SANS 401 GSEC FINAL EXAM
QUESTIONS WITH CORRECT
SOLUTIONS||100% GUARANTEED
PASS|| UPDATED 2026/2027
SYLLABUS||ALREADY A+
GRADED||<<RECENT VERSION>>
1) Intrusion Detection System (IDS) - ANSWER ✓ Reports attacks against
monitored systems/networks. Requires monitoring, alerting, and reaction
2) Network IDS (NIDS) - ANSWER ✓ Deployed as a passive sniffer/sensor at
network aggregation points. Uses signature, anomaly analysis
3) Signature Analysis - ANSWER ✓ Performs pattern matching with rules that
indicate criteria in packets that represent events of interest
4) Snort - ANSWER ✓ Signature-based intrusion detection system that is very
efficient and low effort reporting
5) Intrusion Prevention System (IPS) - ANSWER ✓ Stops attacks on systems
and networks from being effective which can be network or host-based
6) Network IPS (NIPS) - ANSWER ✓ Typically deployed at the perimeter in
front and/or behind a firewall. Ensure between internet and DMZ are safe,
also checking VPN users
7) Cryptography - ANSWER ✓ Art and Science of hiding the meaning of a
communication from unintended recipients
8) Cryptology - ANSWER ✓ Encompasses cryptography and cryptanalysis
,9) Encryption - ANSWER ✓ Coding a message so that its meaning is
concealed
10) Decryption - ANSWER ✓ Process of transforming an encrypted
message into it original form
11) Plaintext - ANSWER ✓ Message in its original form
12) Ciphertext - ANSWER ✓ Message in its encrypted form
13) The more bits of encryption - ANSWER ✓ The harder it is to break
14) COCOM - ANSWER ✓ 1991, allowed export of encryption except to
dangerous countries
15) Wassenaar Arrangement - ANSWER ✓ 1995, 28 countries allowed
free symmetric encryption export, other crypto requires a license
16) European Union Controls - ANSWER ✓ Focused on export of
encryption regulated by the Concil Regulation (EC)
17) United States Controls - ANSWER ✓ No import restrictions, signed
the Wassenaar Arrangement but with strciter export controls
18) Symmetric Encryption (Confidentiality) - ANSWER ✓ Same key
used to Encrypt as to Decrypt. Fairly fast!
19) Symmetric Encryption Techniques - ANSWER ✓ Exclusive OR
(XOR)
Arbitrary Substitution
Rotation
Permutation
20) Hashing (Integrity) - ANSWER ✓ One-way transformation which
requires no key. Plaintext is not recoverable (integrity)
21) Asymmetric Encryption (Authentication) - ANSWER ✓ Public key,
dual-key encryption. Whatever key encrypts, only the other key decrypts
, 22) If you send a message to someones Public Key - ANSWER ✓ Only
their Private Key and decrypt the message
23) If you send to private key - ANSWER ✓ Anyone can decrypt via the
sender's public key
24) Digital Signature (Non-Repudiation) - ANSWER ✓ Use public key
cryptography to "sign" documents. Signatures are mostly authentic and
nonrepudiable. Sign with hash of private key
25) Stegonography - ANSWER ✓ Data hiding involving concealing the
fact that you are sending "sensitive" information
26) Types of Steganography - ANSWER ✓ Watermarking
Cryptography
Steganography
27) Confidentiality in Encryption - ANSWER ✓ Any Cryptography
28) Integrity in Encryption - ANSWER ✓ Hashing
29) Authentication in Encryption - ANSWER ✓ Asymmetric Encryption
30) Non-Repudiation in Encryption - ANSWER ✓ Asymmetric and
Hashing
31) Data Encryption Standard (DES) - ANSWER ✓ Released May 17th,
1975. Symmetric 64-bit block cipher algorithm. 56-bit key size
32) Triple DES - ANSWER ✓ Replaced DES by pushing plaintext
through DES 3 times with 3 different keys
33) Advanced Encryption Standard (AES) - ANSWER ✓ A new
encryption algorithm that is being designed to be effective into the 21st
century (Rijndael). Approved on 12/26/2001 to replace Triple DES
