Cyber Monday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GPEN - GIAC Penetration Tester

GIAC GPEN Premium Access     Download Demo    
Page: 5 / 12
Total 385 questions

A customer has asked for a scan or vulnerable SSH servers. What is the penetration tester attempting to accomplish using the following Nmap command?

A.

Checking operating system version

B.

Running an exploit against the target

C.

Checking configuration

D.

Checking protocol version

Which of the following best explains why you would warn to clear browser slate (history. cache, and cookies) between examinations of web servers when you've been trapping and altering values with a non-transparent proxy?

A.

Values trapped and stored in the browser will reveal the techniques you've used toexamine the web servers.

B.

Trapping and changing response values is beneficial for web site testing but usingthe same cached values in your browser will prevent you from being able to changethose values.

C.

Trapping and changing response values is beneficial for web site testing but willcause browser instability if not cleared.

D.

Values trapped and changed in the proxy, such as a cookie, will be stored by thebrowser and may impact further testing.

What is the most likely cause of the responses on lines 10 and 11 of the output below?

A.

The device at hop 10 silently drops UDP packets with a high destination port.

B.

The device at hop 10 is down and not forwarding any requests at all.

C.

The host running the tracer utility lost its network connection during the scan

D.

The devices at hops 10 and II did not return an "ICMP TTL Exceeded in Transit" message.

Where are Netcat's own network activity messages, such as when a connection occurs, sent?

A.

Standard Error

B.

Standard input

C.

Standard Logfile

D.

Standard Output

All of the following are advantages of using the Metasploitpriv module for dumping hashes from a local Windows machine EXCEPT:

A.

Doesn't require SMB or NetBIOS access to the target machine

B.

Can run inside of a process owned by any user

C.

Provides less evidence for forensics Investigators to recover

D.

LSASS related reboot problems aren't an Issue

You are performing a vulnerability assessment using Nessus and your clients printers begin printing pages of random text and showing error messages. The client is not happy with the situation. What is the best way to proceed?

A.

Enable the "Skip all primers" option and re-scan

B.

Ensure Safe Checks is enabled in Nessus scan policies

C.

Remove primer IP addresses from your target list

D.

Verify primers are in scope and tell the client In progress scans cannot be stopped

Analyze the command output below. What action is being performed by the tester?

A.

Creating user accounts on 10.0.1.4 and testing privileges

B.

Collecting password hashes for users on 10.0.1.4

C.

Attempting to exploit windows File and Print Sharing service

D.

Gathering Security identifiers for accounts on 10.0.1.4

You are conducting a penetration test for a private contractor located in Singapore. The scope extends to all internal hosts controlled by the company, you have gathered necessary hold-harmless and nondisclosure agreements. Which action by your group can incur criminal liability under Chapter 50a, Computer Misuse Act?

A.

Exploiting vulnerable web services on internal hosts

B.

Attempts at social engineering employees via telephone calls

C.

Testing denial-of-service tolerance of the communications provider

D.

Cracking password hashes on the corporate domain server

Approximately how many packets are usually required to conduct a successful FMS attack onWEP?

A.

250.000

B.

20.000

C.

10.000,000

D.

l (with a weak IV)

What is the purpose of the following command?

C:\>wmic /node:[target IP] /user:[admin-user]

/password:[password] process call create [command]

A.

Running a command on a remote Windows machine

B.

Creating a service on a remote Windows machine

C.

Creating an admin account on a remote Windows machine

D.

Listing the running processes on a remote windows machine