[Free] 2017(Sep) EnsurePass Testinsides GIAC GCIH Dumps with VCE and PDF 141-150

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCIH.html

GIAC Certified Incident Handler

Question No: 141 – (Topic 2)

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

  1. Hunt

  2. IPChains

  3. Ethercap

  4. Tripwire

Answer: A

Question No: 142 – (Topic 2)

James works as a Database Administrator for Techsoft Inc. The company has a SQL Server 2005 computer. The computer has a database named Sales. Users complain that the performance of the database has deteriorated. James opens the System Monitor tool and finds that there is an increase in network traffic. What kind of attack might be the cause of the performance deterioration?

  1. Denial-of-Service

  2. Injection

  3. Internal attack

  4. Virus

Answer: A

Question No: 143 – (Topic 2)

Which of the following are open-source vulnerability scanners?

  1. Nessus

  2. Hackbot

  3. NetRecon

  4. Nikto

Answer: A,B,D

Question No: 144 – (Topic 2)

Mark works as a Network Administrator for Net Perfect Inc. The company has a Windows- based network. The company uses Check Point SmartDefense to provide security to the network. Mark uses SmartDefense on the HTTP servers of the company to fix the limitation for the maximum response header length. Which of the following attacks can be blocked by defining this limitation?

  1. HTR Overflow worms and mutations

  2. Ramen worm attack

  3. Melissa virus attack

  4. Shoulder surfing attack

Answer: A

Question No: 145 – (Topic 2)

Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?

Each correct answer represents a complete solution. Choose all that apply.

  1. nmap

  2. scanlogd

  3. libnids

  4. portsentry

Answer: B,C,D

Question No: 146 – (Topic 2)

Which of the following viruses/worms uses the buffer overflow attack?

  1. Chernobyl (CIH) virus

  2. Nimda virus

  3. Klez worm

  4. Code red worm

Answer: D

Question No: 147 – (Topic 2)

Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN. What steps can be used as a countermeasure of ARP spoofing?

Each correct answer represents a complete solution. Choose all that apply.

  1. Using smash guard utility

  2. Using ARP Guard utility

  3. Using static ARP entries on servers, workstation and routers

  4. Using ARP watch utility

  5. Using IDS Sensors to check continually for large amount of ARP traffic on local subnets

Answer: B,C,D,E

Question No: 148 – (Topic 2)

Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.

How long will it take to crack the password by an attacker?

  1. 22 hours

  2. 23 days

  3. 200 years

  4. 5 minutes

Answer: D

Question No: 149 – (Topic 2)

In which of the following attacks does the attacker gather information to perform an access attack?

  1. Land attack

  2. Reconnaissance attack

  3. Vulnerability attack

  4. DoS attack

Answer: B

Question No: 150 – (Topic 2)

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre-attack phase:

l Information gathering

l Determining network range l Identifying active machines

l Finding open ports and applications l OS fingerprinting

l Fingerprinting services

Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?

Each correct answer represents a complete solution. Choose all that apply.

  1. Ettercap

  2. Traceroute

  3. Cheops

  4. NeoTrace

Answer: B,C,D

100% Ensurepass Free Download!
Download Free Demo:GCIH Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCIH Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.