GIAC Certified Perimeter Protection Analyst

Here you have the best GIAC GPPA practice exam questions

You have 285 total questions to study from
Each page has 5 questions, making a total of 57 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on January 16, 2026
This site is not affiliated with or endorsed by GIAC.

Question 1 of 285

Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

Snort

NetWitness

Wireshark

Netresident

Correct Answer: C

Question 2 of 285

You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline.
This type of IDS is called __________.

Signature Based

Reactive IDS

Anomaly Based

Passive IDS

Correct Answer: C

Question 3 of 285

Which of the following are open-source vulnerability scanners? (Choose three.)

Nessus

Hackbot

Nikto

NetRecon

Correct Answer: A, B, C

Question 4 of 285

Suppose you are working as a Security Administrator at ABC Inc. The company has a switched network. You have configured tcpdump in the network which can only see traffic addressed to itself and broadcast traffic.
What will you do when you are required to see all traffic of the network?

Connect the sniffer device to a Switched Port Analyzer (SPAN) port.

Connect the sniffer device to a Remote Switched Port Analyzer (RSPAN) port.

Configure Network Access Control (NAC).

Configure VLAN Access Control List (VACL).

Correct Answer: A

Question 5 of 285

Which of the following techniques is used to identify attacks originating from a botnet?

Recipient filtering

BPF-based filter

IFilter

Passive OS fingerprinting

Correct Answer: D