GCIH | How Many Questions Of GCIH Samples

NEW QUESTION 1
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small- sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Whisker
• B. Fragroute
• C. Nessus
• D. Y.A.T.

Answer: AC

NEW QUESTION 2
Which of the following functions can be used as a countermeasure to a Shell Injection attack?
Each correct answer represents a complete solution. Choose all that apply.

• A. escapeshellarg()
• B. mysql_real_escape_string()
• C. regenerateid()
• D. escapeshellcmd()

Answer: AD

NEW QUESTION 3
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

• A. The attacker must determine the right values for all the form inputs.
• B. The attacker must target a site that doesn't check the referrer header.
• C. The target site should have limited lifetime authentication cookies.
• D. The target site should authenticate in GET and POST parameters, not only cookies.

Answer: AB

NEW QUESTION 4
An attacker sends a large number of packets to a target computer that causes denial of service.
Which of the following type of attacks is this?

• A. Spoofing
• B. Snooping
• C. Phishing
• D. Flooding

Answer: D

NEW QUESTION 5
Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.

• A. It disrupts services to a specific computer.
• B. It changes the configuration of the TCP/IP protocol.
• C. It saturates network resources.
• D. It disrupts connections between two computers, preventing communications between services.

Answer: ACD

NEW QUESTION 6
5.2.92:4079 ---------FIN--------->192.5.2.110:23

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.

• A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
• B. It can be used as a file transfer solution.
• C. It provides outbound and inbound connections for TCP and UDP ports.
• D. The nc -z command can be used to redirect stdin/stdout from a program.

Answer: ABC

NEW QUESTION 8
Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?

• A. Spoofing
• B. Hacking
• C. SYN attack
• D. PING attack

Answer: C

NEW QUESTION 9
Which of the following malicious code can have more than one type of trigger, multiple task capabilities, and can replicate itself in more than one manner?

• A. Macro virus
• B. Blended threat
• C. Trojan
• D. Boot sector virus

Answer: B

NEW QUESTION 10
Which of the following are types of access control attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Spoofing
• B. Brute force attack
• C. Dictionary attack
• D. Mail bombing

Answer: ABC

NEW QUESTION 11
Which of the following Trojans is used by attackers to modify the Web browser settings?

• A. Win32/FlyStudio
• B. Trojan.Lodear
• C. WMA/TrojanDownloader.GetCodec
• D. Win32/Pacex.Gen

Answer: A

NEW QUESTION 12
Which of the following tools can be used for steganography?
Each correct answer represents a complete solution. Choose all that apply.

• A. Image hide
• B. Stegbreak
• C. Snow.exe
• D. Anti-x

Answer: AC

NEW QUESTION 13
Which of the following attacks saturates network resources and disrupts services to a specific computer?

• A. Replay attack
• B. Teardrop attack
• C. Denial-of-Service (DoS) attack
• D. Polymorphic shell code attack

Answer: C

NEW QUESTION 14
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
Each correct answer represents a complete solution. Choose all that apply.

• A. Misconfiguration (e.
• B. open mail relay, missing patches, etc.)
• C. Vulnerabilities that allow a remote cracker to control sensitive data on a system
• D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
• E. Vulnerabilities that help in Code injection attacks

Answer: ABC

NEW QUESTION 15
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

• A. The attack was social engineering and the firewall did not detect it.
• B. Security was not compromised as the webpage was hosted internally.
• C. The attack was Cross Site Scripting and the firewall blocked it.
• D. Security was compromised as keylogger is invisible for firewall.

Answer: A

NEW QUESTION 16
Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?

• A. SID filtering
• B. Cookie poisoning
• C. Cross-site scripting
• D. Privilege Escalation

Answer: C

NEW QUESTION 17
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

• A. Ping flood attack
• B. Fraggle DoS attack
• C. Teardrop attack
• D. Smurf DoS attack

Answer: B

NEW QUESTION 18
......