Page |1
GSEC Exam Questions And Answers 100%
Guaranteed Success 2025.
conceptual design - ans-high level design that includes core components of
network architecture | 'black box' I/O | legal, environmental safety | customer
experience | multidisciplinary
logical design - ans-depicts how data flows across different devices in network |
detailed, rather than abstract network diagram | services, application names | for
developers and security architects | shows servers workstations routers
firewalls...
physical design - ans-last before implementation | all known details | physical
components and connections | OS versions
communications flow - ans-dictated by logical design, shows how data flows in
and out of the network | informs threat model; attack surface and vectors;
estimate impact; determines defense
intellectual property (IP) - ans-dictated by logical architecture | key is reduce
number or locations where present; subject to copyright
router - ans-device that connects different networks together internal and
external | forwards data packets between computer networks | operates at OSI
L3, handles packets
switch - ans-networking device that connects computers together to form
physical and virtual networks | handles frames at OSI L2
, Page |2
Kismet - ans-Linux WLAN sniffer completely passive used for vulnerability
assessment and intrusion detection
threat enumeration - ans-list threat agents | list attack methods | list system-level
objectives
threat agents (3) - ans-human or not | organized crime | espionage | hactivist
Advanced Persistent Threat (APT) - ans-An organized group of attackers who are
highly motivated, skilled, and patient. They are often sponsored by a government,
are focused on a specific target, and will continue attacking for a very long time
until they achieve their goal.
DoS - ans-An availability attack, to consume resources to the point of exhaustion;
Denial of Service; flood of ICMP requests targets router takes down server
DDoS - ans-Denial of service attack committed using many computers, usually
zombies on a botnet.
packet sniffing - ans-capture network traffic for analysis | no longer requires
physical access to network due to prevalence of wifi
packet misroute - ans-malware on router sends traffic to evil location or causes
routing loops DoS or network congestion
XSS - ans-Cross-site scripting. Attacker redirects users to malicious websites, steal
cookies. E-mail can include an embedded HTML image object or a JavaScript
, Page |3
image tag as part of a malicious cross-site scripting attack. Prevent with input
validation.
CSRF - ans-Cross-Site Request Forgery--Third-party redirect of static content
within the security context of a trusted site.
SYN flood - ans-A type of DoS where an attacker sends a large amount of SYN
request packets to a server in an attempt to deny service.
TCP reset - ans-attacker sniffs target traffic the spoofs packet with RST flag set to
end session
routing table poisoning - ans-routers exchange data to build tables; attacker
injects bad data
CDP - ans-Cisco Discovery Protocol; transmits in the clear; manipulation attack;
disable this protocol
MAC flood - ans-An attack that sends numerous packets to the switch, each of
which has a different source MAC address, in an attempt to use up the memory
on the switch and switch can downgrade to hub
DHCP spoofing attack - ans-MitM attack listens for DHCP traffic then sends
attacker IP address as default gateway
STP - ans-Spanning Tree Protocol. Protocol enabled on most switches that
protects against switching loops. A switching loop can be caused if two ports of a
, Page |4
switch are connected together, such as those caused when two ports of a switch
are connected together.
VLAN hop - ans-spoof 802.1Q tags, attacker can frames to diff VLAN w/o router
physical topology - ans-how a network is wired together; includes wifi
ethernet - ans-a system for connecting a number of computer systems to form a
local area network, with protocols to control the passing of information and to
avoid simultaneous transmission by two or more systems.
full duplex - ans-simultaneous send / receive for two nodes; Any device that can
send and receive data simultaneously.
CSMA / CD - ans-Carrier Sense Multiple Access with Collision Detection. It is the
method for multiple hosts to communicate on a Ethernet.
subnet - ans-A logical subset of a larger network, created by an administrator to
improve network performance or to provide security.
