[Free] 2017(Sep) EnsurePass Testinsides GIAC GCIH Dumps with VCE and PDF 41-50

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCIH.html

GIAC Certified Incident Handler

Question No: 41 – (Topic 1)

Which of the following applications is an example of a data-sending Trojan?

  1. SubSeven

  2. Senna Spy Generator

  3. Firekiller 2000

  4. eBlaster

Answer: D

Question No: 42 – (Topic 1)

In which of the following attacking methods does an attacker distribute incorrect IP address?

  1. IP spoofing

  2. Mac flooding

  3. DNS poisoning

  4. Man-in-the-middle

Answer: C

Question No: 43 – (Topic 1)

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters =#39;or#39;#39;=#39; as a username and successfully logs in to the user page of the Web site.

The we-are-secure login page is vulnerable to a .

  1. Dictionary attack

  2. SQL injection attack

  3. Replay attack

  4. Land attack

Answer: B

Question No: 44 – (Topic 1)

Which of the following password cracking attacks is based on a pre-calculated hash table

to retrieve plain text passwords?

  1. Rainbow attack

  2. Brute Force attack

  3. Dictionary attack

  4. Hybrid attack

Answer: A

Question No: 45 – (Topic 1)

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We- are-secure server. The output of the scanning test is as follows:

C:\whisker.pl -h target_IP_address

– whisker / v1.4.0 / rain forest puppy / www.wiretrip.net – = – = – = – = – =

= Host: target_IP_address

= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22

200 OK: HEAD /cgi-bin/printenv

John recognizes /cgi-bin/printenv vulnerability (#39;Printenv#39; vulnerability) in the We_are_secure server. Which of the following statements about #39;Printenv#39; vulnerability are true?

Each correct answer represents a complete solution. Choose all that apply.

  1. This vulnerability helps in a cross site scripting attack.

  2. #39;Printenv#39; vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.

  3. The countermeasure to #39;printenv#39; vulnerability is to remove the CGI script.

  4. With the help of #39;printenv#39; vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Answer: A,C,D

Question No: 46 – (Topic 1)

Which of the following statements about Denial-of-Service (DoS) attack are true? Each correct answer represents a complete solution. Choose three.

  1. It disrupts services to a specific computer.

  2. It changes the configuration of the TCP/IP protocol.

  3. It saturates network resources.

  4. It disrupts connections between two computers, preventing communications between services.

Answer: A,C,D

Question No: 47 – (Topic 1)

You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

  1. Brute force attack

  2. Mail bombing

  3. Distributed denial of service (DDOS) attack

  4. Malware installation from unknown Web sites

Answer: D

Question No: 48 – (Topic 1)

Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

  1. Demon dialing

  2. Warkitting

  3. War driving

  4. Wardialing

Answer: D

Question No: 49 – (Topic 1)

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

  1. Non persistent

  2. Document Object Model (DOM)

  3. SAX

  4. Persistent

Answer: D

Question No: 50 – (Topic 1)

Which of the following statements are true about a keylogger?

Each correct answer represents a complete solution. Choose all that apply.

  1. It records all keystrokes on the victim#39;s computer in a predefined log file.

  2. It can be remotely installed on a computer system.

  3. It is a software tool used to trace all or specific activities of a user on a computer.

  4. It uses hidden code to destroy or scramble data on the hard disk.

Answer: A,B,C

100% Ensurepass Free Download!
Download Free Demo:GCIH Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCIH Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.