top of page
This site was designed with the
.com
website builder. Create your website today.Start Now
Search
  • Writer's pictureKaty Morgan
    • Jun 14, 2021
    • 3 min read

Introduction to GIAC Information Security Professional (GISP) Exam

The GIAC GISP Exam is challenging and thorough preparation is essential for success. This exam study guide is designed to help you prepare for the GISP certification exam. It contains a detailed list of the topics covered on the Professional exam, as well as a detailed list of preparation resources. These study guide for the GIAC Information Security Professional will help guide you through the study process for your certification.

GISP GIAC Information Security Professional Exam Summary


Exam Name: GIAC Information Security Professional

Exam Code: GISP

Exam Price: $1899 (USD)

Duration: 300 mins

Number of Questions: 250

Passing Score: 70%

Schedule Exam: Pearson VUE

Sample Questions: GIAC GISP Sample Questions

Recommended Practice: GIAC GISP Certification Practice Exam


Exam Syllabus: GISP GIAC Information Security Professional (GISP)


1. Asset Security

- The candidate will demonstrate an understanding of asset management and classification, including access controls, handling and retention requirements.

2. Communications and Network Security

- The candidate will demonstrate an understanding of network security, including secure architecture, network protocols, security controls and devices, and common network attacks.


3. Identity and Access Management

- The candidate will demonstrate an understanding of identity management concepts and controls including AAA, passwords, tokens, biometrics, federation, and common threats.


4. Security and Risk Management

- The candidate will demonstrate and understanding of security risk management and business continuity practices, including legal and regulatory compliance, security policies, and governance principles.


5. Security Assessment and Testing

- The candidate will demonstrate the ability to design, perform, and analyze security tests


6. Security Engineering

- The candidate will demonstrate an understanding of secure engineering architecture and implementation for systems in networked, web based, and mobile environments and mitigating common vulnerabilities.


7. Security Operation

- The candidate will be able to demonstrate an understanding of the managerial, administrative, operational aspects of information security.


8. Software Development Security

- The candidate will be able to demonstrate an understanding of the key security principles related to secure application development.


GIAC GISP Certification Sample Questions and Answers


To make you familiar with GIAC Information Security Professional (GISP) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for GISP Certification to test your understanding of GIAC GISPprocess with real GIAC certification exam environment.


GISP GIAC Information Security Professional Sample Questions:-


01. In which type of access control do user ID and password system come under?

a) Power

b) Physical

c) Technical

d) Administrative


02. Which of the following terms is synonymous with the willful destruction of another person's property?

a) Hacking

b) Vandalism

c) Spoofing

d) Phishing


03. Which of the following hardware devices prevents broadcasts from crossing over subnets?

a) Bridge

b) Router

c) Modem

d) Hub


04. The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

a) MAC addresses

b) Port numbers

c) Subnet masks

d) IP addresses


05. At which of the following layers Structured Query Language (SQL) works?

a) Physical

b) Network

c) Transport

d) Session


06. Which of the following practices come in the category of denial of service attack?

a) Sending lots of ICMP packets to an IP address

b) Disrupting services to a specific computer

c) Performing Back door attack on a system

d) Sending thousands of malformed packets to a network for bandwidth consumption


07. __________ is the process of verifying the identity of a user and obtaining required evidences from the user.

a) Verification

b) Impersonation

c) Authentication

d) Authorization


08. How many keys are used to encrypt data in symmetric encryption?

a) Two

b) Three

c) Four

d) One


09. Which of the following allows an administrator to find weak passwords on the network?

a) Rainbow table

b) Back door

c) Worm

d) Access control list


10. Key escrow is a method of __________.

a) Key renewal

b) Key distribution

c) Key recovery

d) key revocation


Answers:-


Answer 1:- c

Answer 2:- b

Answer 3:- b

Answer 4:- b

Answer 5:- d

Answer 6:- a, b, d

Answer 7:- c

Answer 8:- d

Answer 9:- a

Answer 10:- c

8 views0 comments
bottom of page