nous allons rendre tout votre argent.
Pour l'instant, vous pouvez télécharger le démo gratuit de Q&A GIAC G2700 dans Pass4Test pour se former avant le test GIAC G2700.
Pas besoin de beaucoup d'argent et de temps, vous pouvez passer le test GIAC G2700 juste avec la Q&A de GIAC G2700 offerte par Pass4Test qui vous offre le test simulation bien proche de test réel.
Code d'Examen: G2700
Nom d'Examen: GIAC (GIAC Certified ISO-2700 Specialist Practice Test)
Questions et réponses: 453 Q&As
Les experts de Pass4Test profitent de leurs expériences et connaissances à augmenter successivement la qualité des docmentations pour répondre une grande demande des candidats, juste pour que les candidats soient permis à réussir le test GIAC G2700 par une seule fois. Vous allez avoir les infos plus proches de test réel à travers d'acheter le produti de Pass4Test. Notre confiance sont venue de la grande couverture et la haute précision de nos Q&As. 100% précision des réponses vous donnent une confiance 100%. Vous n'auriez pas aucun soucis avant de participer le test.
G2700 Démo gratuit à télécharger: http://www.pass4test.fr/G2700.html
NO.1 You work as a Network Administrator for uCertify Inc. The organization has constructed a cafeteria for
their employees and you are responsible to select the access control method for the cafeteria.
There are a few conditions for giving access to the employees, which are as follows:
1. Top level management can get access any time.
2. Staff members can get access during the specified hours.
3. Guests can get access only in working hours.
Which of the following access control methods is suitable to accomplish the task?
A. Discretionary access control
B. Lattice-based access control
C. Attribute-based access control
D. Rule-based access control
Answer: D
GIAC G2700 examen G2700 G2700
NO.2 Mark works as a Network Security Administrator for uCertify Inc. An employee of the organization
comes to Mark and tells him that a few months ago, the employee had filled an online bank form due to
some account related work. Today, when again visiting the site, the employee finds that some of his
personal information is still being displayed in the webpage. Which of the following types of cookies
should be disabled by Mark to resolve the issue?
A. Session
B. Temporary
C. Secure
D. Persistent
Answer: D
GIAC certification G2700 G2700 certification G2700 certification G2700
NO.3 Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the
following formulas best describes the Single Loss Expectancy (SLE)?
A. SLE = Asset Value (AV) * Exposure Factor (EF)
B. SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
C. SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
D. SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)
Answer: A
certification GIAC G2700 G2700 examen G2700 certification G2700
NO.4 A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following
are the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.
A. Risk identification
B. Security Threat
C. Project schedule
D. Team members list
E. Risk analysis
Answer: A,C,D,E
GIAC certification G2700 certification G2700 G2700
NO.5 Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some
confidential information is being leaked out by an employee of the company. Rick suspects that someone
is sending the information through email. He checks the emails sent by some employees to other
networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files
that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography
technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.
A. Linguistic steganography
B. Text Semagrams
C. Technical steganography
D. Perceptual masking
Answer: A,B
certification GIAC certification G2700 G2700 G2700
NO.6 Qualitative risk analysis includes judgment, intuition, and experience. Which of the following methods
are used to perform qualitative risk analysis?
Each correct answer represents a complete solution. Choose all that apply.
A. Egress filtering
B. Checklists
C. Delphi technique
D. Brainstorming
Answer: B,C,D
certification GIAC G2700 examen G2700 certification G2700
NO.7 Which of the following controls are administrative in nature?
A. Directive controls
B. Recovery controls
C. Preventive controls
D. Detective controls
Answer: A
GIAC G2700 examen G2700 examen
NO.8 Which of the following phases of the PDCA model is the monitoring and controlling phase of the
Information Security Management System (ISMS)?
A. Check
B. Plan
C. Do
D. Act
Answer: A
GIAC G2700 G2700 examen certification G2700 G2700
NO.9 Which of the following are the uses of cryptography as defined in a policy document?
Each correct answer represents a complete solution. Choose all that apply.
