GIAC GCIH - GIAC Certified Incident Handler

Which of the following is used by attackers to obtain an authenticated connection on a network?

You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

Which of the following languages are vulnerable to a buffer overflow attack?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

Which of the following steps of incident response is steady in nature?

Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?

Peter works as a Network Administrator for the PassGuide Inc. The company has a Windows-based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

Which of the following virus is a script that attaches itself to a file or template?