GCIH | Updated GCIH Free Practice Exam For GIAC Certified Incident Handler Certification

Accurate of GCIH real exam materials and vce for GIAC certification for consumer, Real Success Guaranteed with Updated GCIH pdf dumps vce Materials. 100% PASS GIAC Certified Incident Handler exam Today!

Also have GCIH free dumps questions for you:

NEW QUESTION 1
Which of the following would allow you to automatically close connections or restart a server or service when a DoS attack is detected?

  • A. Signature-based IDS
  • B. Network-based IDS
  • C. Passive IDS
  • D. Active IDS

Answer: D

NEW QUESTION 2
Which of the following rootkits is able to load the original operating system as a virtual machine, thereby enabling it to intercept all hardware calls made by the original operating system?

  • A. Kernel level rootkit
  • B. Boot loader rootkit
  • C. Hypervisor rootkit
  • D. Library rootkit

Answer: C

NEW QUESTION 3
Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

  • A. Dictionary attack
  • B. Session Hijacking
  • C. Trojan horse
  • D. Social Engineering

Answer: B

NEW QUESTION 4
Who are the primary victims of smurf attacks on the contemporary Internet system?

  • A. IRC servers are the primary victims to smurf attacks
  • B. FTP servers are the primary victims to smurf attacks
  • C. SMTP servers are the primary victims to smurf attacks
  • D. Mail servers are the primary victims to smurf attacks

Answer: A

NEW QUESTION 5
You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

  • A. Blindside
  • B. Snow
  • C. ImageHide
  • D. Stealth

Answer: D

NEW QUESTION 6
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  • A. Post-attack phase
  • B. On-attack phase
  • C. Attack phase
  • D. Pre-attack phase

Answer: D

NEW QUESTION 7
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

  • A. Block all outgoing traffic on port 21
  • B. Block all outgoing traffic on port 53
  • C. Block ICMP type 13 messages
  • D. Block ICMP type 3 messages

Answer: C

NEW QUESTION 8
Which of the following attacks saturates network resources and disrupts services to a specific computer?

  • A. Replay attack
  • B. Teardrop attack
  • C. Denial-of-Service (DoS) attack
  • D. Polymorphic shell code attack

Answer: C

NEW QUESTION 9
James works as a Database Administrator for Techsoft Inc. The company has a SQL Server 2005 computer. The computer has a database named Sales. Users complain that the performance of the database has deteriorated. James opens the System Monitor tool and finds that there is an increase in network traffic. What kind of attack might be the cause of the performance deterioration?

  • A. Denial-of-Service
  • B. Injection
  • C. Internal attack
  • D. Virus

Answer: A

NEW QUESTION 10
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

  • A. Identification
  • B. Containment
  • C. Eradication
  • D. Preparation

Answer: D

NEW QUESTION 11
Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services.
Which of the following are the techniques used for network mapping by large organizations?
Each correct answer represents a complete solution. Choose three.

  • A. Packet crafting
  • B. Route analytics
  • C. SNMP-based approaches
  • D. Active Probing

Answer: BCD

NEW QUESTION 12
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

  • A. Ping flood attack
  • B. Fraggle DoS attack
  • C. Teardrop attack
  • D. Smurf DoS attack

Answer: B

NEW QUESTION 13
Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Cross-site scripting
  • B. Session fixation
  • C. ARP spoofing
  • D. Session sidejacking

Answer: ABD

NEW QUESTION 14
You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

  • A. Packet manipulation
  • B. Denial-of-Service
  • C. Spoofing
  • D. Eavesdropping

Answer: B

NEW QUESTION 15
CORRECT TEXT
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.

  • A.

Answer: Ingressfiltering

NEW QUESTION 16
Which of the following statements about buffer overflow are true?
Each correct answer represents a complete solution. Choose two.

  • A. It is a situation that occurs when a storage device runs out of space.
  • B. It is a situation that occurs when an application receives more data than it is configured to accept.
  • C. It can improve application performance.
  • D. It can terminate an application.

Answer: BD

NEW QUESTION 17
Choose and reorder the steps of an incident handling process in their correct order.
GCIH dumps exhibit


Solution:
GCIH dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 18
Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication)
l HTTP (HTML Form/CGI)
l POP3 (Post Office Protocol v3)
l FTP (File Transfer Protocol)
l SMB (Server Message Block)
l Telnet
Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Hybrid attack
  • B. Replay attack
  • C. Dictionary attack
  • D. Brute force attack
  • E. Man-in-the-middle attack

Answer: ACD

NEW QUESTION 19
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

  • A. Brute force attack
  • B. Mail bombing
  • C. Distributed denial of service (DDOS) attack
  • D. Malware installation from unknown Web sites

Answer: D

NEW QUESTION 20
......

P.S. Downloadfreepdf.net now are offering 100% pass ensure GCIH dumps! All GCIH exam questions have been updated with correct answers: https://www.downloadfreepdf.net/GCIH-pdf-download.html (328 New Questions)