GIAC GDSA Actual Free Exam Questions & Community Discussion

Exam Code/Number: GDSA
Exam Name/Title: GIAC Defensible Security Architect
Certification Provider: GIAC
Corresponding Certification: GIAC Cyber Defense

Exam Questions: 184
Updated On: May 29, 2026

Question #61

What is data discovery in the context of data governance?
Response:

A. Identifying and classifying data stored in various locations within an organization

B. Ignoring data privacy regulations

C. Removing all data from the network

D. Migrating all company data to the cloud

Discussion 0

Correct Answer: A Vote an answer

Question #62

SMTP proxies are specifically used to secure which type of network traffic?
Response:

A. HTTP

B. FTP

C. Email

D. DNS

Discussion 0

Correct Answer: C Vote an answer

Question #63

In scaling endpoint log collection for Zero Trust Endpoints, what is a key consideration to ensure effectiveness and efficiency?
Response:

A. Completely automating the response to every log alert to speed up incident response

B. Collecting as much data as possible, regardless of its relevance

C. Ensuring logs are only stored for 24 hours to reduce data storage requirements

D. Prioritizing log data that is most relevant to security and organizing it for rapid analysis

Discussion 0

Correct Answer: D Vote an answer

Question #64

How does data governance assist in compliance with regulations?
Response:

A. By allowing unrestricted data access to all users

B. By ensuring that data handling processes are aligned with legal and regulatory standards

C. By ignoring all compliance requirements

D. By permanently deleting all data to avoid non-compliance issues

Discussion 0

Correct Answer: B Vote an answer

Question #65

Zero Trust fundamentals include measures against insider threats, such as:
Response:

A. Ignoring abnormal access patterns

B. Decreasing the use of encryption

C. Conducting regular user activity reviews

D. Allowing unrestricted data access

Discussion 0

Correct Answer: C Vote an answer

Question #66

Which of the following is a core concept of Domain Isolation in Zero Trust Networking?
Response:

A. Preventing unauthorized devices from communicating with sensitive resources

B. Increasing network speed by limiting encryption

C. Limiting internet access to specific domains

D. Segmenting networks based on geographical locations

Discussion 0

Correct Answer: A Vote an answer

Question #67

Which of the following are proactive defenses aimed at changing attacker behaviors?
(Select all that apply)
Response:

A. Transport Layer Security (TLS)

B. Single Packet Authentication

C. Domain Isolation

D. Red herring defenses

E. Continuous monitoring and analysis

Discussion 0

Correct Answer: D,E Vote an answer

Question #68

The concept of 'presumption of compromise' advises that:
Response:

A. Organizations should assume they are already compromised

B. Preventive security measures are unnecessary

C. Incident response plans are not needed

D. Compromises are always detectable

Discussion 0

Correct Answer: A Vote an answer

Question #69

Which of the following are effective components of network security monitoring?
(Choose two)
Response:

A. Identifying trends and patterns indicative of potential threats

B. Using only signature-based detection methods

C. Analyzing encrypted traffic without decryption

D. Continuously monitoring network traffic for suspicious activities

Discussion 0

Correct Answer: A,D Vote an answer

Question #70

Which technologies can be used to enhance security in a cloud infrastructure?
(Choose two)
Response:

A. Identity and Access Management (IAM)

B. Data Loss Prevention (DLP) tools

C. Manual encryption key management

D. On-premises firewalls

Discussion 0

Correct Answer: A,B Vote an answer

Question #71

Which of the following elements are fundamental to data-centric security?
(Choose two)
Response:

A. Updating software regularly to defend against the latest cybersecurity threats.

B. Masking data to obscure sensitive information from unauthorized personnel.

C. Encrypting data to prevent unauthorized access and ensure its confidentiality.

D. Conducting user awareness training to mitigate human error and enhance security culture.

Discussion 0

Correct Answer: B,C Vote an answer

Question #72

What is the purpose of 802.1X in securing Layer 2 networks?
Response:

A. Preventing Distributed Denial of Service (DDoS) attacks

B. Authenticating devices trying to access the network

C. Encrypting all network traffic

D. Ensuring high network bandwidth

Discussion 0

Correct Answer: B Vote an answer

Question #73

What is the primary benefit of implementing automated patch management within a Zero Trust Endpoint strategy?
Response:

A. Automates backup processes only

B. Ensures timely application of patches, reducing the window of vulnerability

C. Increases the complexity of the system, enhancing security through obscurity

D. Reduces the need for IT staff

Discussion 0

Correct Answer: B Vote an answer

Question #74

What are the primary security benefits of implementing 802.1X on a network?
(Choose two)
Response:

A. It provides automatic routing optimization.

B. It prevents unauthorized network access at the port level.

C. It establishes identity-based network access control.

D. It ensures data encryption across the network.

Discussion 0

Correct Answer: B,C Vote an answer

Question #75

What does micro-segmentation in network security aim to achieve?
(Choose two)
Response:

A. Strengthen internal security controls

B. Increase network traffic

C. Reduce the attack surface within the network

D. Simplify network management

Discussion 0

Correct Answer: A,C Vote an answer

Download Free GIAC GDSA Demo

Simply submit your e-mail address below to get started with our free demo of your GIAC GDSA exam.