GCIH | A Review Of High Quality GCIH Test Questions

Exambible GCIH Questions are updated and all GCIH answers are verified by experts. Once you have completely prepared with our GCIH exam prep kits you will be ready for the real GCIH exam without a problem. We have Refresh GIAC GCIH dumps study guide. PASSED GCIH First attempt! Here What I Did.

Free GCIH Demo Online For GIAC Certifitcation:

NEW QUESTION 1
Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target and the valid user cannot be active.
  • B. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target but the valid user can be active.
  • C. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is disconnected.
  • D. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is not disconnected.

Answer: BD

NEW QUESTION 2
Which of the following techniques is used when a system performs the penetration testing with the objective of accessing unauthorized information residing inside a computer?

  • A. Van Eck Phreaking
  • B. Phreaking
  • C. Biometrician
  • D. Port scanning

Answer: D

NEW QUESTION 3
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.
The we-are-secure login page is vulnerable to a __________.

  • A. Dictionary attack
  • B. SQL injection attack
  • C. Replay attack
  • D. Land attack

Answer: B

NEW QUESTION 4
Which of the following functions can be used as a countermeasure to a Shell Injection attack?
Each correct answer represents a complete solution. Choose all that apply.

  • A. escapeshellarg()
  • B. mysql_real_escape_string()
  • C. regenerateid()
  • D. escapeshellcmd()

Answer: AD

NEW QUESTION 5
Which of the following steps of incident response is steady in nature?

  • A. Containment
  • B. Eradication
  • C. Preparation
  • D. Recovery

Answer: C

NEW QUESTION 6
When you conduct the XMAS scanning using Nmap, you find that most of the ports scanned do not give a response. What can be the state of these ports?

  • A. Filtered
  • B. Open
  • C. Closed

Answer: B

NEW QUESTION 7
Which of the following is the most common vulnerability that can affect desktop applications written in native code?

  • A. SpyWare
  • B. DDoS attack
  • C. Malware
  • D. Buffer overflow

Answer: D

NEW QUESTION 8
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we- are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

  • A. Hunt
  • B. IPChains
  • C. Ethercap
  • D. Tripwire

Answer: A

NEW QUESTION 9
Which of the following are the rules by which an organization operates?

  • A. Acts
  • B. Policies
  • C. Rules
  • D. Manuals

Answer: B

NEW QUESTION 10
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

  • A. TCP FIN
  • B. FTP bounce
  • C. XMAS
  • D. TCP SYN

Answer: A

NEW QUESTION 11
An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition?

  • A. Soften
  • B. Rotate
  • C. Sharpen
  • D. Blur

Answer: D

NEW QUESTION 12
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Misconfiguration (e.
  • B. open mail relay, missing patches, etc.)
  • C. Vulnerabilities that allow a remote cracker to control sensitive data on a system
  • D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
  • E. Vulnerabilities that help in Code injection attacks

Answer: ABC

NEW QUESTION 13
Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.

  • A. SQLBF
  • B. SQLDict
  • C. FindSA
  • D. nmap

Answer: ABC

NEW QUESTION 14
You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning. The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident.
Which of the following steps of an incident handling process was performed by the incident response team?

  • A. Containment
  • B. Eradication
  • C. Preparation
  • D. Identification

Answer: D

NEW QUESTION 15
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. You use SmartDefense on the HTTP servers of the company to fix the limitation for the maximum number of response headers allowed.
Which of the following attacks will be blocked by defining this limitation?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Land attack
  • B. Code red worm
  • C. Backdoor attack
  • D. User-defined worm

Answer: BD

NEW QUESTION 16
Which of the following types of attacks come under the category of hacker attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Smurf
  • B. IP address spoofing
  • C. Teardrop
  • D. Password cracking

Answer: BD

NEW QUESTION 17
CORRECT TEXT
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.

  • A.

Answer: canary

NEW QUESTION 18
In which of the following attacks does the attacker gather information to perform an access attack?

  • A. Land attack
  • B. Reconnaissance attack
  • C. Vulnerability attack
  • D. DoS attack

Answer: B

NEW QUESTION 19
Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN. What steps can be used as a countermeasure of ARP spoofing?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Using smash guard utility
  • B. Using ARP Guard utility
  • C. Using static ARP entries on servers, workstation and routers
  • D. Using ARP watch utility
  • E. Using IDS Sensors to check continually for large amount of ARP traffic on local subnets

Answer: BCDE

NEW QUESTION 20
......

P.S. Easily pass GCIH Exam with 328 Q&As Thedumpscentre.com Dumps & pdf Version, Welcome to Download the Newest Thedumpscentre.com GCIH Dumps: https://www.thedumpscentre.com/GCIH-dumps/ (328 New Questions)