Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GIAC GCIH - GIAC Certified Incident Handler

GIAC GCIH Premium Access     Download Demo    
Page: 8 / 10
Total 328 questions

Which of the following statements about Denial-of-Service (DoS) attack are true?

Each correct answer represents a complete solution. Choose three.

A.

It disrupts services to a specific computer.

B.

It changes the configuration of the TCP/IP protocol.

C.

It saturates network resources.

D.

It disrupts connections between two computers, preventing communications between services.

Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not concerned about being stealth at this point.

Which of the following type of scans would be most accurate and reliable?

A.

UDP sacn

B.

TCP Connect scan

C.

ACK scan

D.

Fin scan

You run the following command while using Nikto Web scanner:

perl nikto.pl -h 192.168.0.1 -p 443

What action do you want to perform?

A.

Using it as a proxy server

B.

Updating Nikto

C.

Seting Nikto for network sniffing

D.

Port scanning

Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason.

Which of the following mistakes made by Jason helped the Forensic Investigators catch him?

A.

Jason did not perform a vulnerability assessment.

B.

Jason did not perform OS fingerprinting.

C.

Jason did not perform foot printing.

D.

Jason did not perform covering tracks.

E.

Jason did not perform port scanning.

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

A.

Piggybacking

B.

Hacking

C.

Session hijacking

D.

Keystroke logging

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure.com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value.

What may be the reason?

A.

The firewall is blocking the scanning process.

B.

The zombie computer is not connected to the we-are-secure.com Web server.

C.

The zombie computer is the system interacting with some other system besides your computer.

D.

Hping does not perform idle scanning.

Which of the following statements are true about tcp wrappers?

Each correct answer represents a complete solution. Choose all that apply.

A.

tcp wrapper provides access control, host address spoofing, client username lookups, etc.

B.

When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.

C.

tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

D.

tcp wrapper protects a Linux server from IP address spoofing.

Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.

Which of the following steps should Adam take to overcome this problem with the least administrative effort?

A.

Create incident manual read it every time incident occurs.

B.

Appoint someone else to check the procedures.

C.

Create incident checklists.

D.

Create new sub-team to keep check.

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

A.

Vulnerability attack

B.

Man-in-the-middle attack

C.

Denial-of-Service (DoS) attack

D.

Impersonation attack

Which of the following tools can be used to perform brute force attack on a remote database?

Each correct answer represents a complete solution. Choose all that apply.

A.

SQLBF

B.

SQLDict

C.

FindSA

D.

nmap