A. Backup
B. Control of keys
C. Applications supporting cryptography
D. Recovery
Answer: A,B,C
GIAC G2700 examen G2700 examen G2700 G2700
NO.10 Which of the following are the exceptions of the Data Protection Act?
Each correct answer represents a complete solution. Choose all that apply.
A. Section 36 - Domestic purposes
B. Section 28 - National security
C. Section 55 - Unlawful obtaining of personal data
D. Section 29 - Crime and taxation
Answer: A,B,D
GIAC G2700 G2700 examen
NO.11 You work as an Information Security Officer for uCertify Inc. You need to create an asset management
plan differentiating fixed assets from inventory items. How will you differentiate assets from inventory
items?
A. Inventory items are sold.
B. Assets are temporary usually.
C. Inventory items are permanent.
D. Assets cannot be used.
Answer: A
GIAC G2700 certification G2700
NO.12 CORRECT TEXT
Fill in the blank with the appropriate term.
________ is a powerful and low-interaction open source honeypot.
Answer: Honeyd
GIAC certification G2700 G2700 examen G2700 G2700
NO.13 You work as an Information Security Manager for uCertify Inc. You need to make the
documentation on change management. What are the advantages of change management?
Each correct answer represents a complete solution. Choose all that apply.
A. Improved productivity of users due to more stable and better IT services
B. Improved IT personnel productivity, since there is a reduced number of urgent changes and a back-out
of erroneous changes
C. Improved adverse impact of changes on the quality of IT services
D. Increased ability to absorb frequent changes without making an unstable IT environment
Answer: A,B,D
GIAC certification G2700 G2700
NO.14 Which of the following is a fast-emerging global sector that advises individuals and corporations on
how to apply the highest ethical standards to every aspect of their business?
A. Service Capacity Management (SCM)
B. Business Capacity Management (BCM)
C. Resource Capacity Management (RCM)
D. Integrity Management Consulting
Answer: D
GIAC G2700 examen G2700 G2700 examen certification G2700
NO.15 You work as an Information Security Manager for uCertify Inc. You are working on communication and
organization management. You need to create the documentation on change management.
Which of the following are the main objectives of change management?
Each correct answer represents a complete solution. Choose all that apply.
A. Minimal disruption of services
B. Reduction of inventory in accordance with revenue
C. Economic utilization of resources involved in the change
D. Reduction in back-out activities
Answer: A,C,D
certification GIAC G2700 G2700 examen certification G2700 G2700
NO.16 Which of the following is the designing phase of the ISMS?
A. Check
B. Plan
C. Act
D. Do
Answer: B
GIAC G2700 examen G2700 G2700 examen G2700
NO.17 Which of the following should be considered while calculating the costs of the outage?
Each correct answer represents a complete solution. Choose all that apply.
A. Sales aspect of the business
B. Cost of low productivity
C. Innovations in electronic funds transfer
D. Cost of lost income from missed sales
Answer: B,D
GIAC examen G2700 G2700
NO.18 Which of the following administrative policy controls is usually associated with government
classifications of materials and the clearances of individuals to access those materials?
A. Separation of Duties
B. Due Care
C. Acceptable Use
D. Need to Know
Answer: D
GIAC examen G2700 examen G2700 G2700
NO.19 Which of the following is used for secure financial transactions over the Internet?
A. ATM
B. VPN
C. SSL
D. SET
Answer: D
GIAC G2700 G2700 G2700
NO.20 Which of the following is a Restrict Anonymous registry value that allows users with explicit
anonymous permissions?
A. 2
B. 3
C. 1
D. 0
Answer: A
certification GIAC G2700 G2700 G2700 examen certification G2700
NO.21 You work as the Human Resource Manager for uCertify Inc. You need to recruit some candidates for
the marketing department of the organization. Which of the following should be defined to the new
employees of the organization before they have joined?
Each correct answer represents a complete solution. Choose all that apply.
A. Marketing tips and tricks
B. Organization's network topology
C. Job roles
D. Organization's security policy
Answer: C,D
GIAC G2700 examen G2700 examen G2700 examen G2700 G2700 examen
NO.22 You work as a Security Administrator for uCertify Inc. You have been assigned the task to verify the
identity of the employees recruited in your organization. Which of the following components of security
deals with an employee's verification in the organization?
