GCIH | Improve GCIH Question For GIAC Certified Incident Handler Certification

Proper study guides for Rebirth GIAC GIAC Certified Incident Handler certified begins with GIAC GCIH preparation products which designed to deliver the 100% Correct GCIH questions by making you pass the GCIH test at your first time. Try the free GCIH demo right now.

Also have GCIH free dumps questions for you:

NEW QUESTION 1
OutGuess is used for __________ attack.

  • A. Steganography
  • B. Web password cracking
  • C. SQL injection
  • D. Man-in-the-middle

Answer: A

NEW QUESTION 2
Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Linguistic steganography
  • B. Perceptual masking
  • C. Technical steganography
  • D. Text Semagrams

Answer: AD

NEW QUESTION 3
Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

  • A. An example of privilege escalation.
  • B. A normal account you simply did not notice befor
  • C. Large networks have a number of accounts; it is hard to track them all.
  • D. A backdoor the intruder created so that he can re-enter the network.
  • E. An example of IP spoofing.

Answer: C

NEW QUESTION 4
You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.

  • A. Place nikto.pl file in the /etc/nessus directory.
  • B. Place nikto.pl file in the /var/www directory.
  • C. Place the directory containing nikto.pl in root's PATH environment variable.
  • D. Restart nessusd service.

Answer: CD

NEW QUESTION 5
Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

  • A. Piggybacking
  • B. Hacking
  • C. Session hijacking
  • D. Keystroke logging

Answer: C

NEW QUESTION 6
You work as a Security Administrator for Net Perfect Inc. The company has a Windows-based network. You want to use a scanning technique which works as a reconnaissance attack. The technique should direct to a specific host or network to determine the services that the host offers.
Which of the following scanning techniques can you use to accomplish the task?

  • A. IDLE scan
  • B. Nmap
  • C. SYN scan
  • D. Host port scan

Answer: D

NEW QUESTION 7
In which of the following attacks does an attacker spoof the source address in IP packets that are sent to the victim?

  • A. Dos
  • B. DDoS
  • C. Backscatter
  • D. SQL injection

Answer: C

NEW QUESTION 8
Which of the following types of attack can guess a hashed password?

  • A. Brute force attack
  • B. Evasion attack
  • C. Denial of Service attack
  • D. Teardrop attack

Answer: A

NEW QUESTION 9
Which of the following can be used as a countermeasure against the SQL injection attack?
Each correct answer represents a complete solution. Choose two.

  • A. mysql_real_escape_string()
  • B. session_regenerate_id()
  • C. mysql_escape_string()
  • D. Prepared statement

Answer: AD

NEW QUESTION 10
You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The company has three Windows 2008 file servers, 150 Windows XP Professional, thirty UNIX-based client computers. The network users have identical user accounts for both Active Directory and the UNIX realm. You want to ensure that the UNIX clients on the network can access the file servers. You also want to ensure that the users are able to access all resources by logging on only once, and that no additional software is installed on the UNIX clients. What will you do to accomplish this task?
Each correct answer represents a part of the solution. Choose two.

  • A. Configure a distributed file system (Dfs) on the file server in the network.
  • B. Enable the Network File System (NFS) component on the file servers in the network.
  • C. Configure ADRMS on the file servers in the network.
  • D. Enable User Name Mapping on the file servers in the network.

Answer: BD

NEW QUESTION 11
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

  • A. Backdoor
  • B. Worm
  • C. Adware
  • D. Spyware

Answer: A

NEW QUESTION 12
Which of the following rootkits patches, hooks, or replaces system calls with versions that hide information about the attacker?

  • A. Library rootkit
  • B. Kernel level rootkit
  • C. Hypervisor rootkit
  • D. Boot loader rootkit

Answer: A

NEW QUESTION 13
Which of the following tools is used to attack the Digital Watermarking?

  • A. Active Attacks
  • B. 2Mosaic
  • C. Steg-Only Attack
  • D. Gifshuffle

Answer: B

NEW QUESTION 14
Mark works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network. Mark uses SmartDefense on the HTTP servers of the company to fix the limitation for the maximum response header length. Which of the following attacks can be blocked by defining this limitation?

  • A. HTR Overflow worms and mutations
  • B. Ramen worm attack
  • C. Melissa virus attack
  • D. Shoulder surfing attack

Answer: A

NEW QUESTION 15
Victor wants to send an encrypted message to his friend. He is using certain steganography technique to accomplish this task. He takes a cover object and changes it accordingly to hide information. This secret information is recovered only when the algorithm compares the changed cover with the original cover.
Which of the following Steganography methods is Victor using to accomplish the task?

  • A. The distortion technique
  • B. The spread spectrum technique
  • C. The substitution technique
  • D. The cover generation technique

Answer: A

NEW QUESTION 16
Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Use of a long random number or string as the session key reduces session hijacking.
  • B. It is used to slow the working of victim's network resources.
  • C. TCP session hijacking is when a hacker takes over a TCP session between two machines.
  • D. It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

Answer: ACD

NEW QUESTION 17
Sharpening, Rotating, Resampling, and Softening the image.
Which of the following Steganography attacks is Victor using?

  • A. Stegdetect Attack
  • B. Chosen-Stego Attack
  • C. Steg-Only Attack
  • D. Active Attacks

Answer: D

NEW QUESTION 18
The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

  • A. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
  • B. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • C. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
  • D. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Answer: C

NEW QUESTION 19
Which of the following penetration testing phases involves reconnaissance or data gathering?

  • A. Attack phase
  • B. Pre-attack phase
  • C. Post-attack phase
  • D. Out-attack phase

Answer: B

NEW QUESTION 20
......

Thanks for reading the newest GCIH exam dumps! We recommend you to try the PREMIUM Allfreedumps.com GCIH dumps in VCE and PDF here: https://www.allfreedumps.com/GCIH-dumps.html (328 Q&As Dumps)