QUESTIONS WITH CORRECT
SOLUTIONS||100% GUARANTEED
PASS|| UPDATED 2026/2027
SYLLABUS||ALREADY A+
GRADED||<<RECENT VERSION>>
1) Intrusion Detection System (IDS) - ANSWER ✓ Reports attacks against
monitored systems/networks. Requires monitoring, alerting, and reaction
2) Network IDS (NIDS) - ANSWER ✓ Deployed as a passive sniffer/sensor at
network aggregation points. Uses signature, anomaly analysis
3) Signature Analysis - ANSWER ✓ Performs pattern matching with rules that
indicate criteria in packets that represent events of interest
4) Snort - ANSWER ✓ Signature-based intrusion detection system that is very
efficient and low effort reporting
5) Intrusion Prevention System (IPS) - ANSWER ✓ Stops attacks on systems
and networks from being effective which can be network or host-based
6) Network IPS (NIPS) - ANSWER ✓ Typically deployed at the perimeter in
front and/or behind a firewall. Ensure between internet and DMZ are safe,
also checking VPN users
7) Cryptography - ANSWER ✓ Art and Science of hiding the meaning of a
communication from unintended recipients
8) Cryptology - ANSWER ✓ Encompasses cryptography and cryptanalysis
,9) Encryption - ANSWER ✓ Coding a message so that its meaning is
concealed
10) Decryption - ANSWER ✓ Process of transforming an encrypted
message into it original form
11) Plaintext - ANSWER ✓ Message in its original form
12) Ciphertext - ANSWER ✓ Message in its encrypted form
13) The more bits of encryption - ANSWER ✓ The harder it is to break
14) COCOM - ANSWER ✓ 1991, allowed export of encryption except to
dangerous countries
15) Wassenaar Arrangement - ANSWER ✓ 1995, 28 countries allowed
free symmetric encryption export, other crypto requires a license
16) European Union Controls - ANSWER ✓ Focused on export of
encryption regulated by the Concil Regulation (EC)
17) United States Controls - ANSWER ✓ No import restrictions, signed
the Wassenaar Arrangement but with strciter export controls
18) Symmetric Encryption (Confidentiality) - ANSWER ✓ Same key
used to Encrypt as to Decrypt. Fairly fast!
19) Symmetric Encryption Techniques - ANSWER ✓ Exclusive OR
(XOR)
Arbitrary Substitution
Rotation
Permutation
20) Hashing (Integrity) - ANSWER ✓ One-way transformation which
requires no key. Plaintext is not recoverable (integrity)
21) Asymmetric Encryption (Authentication) - ANSWER ✓ Public key,
dual-key encryption. Whatever key encrypts, only the other key decrypts
, 22) If you send a message to someones Public Key - ANSWER ✓ Only
their Private Key and decrypt the message
23) If you send to private key - ANSWER ✓ Anyone can decrypt via the
sender's public key
24) Digital Signature (Non-Repudiation) - ANSWER ✓ Use public key
cryptography to "sign" documents. Signatures are mostly authentic and
nonrepudiable. Sign with hash of private key
25) Stegonography - ANSWER ✓ Data hiding involving concealing the
fact that you are sending "sensitive" information
26) Types of Steganography - ANSWER ✓ Watermarking
Cryptography
Steganography
27) Confidentiality in Encryption - ANSWER ✓ Any Cryptography
28) Integrity in Encryption - ANSWER ✓ Hashing
29) Authentication in Encryption - ANSWER ✓ Asymmetric Encryption
30) Non-Repudiation in Encryption - ANSWER ✓ Asymmetric and
Hashing
31) Data Encryption Standard (DES) - ANSWER ✓ Released May 17th,
1975. Symmetric 64-bit block cipher algorithm. 56-bit key size
32) Triple DES - ANSWER ✓ Replaced DES by pushing plaintext
through DES 3 times with 3 different keys
33) Advanced Encryption Standard (AES) - ANSWER ✓ A new
encryption algorithm that is being designed to be effective into the 21st
century (Rijndael). Approved on 12/26/2001 to replace Triple DES
