Cyber Monday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GCIH - GIAC Certified Incident Handler

GIAC GCIH Premium Access     Download Demo    
Page: 2 / 10
Total 328 questions

You execute the following netcat command:

c:\target\nc -1 -p 53 -d -e cmd.exe

What action do you want to perform by issuing the above command?

A.

Listen the incoming data and performing port scanning

B.

Capture data on port 53 and performing banner grabbing

C.

Capture data on port 53 and delete the remote shell

D.

Listen the incoming traffic on port 53 and execute the remote shell

You want to create an SSH tunnel for POP and SMTP protocols. Which of the following commands will you run?

A.

ssh -L 110:mailhost:110 -L 25

B.

ssh -L 110:mailhost:110 -L 25:mailhost:25 -1

C.

ssh -L 25:mailhost:110 -L 110

D.

ssh -L 110:mailhost:110 -L 25:mailhost:25 -1 user -N mailhost

Which of the following statements about threats are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

A threat is a weakness or lack of safeguard that can be exploited by vulnerability, thus causing harm to the information systems or networks.

B.

A threat is a potential for violation of security which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.

C.

A threat is a sequence of circumstances and events that allows a human or other agent to cause an information-related misfortune by exploiting vulnerability in an IT product.

D.

A threat is any circumstance or event with the potential of causing harm to a system in the form of destruction, disclosure, modification of data, or denial of service.

Which of the following is the most common vulnerability that can affect desktop applications written in native code?

A.

SpyWare

B.

DDoS attack

C.

Malware

D.

Buffer overflow

Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking?

Each correct answer represents a complete solution. Choose all that apply.

A.

An attacker should know the IP address of a host located behind the firewall.

B.

ICMP packets leaving the network should be allowed.

C.

There should be a backdoor installed on the network.

D.

An attacker should know the IP address of the last known gateway before the firewall.

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Whisker

B.

Fragroute

C.

Nessus

D.

Y.A.T.

Which of the following protocols is a maintenance protocol and is normally considered a part of the IP layer, but has also been used to conduct denial-of-service attacks?

A.

ICMP

B.

L2TP

C.

TCP

D.

NNTP

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?

A.

Replay

B.

Firewalking

C.

Session fixation

D.

Cross site scripting

You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare- secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.

While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.

What steps should you take to accomplish the task?

A.

You will use the ftp service.

B.

You will use Wireshark.

C.

You will use CryptCat instead of NetCat.

D.

You will use brutus.

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

A.

Email spoofing

B.

Steganography

C.

Web ripping

D.

Social engineering