Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GPEN - GIAC Penetration Tester

GIAC GPEN Premium Access     Download Demo    
Page: 1 / 12
Total 385 questions

How many bits encryption does SHA-1 use?

A.

140

B.

512

C.

128

D.

160

What happens when you scan a broadcast IP address of a network?

Each correct answer represents a complete solution. Choose all that apply.

A.

It may show smurf DoS attack in the network IDS of the victim.

B.

It leads to scanning of all the IP addresses on that subnet at the same time.

C.

It will show an error in the scanning process.

D.

Scanning of the broadcast IP address cannot be performed.

Which of the following is a tool for SSH and SSL MITM attacks?

A.

Ettercap

B.

Cain

C.

Dsniff

D.

AirJack

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?

A.

The zombie computer is not connected to the we-are-secure.com Web server.

B.

The zombie computer is the system interacting with some other system besides your comp uter.

C.

Hping does not perform idle scanning.

D.

The firewall is blocking the scanning process.

You run the following bash script in Linux:

for i in 'cat hostlist.txt' ;do nc -q 2 -v $i 80 < request.txt done where, hostlist.txt file contains the list of IP addresses and request.txt is the output file.

Which of the following tasks do you want to perform by running this script?

A.

You want to perform port scanning to the hosts given in the IP address list.

B.

You want to transfer file hostlist.txt to the hosts given in the IP address list.

C.

You want to perform banner grabbing to the hosts given in the IP address list.

D.

You want to put nmap in the listen mode to the hosts given in the IP address list.

Fill in the blank with the appropriate act name.

The___ act gives consumers the right to ask emailers to stop spamming them.

What is the sequence in which packets are sent when establishing a connection to a secured network?

A.

Auth, Associate and Probe

B.

Probe, Auth and Associate

C.

Associate, Probe and Auth

D.

Probe. Associate and Auth

You execute the following netcat command:

c:\target\nc -1 -p 53 -d -e cmd.exe

What action do you want to perform by issuing the above command?

A.

Capture data on port 53 and performing banner grabbing.

B.

Capture data on port 53 and delete the remote shell.

C.

Listen the incoming traffic on port 53 and execute the remote shell.

D.

Listen the incoming data and performing port scanning.

Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs?

Each correct answer represents a complete solution. Choose two.

A.

Using personal firewall software on your Laptop.

B.

Using a protocol analyzer on your Laptop to monitor for risks.

C.

Using portscanner like nmap in your network.

D.

Using an IPSec enabled VPN for remote connectivity.

John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters = 'or''=' as a username and successfully logs on to the user page of the Web site. Now, John asks the we-are-secure Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?

A.

Use the escapeshellarg() function

B.

Use the session_regenerate_id() function

C.

Use the mysql_real_escape_string() function for escaping input

D.

Use the escapeshellcmd() function