The Secret Of GIAC GPEN Exam Price

NEW QUESTION 1

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He performs a Teardrop attack on the we-are-secure server and observes that the server crashes. Which of the following is the most likely cause of the server crash?

• A. The spoofed TCP SYN packet containing the IP address of the target is filled in both the source and destination field
• B. The we-are-secure server cannot handle the overlapping data fragment
• C. The ICMP packet is larger than 65,536 byte
• D. Ping requests at the server are too hig

Answer: B

NEW QUESTION 2

You are concerned about war driving bringing hackers attention to your wireless network.
What is the most basic step you can take to mitigate this risk?

• A. Implement WEP
• B. Implement WPA
• C. Don't broadcast SSID
• D. Implement MAC filtering

Answer: C

NEW QUESTION 3

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

• A. The we-are-secure.com server is using honeypo
• B. The we-are-secure.com server is using a TCP wrappe
• C. The telnet service of we-are-secure.com has corrupte
• D. The telnet session is being affected by the stateful inspection firewal

Answer: B

NEW QUESTION 4
CORRECT TEXT
Fill in the blank with the appropriate tool.
____scans IP networks for NetBIOS name information and works in the same manner as nbtstat, but it operates on a range of addresses instead of just one.

• A.

Answer: NBTscan

NEW QUESTION 5

Which of the following standards is used in wireless local area networks (WLANs)?

• A. IEEE 802.11b
• B. IEEE 802.5
• C. IEEE 802.3
• D. IEEE 802.4

Answer: A

NEW QUESTION 6

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

• A. Post-attack phase
• B. Attack phase
• C. On-attack phase
• D. Pre-attack phase

Answer: D

NEW QUESTION 7

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. John has gained the access to the network of the organization and placed a backdoor in the network. Now, he wants to clear all event logs related to previous hacking attempts. Which of the following tools can John use if we-are-secure.com is using the Windows 2000 server?
Each correct answer represents a complete solution. Choose two.

• A. elsave.exe
• B. WinZapper
• C. AuditPol
• D. Blindside

Answer: AB

NEW QUESTION 8

__________ firewall architecture uses two NICs with a screening router inserted between the host and the untrusted network.

• A. packet filtering
• B. Screened host
• C. Dual homed host
• D. Screened subnet

Answer: B

NEW QUESTION 9

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

• A. The telnet session is being affected by the stateful inspection firewal
• B. The telnet service of we-are-secure.com has corrupte
• C. The we-are-secure.com server is using a TCP wrappe
• D. The we-are-secure.com server is using honeypo

Answer: C

NEW QUESTION 10

Which of the following is the most common method for an attacker to spoof email?

• A. Back door
• B. Replay attack
• C. Man in the middle attack
• D. Open relay

Answer: D

NEW QUESTION 11

While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers:
C:\>sc winternet.host.com create ncservicebinpath- "c:\tools\ncexe -I -p 2222 -e cmd.exe"
C:\>sc vJnternet.host.com query ncservice.
What is the intent of the commands?

• A. The first command creates a backdoor shell as a servic
• B. It is being started on TCP2222 using cmd.ex
• C. The second command verifies the service is created and itsstatu
• D. The first command creates a backdoor shell as a servic
• E. It is being started on UDP2222 using cmd.ex
• F. The second command verifies the service is created and itsstatu
• G. This creates a service called ncservice which is linked to the cmd.exe command andits designed to stop any instance of nc.exe being ru
• H. The second command verifiesthe service is created and its statu
• I. The first command verifies the service is created and its statu
• J. The secondcommand creates a backdoor shell as a servic
• K. It is being started on TCP 2222connected to cmd.ex

Answer: C

NEW QUESTION 12

John works as an Ethical Hacker for uCertify Inc. He wants to find out the ports that are open in uCertify's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

• A. TCP FIN
• B. Xmas tree
• C. TCP SYN/ACK
• D. TCP SYN

Answer: D

NEW QUESTION 13

Which of the following IEEE standards defines Wired Equivalent Privacy encryption scheme?

• A. 802.15
• B. 802.11b
• C. 802.11a
• D. 802.11g

Answer: B

NEW QUESTION 14

Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

• A. This is where sites typically store sensitive information such as credit card number
• B. These tables contain a list of allowed database applications
• C. The information in these tables will reveal details about the web application's cod
• D. These tables contain metadata that can be queried to gain additional helpful informatio

Answer: D

Explanation:
Reference: http://www.rackspace.com/knowledge_center/article/sql-injection-in-mysql

NEW QUESTION 15

You have received a file named new.com in your email as an attachment. When you
execute this file in your laptop, you get the following message:
'EICAR-STANDARD-ANTIVIRUS-TEST-FILE!'
When you open the file in Notepad, you get the following string:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
What step will you take as a countermeasure against this attack?

• A. Immediately shut down your lapto
• B. Do nothin
• C. Traverse to all of your drives, search new.com files, and delete the
• D. Clean up your laptop with antiviru

Answer: B

NEW QUESTION 16
......