GIAC GCIH Exam Dumps

SIMULATION Fill in the blank with the correct numeric value. ARP poisoning is achieved in ______ steps.

Which of the following types of scan does not open a full TCP connection?

Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?

In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

Which of the following is the method of hiding data within another media type such as graphic or document?

Which of the following languages are vulnerable to a buffer overflow attack? Each correct answer represents a complete solution. Choose all that apply.

You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?

Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform a user must install a packet capture library. What is the name of this library?

Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly?

Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer. After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting. for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done Which of the following actions does Adam want to perform by the above command?

You are the Administrator for a corporate network. You are concerned about denial of service attacks. Which of the following would be the most help against Denial of Service (DOS) attacks?

You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning. The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident. Which of the following steps of an incident handling process was performed by the incident response team?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

Which of the following tools is described in the statement given below? "It has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DdoS zombies and Trojans as well."

Which of the following virus is a script that attaches itself to a file or template?

Which of the following would allow you to automatically close connections or restart a server or service when a DoS attack is detected?

John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He enters a single quote in the input field of the login page of the Weare-secure Web site and receives the following error message: Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14' This error message shows that the We-are-secure Website is vulnerable to __________.

Peter works as a Network Administrator for the PassGuide Inc. The company has a Windowsbased network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

Which of the following attacks saturates network resources and disrupts services to a specific computer?

Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denialof-service, or unauthorized changes to system hardware, software, or data?

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

You execute the following netcat command: c:\target\nc -1 -p 53 -d -e cmd.exe What action do you want to perform by issuing the above command?

Which of the following scanning tools is also a network analysis tool that sends packets with nontraditional IP stack parameters and allows the scanner to gather information from the response packets generated?