Principle of Least Privilege - ans-A security discipline that requires that a particular
user, system, or application be given no more privilege than necessary to perform
its function or job.
protected enclave - ans-segment of internal network defined by common security
policies
GSEC Exam Questions And Answers 100%
Guaranteed Success 2025.
conceptual design - ans-high level design that includes core components of
network architecture | 'black box' I/O | legal, environmental safety | customer
experience | multidisciplinary
logical design - ans-depicts how data flows across different devices in network |
detailed, rather than abstract network diagram | services, application names | for
developers and security architects | shows servers workstations routers
firewalls...
physical design - ans-last before implementation | all known details | physical
components and connections | OS versions
communications flow - ans-dictated by logical design, shows how data flows in
and out of the network | informs threat model; attack surface and vectors;
estimate impact; determines defense
intellectual property (IP) - ans-dictated by logical architecture | key is reduce
number or locations where present; subject to copyright
router - ans-device that connects different networks together internal and
external | forwards data packets between computer networks | operates at OSI
L3, handles packets
switch - ans-networking device that connects computers together to form
physical and virtual networks | handles frames at OSI L2
, Page |2
Kismet - ans-Linux WLAN sniffer completely passive used for vulnerability
assessment and intrusion detection
threat enumeration - ans-list threat agents | list attack methods | list system-level
objectives
threat agents (3) - ans-human or not | organized crime | espionage | hactivist
Advanced Persistent Threat (APT) - ans-An organized group of attackers who are
highly motivated, skilled, and patient. They are often sponsored by a government,
are focused on a specific target, and will continue attacking for a very long time
until they achieve their goal.
DoS - ans-An availability attack, to consume resources to the point of exhaustion;
Denial of Service; flood of ICMP requests targets router takes down server
DDoS - ans-Denial of service attack committed using many computers, usually
zombies on a botnet.
packet sniffing - ans-capture network traffic for analysis | no longer requires
physical access to network due to prevalence of wifi
packet misroute - ans-malware on router sends traffic to evil location or causes
routing loops DoS or network congestion
XSS - ans-Cross-site scripting. Attacker redirects users to malicious websites, steal
cookies. E-mail can include an embedded HTML image object or a JavaScript
, Page |3
image tag as part of a malicious cross-site scripting attack. Prevent with input
validation.
CSRF - ans-Cross-Site Request Forgery--Third-party redirect of static content
within the security context of a trusted site.
SYN flood - ans-A type of DoS where an attacker sends a large amount of SYN
request packets to a server in an attempt to deny service.
TCP reset - ans-attacker sniffs target traffic the spoofs packet with RST flag set to
end session
routing table poisoning - ans-routers exchange data to build tables; attacker
injects bad data
CDP - ans-Cisco Discovery Protocol; transmits in the clear; manipulation attack;
disable this protocol
MAC flood - ans-An attack that sends numerous packets to the switch, each of
which has a different source MAC address, in an attempt to use up the memory
on the switch and switch can downgrade to hub
DHCP spoofing attack - ans-MitM attack listens for DHCP traffic then sends
attacker IP address as default gateway
STP - ans-Spanning Tree Protocol. Protocol enabled on most switches that
protects against switching loops. A switching loop can be caused if two ports of a
, Page |4
switch are connected together, such as those caused when two ports of a switch
are connected together.
VLAN hop - ans-spoof 802.1Q tags, attacker can frames to diff VLAN w/o router
physical topology - ans-how a network is wired together; includes wifi
ethernet - ans-a system for connecting a number of computer systems to form a
local area network, with protocols to control the passing of information and to
avoid simultaneous transmission by two or more systems.
full duplex - ans-simultaneous send / receive for two nodes; Any device that can
send and receive data simultaneously.
CSMA / CD - ans-Carrier Sense Multiple Access with Collision Detection. It is the
method for multiple hosts to communicate on a Ethernet.
subnet - ans-A logical subset of a larger network, created by an administrator to
improve network performance or to provide security.
Principle of Least Privilege - ans-A security discipline that requires that a particular
user, system, or application be given no more privilege than necessary to perform
its function or job.
protected enclave - ans-segment of internal network defined by common security
policies
