GIAC GCIH - GIAC Certified Incident Handler

Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. On the basis of above information, which of the following types of attack is Adam attempting to perform?

Which of the following rootkits is able to load the original operating system as a virtual machine, thereby enabling it to intercept all hardware calls made by the original operating system?

Which of the following tools will you use to prevent from session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?

Each correct answer represents a complete solution. Choose all that apply.

You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.

Which of the following types of attack has occurred?

Fill in the blank with the appropriate term.

______ is a free Unix subsystem that runs on top of Windows.

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?

You discover that your network routers are being flooded with broadcast packets that have the return address of one of the servers on your network. This is resulting in an overwhelming amount of traffic going back to that server and flooding it. What is this called?

In which of the following attacks does the attacker gather information to perform an access attack?