GCIH | Refined GIAC GCIH Free Download Online

NEW QUESTION 1
You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do
nc -q 2 -v $i 80 < request.txt done
Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?

• A. You want to put nmap in the listen mode to the hosts given in the IP address list.
• B. You want to perform banner grabbing to the hosts given in the IP address list.
• C. You want to perform port scanning to the hosts given in the IP address list.
• D. You want to transfer file hostlist.txt to the hosts given in the IP address list.

Answer: B

NEW QUESTION 2
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

• A. Vulnerability attack
• B. Impersonation attack
• C. Social Engineering attack
• D. Denial-of-Service attack

Answer: D

NEW QUESTION 3
Which of the following types of attacks slows down or stops a server by overloading it with requests?

• A. DoS attack
• B. Impersonation attack
• C. Network attack
• D. Vulnerability attack

Answer: A

NEW QUESTION 4
You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

• A. Scanning
• B. Covering tracks
• C. Reconnaissance
• D. Gaining access

Answer: C

NEW QUESTION 5
Which of the following is the method of hiding data within another media type such as graphic or document?

• A. Spoofing
• B. Steganography
• C. Packet sniffing
• D. Cryptanalysis

Answer: B

NEW QUESTION 6
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

• A. Hardware
• B. Grayware
• C. Firmware
• D. Melissa

Answer: B

NEW QUESTION 7
Which of the following are the automated tools that are used to perform penetration testing?
Each correct answer represents a complete solution. Choose two.

• A. Pwdump
• B. Nessus
• C. EtherApe
• D. GFI LANguard

Answer: BD

NEW QUESTION 8
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.

• A. It contains Trojans.
• B. It is a virus.
• C. It is antivirus.
• D. It is a collection of various hacking tools.

Answer: AD

NEW QUESTION 9
Which of the following is the difference between SSL and S-HTTP?

• A. SSL operates at the application layer and S-HTTP operates at the network layer.
• B. SSL operates at the application layer and S-HTTP operates at the transport layer.
• C. SSL operates at the network layer and S-HTTP operates at the application layer.
• D. SSL operates at the transport layer and S-HTTP operates at the application layer.

Answer: D

NEW QUESTION 10
John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

• A. SQL injection
• B. Denial-of-Service
• C. Buffer overflow
• D. Cross site scripting

Answer: C

NEW QUESTION 11
Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?

• A. Hypervisor rootkit
• B. Boot loader rootkit
• C. Kernel level rootkit
• D. Library rootkit

Answer: C

NEW QUESTION 12
Which of the following tools is described in the statement given below?
"It has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DdoS zombies and Trojans as well."

• A. SARA
• B. Nessus
• C. Anti-x
• D. Nmap

Answer: B

NEW QUESTION 13
Which of the following attacks can be overcome by applying cryptography?

• A. Buffer overflow
• B. Web ripping
• C. Sniffing
• D. DoS

Answer: C

NEW QUESTION 14
Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).
What attack will his program expose the Web application to?

• A. Format string attack
• B. Cross Site Scripting attack
• C. SQL injection attack
• D. Sequence++ attack

Answer: A

NEW QUESTION 15
Who are the primary victims of smurf attacks on the contemporary Internet system?

• A. IRC servers are the primary victims to smurf attacks
• B. FTP servers are the primary victims to smurf attacks
• C. SMTP servers are the primary victims to smurf attacks
• D. Mail servers are the primary victims to smurf attacks

Answer: A

NEW QUESTION 16
Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?

• A. Create incident manual read it every time incident occurs.
• B. Appoint someone else to check the procedures.
• C. Create incident checklists.
• D. Create new sub-team to keep check.

Answer: C

NEW QUESTION 17
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

• A. Scanning
• B. Preparation
• C. gaining access
• D. Reconnaissance

Answer: B

NEW QUESTION 18
......