Last GCIH practice test reviews: Practice Test GIAC dumps
Try GCIH Free Now! Real Exam Question Answers Updated [Oct 05, 2022]
NEW QUESTION 144
Which of the following threats is a combination of worm, virus, and Trojan horse characteristics?
- A. Spyware
- B. Heuristic
- C. Blended
- D. Rootkits
Answer: C
NEW QUESTION 145
Adam, a novice web user, is very conscious about the security. He wants to visit the Web site that is known to have malicious applets and code. Adam always makes use of a basic Web Browser to perform such testing.
Which of the following web browsers can adequately fill this purpose?
- A. Lynx
- B. Internet explorer
- C. Safari
- D. Mozilla Firefox
Answer: A
Explanation:
Section: Volume B
NEW QUESTION 146
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?
- A. Semi colon (;)
- B. Double quote (")
- C. Dash (-)
- D. Single quote (')
Answer: D
NEW QUESTION 147
Maria works as a professional Ethical Hacker. She recently got a project to test the security of www.we-are-secure.com.
Arrange the three pre-test phases of the attack to test the security of weare-secure.
Answer:
Explanation:
NEW QUESTION 148
Which of the following protocols is a maintenance protocol and is normally considered a part of the IP layer, but has
also been used to conduct denial-of-service attacks
- A. ICMP
- B. L2TP
- C. NNTP
- D. TCP
Answer: A
NEW QUESTION 149
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we- are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = -
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
- A. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
- B. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.
- C. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
- D. This vulnerability helps in a cross site scripting attack.
Answer: B,C,D
Explanation:
Section: Volume A
NEW QUESTION 150
In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?
- A. Cross-site scripting
- B. Session sidejacking
- C. Session fixation
- D. ARP spoofing
Answer: B
NEW QUESTION 151
Which of the following applications is NOT used for passive OS fingerprinting?
- A. Satori
- B. Networkminer
- C. p0f
- D. Nmap
Answer: D
NEW QUESTION 152
Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?
- A. Win32/Conflicker
- B. Win32/Agent
- C. WMA/TrojanDownloader.GetCodec
- D. Win32/PSW.OnLineGames
Answer: A
NEW QUESTION 153
Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Technical steganography
- B. Text Semagrams
- C. Linguistic steganography
- D. Perceptual masking
Answer: B,C
NEW QUESTION 154
Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS
cache poisoning?
- A. BINDER
- B. Split-horizon DNS
- C. Stub resolver
- D. Domain Name System Extension (DNSSEC)
Answer: D
NEW QUESTION 155
Fill in the blank with the appropriate name of the tool.
______ scans for rootkits by comparing SHA-1 hashes of important files with known good ones in online database.
Answer:
Explanation:
rkhunter
NEW QUESTION 156
Which of the following tasks can be performed by using netcat utility?
Each correct answer represents a complete solution. Choose all that apply.
- A. Creating a Backdoor
- B. Checking file integrity
- C. Port scanning and service identification
- D. Firewall testing
Answer: A,C,D
NEW QUESTION 157
Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?
- A. Encryption
- B. RSA algorithm
- C. Public-key cryptography
- D. Steganography
Answer: D
Explanation:
Section: Volume C
NEW QUESTION 158
Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?
- A. Appoint someone else to check the procedures.
- B. Create incident manual read it every time incident occurs.
- C. Create new sub-team to keep check.
- D. Create incident checklists.
Answer: D
NEW QUESTION 159
......
Get Ready to Pass the GCIH exam with GIAC Latest Practice Exam : https://www.dumpexam.com/GCIH-valid-torrent.html
Get Prepared for Your GCIH Exam With Actual GIAC Study Guide!: https://drive.google.com/open?id=1J1rwkbk4YNDvsjz19p0pfF6zB00oZPmZ
