Cause all that matters here is passing the GIAC GCIH exam. Cause all that you need is a high score of GCIH GIAC Certified Incident Handler exam. The only one thing you need to do is downloading Certleader GCIH exam study guides now. We will not let you down with our money-back guarantee.

Free GCIH Demo Online For GIAC Certifitcation:

NEW QUESTION 1
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values:
ItemID1=2
ItemPrice1=900
ItemID2=1
ItemPrice2=200
Modified cookie values:
ItemID1=2
ItemPrice1=1
ItemID2=1
ItemPrice2=1
Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?

  • A. Computer-based social engineering
  • B. Man-in-the-middle attack
  • C. Cross site scripting
  • D. Cookie poisoning

Answer: D

NEW QUESTION 2
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

  • A. Scanning
  • B. Preparation
  • C. gaining access
  • D. Reconnaissance

Answer: B

NEW QUESTION 3
Which of the following provides packet-level encryption between hosts in a LAN?

  • A. PPTP
  • B. IPsec
  • C. PFS
  • D. Tunneling protocol

Answer: B

NEW QUESTION 4
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

  • A. Block all outgoing traffic on port 21
  • B. Block all outgoing traffic on port 53
  • C. Block ICMP type 13 messages
  • D. Block ICMP type 3 messages

Answer: C

NEW QUESTION 5
Which of the following HTTP requests is the SQL injection attack?

  • A. http://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al
  • B. http://www.victim.com/example?accountnumber=67891&creditamount=999999999
  • C. http://www.myserver.com/search.asp?lname=adam%27%3bupdate%20usertable%20set% 20pass wd%3d %27hCx0r%27%3b--%00
  • D. http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f% 2fwww.yourser ver.c0m %2fbadscript.js%22%3e%3c%2fscript%3e

Answer: C

NEW QUESTION 6
You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

  • A. Scanning
  • B. Covering tracks
  • C. Reconnaissance
  • D. Gaining access

Answer: C

NEW QUESTION 7
You work as a System Engineer for Cyber World Inc. Your company has a single Active Directory domain. All servers in the domain run Windows Server 2008. The Microsoft Hyper-V server role has been installed on one of the servers, namely uC1. uC1 hosts twelve virtual machines. You have been given the task to configure the Shutdown option for uC1, so that each virtual machine shuts down before the main Hyper-V server shuts down. Which of the following actions will you perform to accomplish the task?

  • A. Enable the Shut Down the Guest Operating System option in the Automatic Stop Action Properties on each virtual machine.
  • B. Manually shut down each of the guest operating systems before the server shuts down.
  • C. Create a batch file to shut down the guest operating system before the server shuts down.
  • D. Create a logon script to shut down the guest operating system before the server shuts down.

Answer: A

NEW QUESTION 8
You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare-secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.
What steps should you take to accomplish the task?

  • A. You will use the ftp service.
  • B. You will use Wireshark.
  • C. You will use CryptCat instead of NetCat.
  • D. You will use brutus.

Answer: C

NEW QUESTION 9
Which of the following terms describes an attempt to transfer DNS zone data?

  • A. Reconnaissance
  • B. Encapsulation
  • C. Dumpster diving
  • D. Spam

Answer: A

NEW QUESTION 10
Which of the following threats is a combination of worm, virus, and Trojan horse characteristics?

  • A. Spyware
  • B. Heuristic
  • C. Blended
  • D. Rootkits

Answer: C

NEW QUESTION 11
Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services.
Which of the following are the techniques used for network mapping by large organizations?
Each correct answer represents a complete solution. Choose three.

  • A. Packet crafting
  • B. Route analytics
  • C. SNMP-based approaches
  • D. Active Probing

Answer: BCD

NEW QUESTION 12
What is the major difference between a worm and a Trojan horse?

  • A. A worm spreads via e-mail, while a Trojan horse does not.
  • B. A worm is a form of malicious program, while a Trojan horse is a utility.
  • C. A worm is self replicating, while a Trojan horse is not.
  • D. A Trojan horse is a malicious program, while a worm is an anti-virus software.

Answer: C

NEW QUESTION 13
Which of the following are open-source vulnerability scanners?

  • A. Nessus
  • B. Hackbot
  • C. NetRecon
  • D. Nikto

Answer: ABD

NEW QUESTION 14
Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

  • A. Fraggle
  • B. Ping flood
  • C. Bonk
  • D. Smurf

Answer: C

NEW QUESTION 15
Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.

  • A. NetBIOS remote installation
  • B. Any fake executable
  • C. Spywares and adware
  • D. ActiveX controls, VBScript, and Java scripts

Answer: ABCD

NEW QUESTION 16
Choose and reorder the steps of an incident handling process in their correct order.
GCIH dumps exhibit


Solution:
GCIH dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 17
......

100% Valid and Newest Version GCIH Questions & Answers shared by Downloadfreepdf.net, Get Full Dumps HERE: https://www.downloadfreepdf.net/GCIH-pdf-download.html (New 328 Q&As)