The GIAC GISP Exam is challenging and thorough preparation is essential for success. This exam study guide is designed to help you prepare for the GISP certification exam. It contains a detailed list of the topics covered on the Professional exam, as well as a detailed list of preparation resources. These study guide for the GIAC Information Security Professional will help guide you through the study process for your certification.

GISP GIAC Information Security Professional Exam Summary

● Exam Name: GIAC Information Security Professional

● Exam Code: GISP

● Exam Price: $1899 (USD)

● Duration: 300 mins

● Number of Questions: 250

● Passing Score: 70%

● Schedule Exam: Pearson VUE

● Sample Questions: GIAC GISP Sample Questions

● Recommended Practice: GIAC GISP Certification Practice Exam

Exam Syllabus: GISP GIAC Information Security Professional (GISP)

1. Asset Security

- The candidate will demonstrate an understanding of asset management and classification, including access controls, handling and retention requirements.

2. Communications and Network Security

- The candidate will demonstrate an understanding of network security, including secure architecture, network protocols, security controls and devices, and common network attacks.

3. Identity and Access Management

- The candidate will demonstrate an understanding of identity management concepts and controls including AAA, passwords, tokens, biometrics, federation, and common threats.

4. Security and Risk Management

- The candidate will demonstrate and understanding of security risk management and business continuity practices, including legal and regulatory compliance, security policies, and governance principles.

5. Security Assessment and Testing

- The candidate will demonstrate the ability to design, perform, and analyze security tests

6. Security Engineering

- The candidate will demonstrate an understanding of secure engineering architecture and implementation for systems in networked, web based, and mobile environments and mitigating common vulnerabilities.

7. Security Operation

- The candidate will be able to demonstrate an understanding of the managerial, administrative, operational aspects of information security.

8. Software Development Security

- The candidate will be able to demonstrate an understanding of the key security principles related to secure application development.

GIAC GISP Certification Sample Questions and Answers

To make you familiar with GIAC Information Security Professional (GISP) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for GISP Certification to test your understanding of GIAC GISPprocess with real GIAC certification exam environment.

GISP GIAC Information Security Professional Sample Questions:-

01. In which type of access control do user ID and password system come under?

a) Power

b) Physical

c) Technical

d) Administrative

02. Which of the following terms is synonymous with the willful destruction of another person's property?

a) Hacking

b) Vandalism

c) Spoofing

d) Phishing

03. Which of the following hardware devices prevents broadcasts from crossing over subnets?

a) Bridge

b) Router

c) Modem

d) Hub

04. The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

a) MAC addresses

b) Port numbers

c) Subnet masks

d) IP addresses

05. At which of the following layers Structured Query Language (SQL) works?

a) Physical

b) Network

c) Transport

d) Session

06. Which of the following practices come in the category of denial of service attack?

a) Sending lots of ICMP packets to an IP address

b) Disrupting services to a specific computer

c) Performing Back door attack on a system

d) Sending thousands of malformed packets to a network for bandwidth consumption

07. __________ is the process of verifying the identity of a user and obtaining required evidences from the user.

a) Verification

b) Impersonation

c) Authentication

d) Authorization

08. How many keys are used to encrypt data in symmetric encryption?

a) Two

b) Three

c) Four

d) One

09. Which of the following allows an administrator to find weak passwords on the network?

a) Rainbow table

b) Back door

c) Worm

d) Access control list

10. Key escrow is a method of __________.

a) Key renewal

b) Key distribution

c) Key recovery

d) key revocation

Answers:-

Answer 1:- c

Answer 2:- b

Answer 3:- b

Answer 4:- b

Answer 5:- d

Answer 6:- a, b, d

Answer 7:- c

Answer 8:- d

Answer 9:- a

Answer 10:- c