Exam Code: GCIH (Practice Exam Latest Test Questions VCE PDF)
Exam Name: GIAC Certified Incident Handler
Certification Provider: GIAC
Free Today! Guaranteed Training- Pass GCIH Exam.

Check GCIH free dumps before getting the full version:

NEW QUESTION 1
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

  • A. Containment
  • B. Preparation
  • C. Recovery
  • D. Identification

Answer: A

NEW QUESTION 2
Which of the following attacks is specially used for cracking a password?

  • A. PING attack
  • B. Dictionary attack
  • C. Vulnerability attack
  • D. DoS attack

Answer: B

NEW QUESTION 3
Which of the following nmap command parameters is used for TCP SYN port scanning?

  • A. -sF
  • B. -sU
  • C. -sX
  • D. -sS

Answer: D

NEW QUESTION 4
Which of the following statements about a Trojan horse are true?
Each correct answer represents a complete solution. Choose two.

  • A. It is a macro or script that attaches itself to a file or template.
  • B. The writers of a Trojan horse can use it later to gain unauthorized access to a computer.
  • C. It is a malicious software program code that resembles another normal program.
  • D. It infects the boot record on hard disks and floppy disks.

Answer: BC

NEW QUESTION 5
Which of the following applications is an example of a data-sending Trojan?

  • A. SubSeven
  • B. Senna Spy Generator
  • C. Firekiller 2000
  • D. eBlaster

Answer: D

NEW QUESTION 6
5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE---
---192.5.2.110:23
Scan directed at closed port:
ClientServer


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 7
Which of the following commands can be used for port scanning?

  • A. nc -t
  • B. nc -z
  • C. nc -w
  • D. nc -g

Answer: B

NEW QUESTION 8
Which of the following types of attacks slows down or stops a server by overloading it with requests?

  • A. DoS attack
  • B. Impersonation attack
  • C. Network attack
  • D. Vulnerability attack

Answer: A

NEW QUESTION 9
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint.
Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

  • A. nmap -sS
  • B. nmap -sU -p
  • C. nmap -O -p
  • D. nmap -sT

Answer: C

NEW QUESTION 10
Sharpening, Rotating, Resampling, and Softening the image.
Which of the following Steganography attacks is Victor using?

  • A. Stegdetect Attack
  • B. Chosen-Stego Attack
  • C. Steg-Only Attack
  • D. Active Attacks

Answer: D

NEW QUESTION 11
What is the purpose of configuring a password protected screen saver on a computer?

  • A. For preventing unauthorized access to a system.
  • B. For preventing a system from a Denial of Service (DoS) attack.
  • C. For preventing a system from a social engineering attack.
  • D. For preventing a system from a back door attack.

Answer: A

NEW QUESTION 12
Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target and the valid user cannot be active.
  • B. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target but the valid user can be active.
  • C. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is disconnected.
  • D. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is not disconnected.

Answer: BD

NEW QUESTION 13
The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for Exambible Software Systems Pvt. Ltd.? (Click the Exhibit button on the toolbar to see the case study.)

  • A. Providing secure communications between the overseas office and the headquarters.
  • B. Implementing Certificate services on Texas office.
  • C. Protecting employee data on portable computers.
  • D. Providing two-factor authentication.
  • E. Ensuring secure authentication.
  • F. Preventing unauthorized network access.
  • G. Providing secure communications between Washington and the headquarters office.
  • H. Preventing denial-of-service attacks.

Answer: ACEF

NEW QUESTION 14
Which of the following applications is NOT used for passive OS fingerprinting?

  • A. Networkminer
  • B. Satori
  • C. p0f
  • D. Nmap

Answer: D

NEW QUESTION 15
Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?

  • A. The Electronic Communications Privacy Act of 1986 (ECPA)
  • B. The Fair Credit Reporting Act (FCRA)
  • C. The Equal Credit Opportunity Act (ECOA)
  • D. Federal Information Security Management Act of 2002 (FISMA)

Answer: D

NEW QUESTION 16
Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Phalanx2
  • B. Beastkit
  • C. Adore
  • D. Knark

Answer: CD

NEW QUESTION 17
......

Recommend!! Get the Full GCIH dumps in VCE and PDF From Dumps-hub.com, Welcome to Download: https://www.dumps-hub.com/GCIH-dumps.html (New 328 Q&As Version)