A. Network Security
B. Physical security
C. Access security
D. Human resource security
Answer: D
certification GIAC G2700 certification G2700 G2700 examen
NO.23 CORRECT TEXT
Fill in the blank with an appropriate phrase.
_________accord describes the minimum regulatory capital to be allocated by each bank based on its
risk profile of assets.
Answer: Basel ll
GIAC examen G2700 G2700 certification G2700
NO.24 You work as an Information Security Manager for uCertify Inc. You are working on the
documentation of control A.10.1.1. What is the purpose of control A.10.1.1.?
A. It is concerned with the documentation of the human resource security to make recruitments clear to
the organization.
B. It is concerned with the documentation of the supply chain management.
C. It is concerned with the documentation of operating procedures to ensure the correct and secure use of
information processing facilities.
D. It is concerned with the documentation of the disaster recovery management to ensure proper backup
technologies.
Answer: C
certification GIAC G2700 examen certification G2700 G2700 examen
NO.25 Which of the following are the basics of Business Continuity Management?
Each correct answer represents a complete solution. Choose all that apply.
A. Implementation of a risk assessment technique to identify the causes and consequences of failures
B. Regular checking of business continuity plans
C. Identification of authentication techniques according to the requirements
D. Identification of human resources according to the requirements
Answer: A,B,D
GIAC examen G2700 G2700 examen G2700
NO.26 Mark works as a System Administrator for uCertify Inc. He is responsible for securing the network of
the organization. He is configuring some of the advanced features of the Windows firewall so that he can
block the client machine from responding to pings. Which of the following advanced setting types should
Mark change for accomplishing the task?
A. ICMP
B. SNMP
C. UDP
D. SMTP
Answer: A
GIAC G2700 G2700 certification G2700 certification G2700
NO.27 Mark works as a Network Security Administrator for uCertify Inc. He has been assigned the task of
installing a MySQL server. Mark wants to monitor only the data that is directed to or originating from the
server and he also wants to monitor running processes, file system access and integrity, and user logins
for identifying malicious activities. Which of the following intrusion detection techniques will Mark use to
accomplish the task?
A. Network-based IDS
B. Signature-based IDS
C. Anomaly-based IDS
D. Host-based IDS
Answer: D
certification GIAC G2700 examen G2700 G2700 examen G2700 examen
NO.28 Mark works as an Office Assistant for uCertify Inc. He is responsible for managing office documents.
Today, after opening a word document, Mark noticed that the other opened documents are closed
suddenly. After reopening those documents, Mark found some modifications in the documents. He
contacted his Security Administrator and came to know that there is a virus program installed in the
operating system. Which of the following types of virus has attacked the operating system?
A. Data file
B. Macro
C. Polymorphic
D. Boot sector
Answer: A
certification GIAC G2700 G2700
NO.29 The disciplined and structured process, that integrates information security and risk management
activities into the System Development Life Cycle, is provided by the risk management framework.
Choose the appropriate RMF steps.
A.
Answer: A
GIAC examen certification G2700 certification G2700 G2700
NO.30 Which of the following statements are true about security risks?
Each correct answer represents a complete solution. Choose three.
A. These are considered as an indicator of threats coupled with vulnerability.
B. These can be removed completely by taking proper actions.
C. These can be mitigated by reviewing and taking responsible actions based on possible risks.
D. These can be analyzed and measured by the risk analysis process.
Answer: A,C,D
certification GIAC G2700 examen G2700 G2700 G2700
La Q&A lancée par Pass4Test est bien poupulaire. Pass4Test peut non seulement vous permettre à appendre les connaissances professionnelles, et aussi les expériences importantes résumées par les spécialistes dans l'Industrie IT. Pass4Test est un bon fournisseur qui peut répondre une grande demande des candidats. Avec l'aide de Pass4Test, vous aurez la confiance pour réussir le test. Vous n'aurez pas aucune raison à refuser le Pass4Test.
没有评论:
发表评论