GIAC GCIH Free Practice Questions

NEW QUESTION 1
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

• A. RPC
• B. IDLE
• C. UDP
• D. TCP SYN/ACK

Answer: B

NEW QUESTION 2
Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?

• A. NAT spoofing
• B. DNS cache poisoning
• C. MAC spoofing
• D. ARP spoofing

Answer: C

NEW QUESTION 3
An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition?

• A. Soften
• B. Rotate
• C. Sharpen
• D. Blur

Answer: D

NEW QUESTION 4
Which of the following types of attacks come under the category of hacker attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Smurf
• B. IP address spoofing
• C. Teardrop
• D. Password cracking

Answer: BD

NEW QUESTION 5
Choose and reorder the steps of an incident handling process in their correct order.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6
Which of the following applications is an example of a data-sending Trojan?

• A. SubSeven
• B. Senna Spy Generator
• C. Firekiller 2000
• D. eBlaster

Answer: D

NEW QUESTION 7
You run the following PHP script:
<?php $name = mysql_real_escape_string($_POST["name"]);
$password = mysql_real_escape_string($_POST["password"]); ?>
What is the use of the mysql_real_escape_string() function in the above script.
Each correct answer represents a complete solution. Choose all that apply.

• A. It can be used to mitigate a cross site scripting attack.
• B. It can be used as a countermeasure against a SQL injection attack.
• C. It escapes all special characters from strings $_POST["name"] and $_POST["password"] except ' and ".
• D. It escapes all special characters from strings $_POST["name"] and $_POST["password"].

Answer: BD

NEW QUESTION 8
Which of the following statements about smurf is true?

• A. It is a UDP attack that involves spoofing and flooding.
• B. It is an ICMP attack that involves spoofing and flooding.
• C. It is an attack with IP fragments that cannot be reassembled.
• D. It is a denial of service (DoS) attack that leaves TCP ports open.

Answer: B

NEW QUESTION 9
You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server 2003. The virtual machine is protected by DPM. Now, you want to move the virtual machine to another host. Which of the following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

• A. Remove the original virtual machine from the old server and stop the protection for the original virtual machine.
• B. Run consistency check.
• C. Add the copied virtual machine to a protection group.
• D. Copy the virtual machine to the new server.

Answer: ACD

NEW QUESTION 10
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
Each correct answer represents a complete solution. Choose all that apply.

• A. Misconfiguration (e.
• B. open mail relay, missing patches, etc.)
• C. Vulnerabilities that allow a remote cracker to control sensitive data on a system
• D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
• E. Vulnerabilities that help in Code injection attacks

Answer: ABC

NEW QUESTION 11
5.2.92:4079 ---------FIN--------->192.5.2.110:23

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12
Which of the following is a reason to implement security logging on a DNS server?

• A. For preventing malware attacks on a DNS server
• B. For measuring a DNS server's performance
• C. For monitoring unauthorized zone transfer
• D. For recording the number of queries resolved

Answer: C

NEW QUESTION 13
CORRECT TEXT
Fill in the blank with the appropriate term.
______ is a free Unix subsystem that runs on top of Windows.

• A.

Answer: Cygwin

NEW QUESTION 14
Which of the following applications is NOT used for passive OS fingerprinting?

• A. Networkminer
• B. Satori
• C. p0f
• D. Nmap

Answer: D

NEW QUESTION 15
John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a bad html request in order to retrieve information about the service on the host.

Which of the following attacks is John using?

• A. Sniffing
• B. Eavesdropping
• C. War driving
• D. Banner grabbing

Answer: D

NEW QUESTION 16
Which of the following protocols uses only User Datagram Protocol (UDP)?

• A. POP3
• B. FTP
• C. ICMP
• D. TFTP

Answer: D

NEW QUESTION 17
The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for Exambible Software Systems Pvt. Ltd.? (Click the Exhibit button on the toolbar to see the case study.)

• A. Providing secure communications between the overseas office and the headquarters.
• B. Implementing Certificate services on Texas office.
• C. Protecting employee data on portable computers.
• D. Providing two-factor authentication.
• E. Ensuring secure authentication.
• F. Preventing unauthorized network access.
• G. Providing secure communications between Washington and the headquarters office.
• H. Preventing denial-of-service attacks.

Answer: ACEF

NEW QUESTION 18
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small- sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Whisker
• B. Fragroute
• C. Nessus
• D. Y.A.T.

Answer: AC

NEW QUESTION 19
Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?

• A. US Incident Management System (USIMS)
• B. National Disaster Management System (NDMS)
• C. National Emergency Management System (NEMS)
• D. National Incident Management System (NIMS)

Answer: D

NEW QUESTION 20
You are the Security Consultant and have been hired to check security for a client's network. Your client has stated that he has many concerns but the most critical is the security of Web applications on their Web server. What should be your highest priority then in checking his network?

• A. Setting up IDS
• B. Port scanning
• C. Vulnerability scanning
• D. Setting up a honey pot

Answer: C

NEW QUESTION 21
......