Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCIH - GIAC Certified Incident Handler

GIAC GCIH Premium Access     Download Demo    
Page: 6 / 10
Total 328 questions

Which of the following reads and writes data across network connections by using the TCP/IP protocol?

A.

Fpipe

B.

NSLOOKUP

C.

Netcat

D.

2Mosaic

Against which of the following does SSH provide protection?

Each correct answer represents a complete solution. Choose two.

A.

DoS attack

B.

IP spoofing

C.

Password sniffing

D.

Broadcast storm

Fill in the blank with the appropriate name of the attack.

______ takes best advantage of an existing authenticated connection

Which of the following statements about Ping of Death attack is true?

A.

In this type of attack, a hacker sends more traffic to a network address than the buffer can handle.

B.

This type of attack uses common words in either upper or lower case to find a password.

C.

In this type of attack, a hacker maliciously cuts a network cable.

D.

In this type of attack, a hacker sends ICMP packets greater than 65,536 bytes to crash a system.

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A.

Vulnerability attack

B.

Impersonation attack

C.

Social Engineering attack

D.

Denial-of-Service attack

Which of the following tools is used to attack the Digital Watermarking?

A.

Active Attacks

B.

2Mosaic

C.

Steg-Only Attack

D.

Gifshuffle

Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

A.

Hardware

B.

Grayware

C.

Firmware

D.

Melissa

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

A.

Host

B.

Dig

C.

DSniff

D.

NSLookup

Which of the following are countermeasures to prevent unauthorized database access attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Session encryption

B.

Removing all stored procedures

C.

Applying strong firewall rules

D.

Input sanitization

Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it with chess.exe. Which of the following tools are required in such a scenario?

Each correct answer represents a part of the solution. Choose three.

A.

NetBus

B.

Absinthe

C.

Yet Another Binder

D.

Chess.exe