GIAC GCIH Free Practice Questions

NEW QUESTION 1
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

• A. Brute force attack
• B. Mail bombing
• C. Distributed denial of service (DDOS) attack
• D. Malware installation from unknown Web sites

Answer: D

NEW QUESTION 2
Which of the following hacking tools provides shell access over ICMP?

• A. John the Ripper
• B. Nmap
• C. Nessus
• D. Loki

Answer: D

NEW QUESTION 3
Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

• A. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target and the valid user cannot be active.
• B. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target but the valid user can be active.
• C. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is disconnected.
• D. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is not disconnected.

Answer: BD

NEW QUESTION 4
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. You use SmartDefense on the HTTP servers of the company to fix the limitation for the maximum number of response headers allowed.
Which of the following attacks will be blocked by defining this limitation?
Each correct answer represents a complete solution. Choose all that apply.

• A. Land attack
• B. Code red worm
• C. Backdoor attack
• D. User-defined worm

Answer: BD

NEW QUESTION 5
Which of the following tools is described in the statement given below?
"It has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DdoS zombies and Trojans as well."

• A. SARA
• B. Nessus
• C. Anti-x
• D. Nmap

Answer: B

NEW QUESTION 6
A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to a network. The problems caused by a DoS attack are as follows:
l Saturation of network resources
l Disruption of connections between two computers, thereby preventing communications between services
l Disruption of services to a specific computer
l Failure to access a Web site
l Increase in the amount of spam
Which of the following can be used as countermeasures against DoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Blocking undesired IP addresses
• B. Applying router filtering
• C. Disabling unneeded network services
• D. Permitting network access only to desired traffic

Answer: ABCD

NEW QUESTION 7
Which of the following controls is described in the statement given below?
"It ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at."

• A. Role-based Access Control
• B. Attribute-based Access Control
• C. Discretionary Access Control
• D. Mandatory Access Control

Answer: D

NEW QUESTION 8
Which of the following tools will you use to prevent from session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

• A. OpenSSH
• B. Rlogin
• C. Telnet
• D. SSL

Answer: AD

NEW QUESTION 9
Reducing noise by adjusting color and averaging pixel value.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10
Which of the following IP packet elements is responsible for authentication while using IPSec?

• A. Authentication Header (AH)
• B. Layer 2 Tunneling Protocol (L2TP)
• C. Internet Key Exchange (IKE)
• D. Encapsulating Security Payload (ESP)

Answer: A

NEW QUESTION 11
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

• A. Scanning
• B. Preparation
• C. gaining access
• D. Reconnaissance

Answer: B

NEW QUESTION 12
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.

• A. It contains Trojans.
• B. It is a virus.
• C. It is antivirus.
• D. It is a collection of various hacking tools.

Answer: AD

NEW QUESTION 13
You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

• A. Tripwire
• B. SubSeven
• C. Netstat
• D. Fport

Answer: D

NEW QUESTION 14
Which of the following tools can be used for network sniffing as well as for intercepting conversations through session hijacking?

• A. Ethercap
• B. Tripwire
• C. IPChains
• D. Hunt

Answer: D

NEW QUESTION 15
108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 16
Peter works as a Network Administrator for the Exambible Inc. The company has a Windows- based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

• A. SQL injection attack
• B. Denial-of-Service (DoS) attack
• C. Man-in-the-middle attack
• D. Buffer overflow attack

Answer: B

NEW QUESTION 17
Which of the following describes network traffic that originates from the inside of a network perimeter and progresses towards the outside?

• A. Ingress network
• B. Inwards network
• C. Egress network
• D. Outwards network

Answer: C

NEW QUESTION 18
Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?

• A. Cross Site Scripting attack
• B. Replay attack
• C. Rainbow attack
• D. Hashing attack

Answer: B

NEW QUESTION 19
Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

• A. Cross-site scripting
• B. Session fixation
• C. ARP spoofing
• D. Session sidejacking

Answer: ABD

NEW QUESTION 20
Which of the following steps of incident response is steady in nature?

• A. Containment
• B. Eradication
• C. Preparation
• D. Recovery

Answer: C

NEW QUESTION 21
......