GIAC GCIH Free Practice Questions

NEW QUESTION 1
Which of the following types of channels is used by Trojans for communication?

• A. Loop channel
• B. Open channel
• C. Covert channel
• D. Overt channel

Answer: C

NEW QUESTION 2
Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task:

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 3
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker's intentions?

• A. Internal attack
• B. Reconnaissance attack
• C. Land attack
• D. DoS attack

Answer: D

NEW QUESTION 4
Which of the following rootkits is used to attack against full disk encryption systems?

• A. Boot loader rootkit
• B. Library rootkit
• C. Hypervisor rootkit
• D. Kernel level rootkit

Answer: A

NEW QUESTION 5
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

• A. Hardware
• B. Grayware
• C. Firmware
• D. Melissa

Answer: B

NEW QUESTION 6
Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?

• A. Biometric device
• B. Security token
• C. Proximity cards
• D. One Time Password

Answer: B

NEW QUESTION 7
Which of the following types of malware does not replicate itself but can spread only when the circumstances are beneficial?

• A. Mass mailer
• B. Worm
• C. Blended threat
• D. Trojan horse

Answer: D

NEW QUESTION 8
Which of the following is executed when a predetermined event occurs?

• A. Trojan horse
• B. Logic bomb
• C. MAC
• D. Worm

Answer: B

NEW QUESTION 9
Which of the following incident response team members ensures that the policies of the organization are enforced during the incident response?

• A. Information Security representative
• B. Legal representative
• C. Human Resource
• D. Technical representative

Answer: C

NEW QUESTION 10
Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?

• A. SID filtering
• B. Cookie poisoning
• C. Cross-site scripting
• D. Privilege Escalation

Answer: C

NEW QUESTION 11
Adam works as a Network administrator for Umbrella Inc. He noticed that an ICMP ECHO requests is coming from some suspected outside sources. Adam suspects that some malicious hacker is trying to perform ping sweep attack on the network of the company. To stop this malicious activity, Adam blocks the ICMP ECHO request from any outside sources.
What will be the effect of the action taken by Adam?

• A. Network turns completely immune from the ping sweep attacks.
• B. Network is still vulnerable to ping sweep attack.
• C. Network is protected from the ping sweep attack until the next reboot of the server.
• D. Network is now vulnerable to Ping of death attack.

Answer: B

NEW QUESTION 12
You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

• A. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionStartup
• B. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionAuto
• C. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices
• D. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionStart

Answer: C

NEW QUESTION 13
Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

• A. Extensible Authentication Protocol (EAP)
• B. WEP
• C. MAC address filtering
• D. Wireless Transport Layer Security (WTLS)

Answer: C

NEW QUESTION 14
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

• A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
• B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
• C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
• D. tcp wrapper protects a Linux server from IP address spoofing.

Answer: ABC

NEW QUESTION 15
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre- attack phase:
l Information gathering
l Determining network range
l Identifying active machines
l Finding open ports and applications
l OS fingerprinting
l Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Ettercap
• B. Traceroute
• C. Cheops
• D. NeoTrace

Answer: BCD

NEW QUESTION 16
Mark works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network. Mark uses SmartDefense on the HTTP servers of the company to fix the limitation for the maximum response header length. Which of the following attacks can be blocked by defining this limitation?

• A. HTR Overflow worms and mutations
• B. Ramen worm attack
• C. Melissa virus attack
• D. Shoulder surfing attack

Answer: A

NEW QUESTION 17
Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

• A. Shoulder surfing
• B. File integrity auditing
• C. Reconnaissance
• D. Spoofing

Answer: B

NEW QUESTION 18
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of the company complains to John that his system contains an unknown package named as tar.gz and his documents are exploited. To resolve the problem, John uses a Port scanner to enquire about the open ports and finds out that the HTTP server service port on 27374 is open. He suspects that the other computers on the network are also facing the same problem. John discovers that a malicious application is using the synscan tool to randomly generate IP addresses.
Which of the following worms has attacked the computer?

• A. Code red
• B. Ramen
• C. LoveLetter
• D. Nimda

Answer: B

NEW QUESTION 19
Which of the following is a technique for creating Internet maps?
Each correct answer represents a complete solution. Choose two.

• A. Active Probing
• B. AS PATH Inference
• C. Object Relational Mapping
• D. Network Quota

Answer: AB

NEW QUESTION 20
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?

• A. 22 hours
• B. 23 days
• C. 200 years
• D. 5 minutes

Answer: D

NEW QUESTION 21
......