[Free] 2017(Sep) EnsurePass Testinsides GIAC GCIH Dumps with VCE and PDF 131-140

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!

GIAC Certified Incident Handler

Question No: 131 – (Topic 2)

Which of the following can be used to perform session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

  1. Cross-site scripting

  2. Session fixation

  3. ARP spoofing

  4. Session sidejacking

Answer: A,B,D

Question No: 132 – (Topic 2)

Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

  1. Kernel keylogger

  2. Software keylogger

  3. Hardware keylogger

  4. OS keylogger

Answer: C

Question No: 133 – (Topic 2)

Against which of the following does SSH provide protection?

Each correct answer represents a complete solution. Choose two.

  1. DoS attack

  2. IP spoofing

  3. Password sniffing

  4. Broadcast storm

Answer: B,C

Question No: 134 – (Topic 2)

You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server. Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?

  1. Brute force

  2. Replay

  3. XSS

  4. Cookie poisoning

Answer: A

Question No: 135 – (Topic 2)

You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as .

  1. Port scanning

  2. Cloaking

  3. Firewalking

  4. Spoofing

Answer: C

Question No: 136 – (Topic 2)

Which of the following attacks are examples of Denial-of-service attacks (DoS)? Each correct answer represents a complete solution. Choose all that apply.

  1. Fraggle attack

  2. Smurf attack

  3. Birthday attack

  4. Ping flood attack

Answer: A,B,D

Question No: 137 – (Topic 2)

Which of the following terms describes an attempt to transfer DNS zone data?

  1. Reconnaissance

  2. Encapsulation

  3. Dumpster diving

  4. Spam

Answer: A

Question No: 138 – (Topic 2)

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values: ItemID1=2 ItemPrice1=900 ItemID2=1 ItemPrice2=200

Modified cookie values:

ItemID1=2 ItemPrice1=1 ItemID2=1 ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

  1. Computer-based social engineering

  2. Man-in-the-middle attack

  3. Cross site scripting

  4. Cookie poisoning

Answer: D

Question No: 139 – (Topic 2)

Which of the following statements is true about the difference between worms and Trojan horses?

  1. Trojan horses are a form of malicious codes while worms are not.

  2. Trojan horses are harmful to computers while worms are not.

  3. Worms can be distributed through emails while Trojan horses cannot.

  4. Worms replicate themselves while Trojan horses do not.

Answer: D

Question No: 140 – (Topic 2)

Which of the following types of malware does not replicate itself but can spread only when the circumstances are beneficial?

  1. Mass mailer

  2. Worm

  3. Blended threat

  4. Trojan horse

Answer: D

100% Ensurepass Free Download!
Download Free Demo:GCIH Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCIH Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.