Act now and download your GIAC GCIH test today! Do not waste time for the worthless GIAC GCIH tutorials. Download Up to the immediate present GIAC GIAC Certified Incident Handler exam with real questions and answers and begin to learn GIAC GCIH with a classic professional.
Online GCIH free questions and answers of New Version:
NEW QUESTION 1
CORRECT TEXT
Fill in the blank with the appropriate name of the rootkit.
A _______ rootkit uses device or platform firmware to create a persistent malware image.
- A.
Answer: firmware
NEW QUESTION 2
John works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. On the HTTP servers of the company, John defines a rule for dropping any kind of userdefined URLs. Which of the following types of attacks can be prevented by dropping the user- defined URLs?
- A. Morris worm
- B. Code red worm
- C. Hybrid attacks
- D. PTC worms and mutations
Answer: D
NEW QUESTION 3
Which of the following statements about reconnaissance is true?
- A. It describes an attempt to transfer DNS zone data.
- B. It is a computer that is used to attract potential intruders or attackers.
- C. It is any program that allows a hacker to connect to a computer without going through the normal authentication process.
- D. It is also known as half-open scanning.
Answer: A
NEW QUESTION 4
You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?
- A. Manual penetration testing
- B. Code review
- C. Automated penetration testing
- D. Vulnerability scanning
Answer: D
NEW QUESTION 5
Which of the following functions can you use to mitigate a command injection attack?
Each correct answer represents a part of the solution. Choose all that apply.
- A. escapeshellarg()
- B. escapeshellcmd()
- C. htmlentities()
- D. strip_tags()
Answer: AB
NEW QUESTION 6
Which of the following controls is described in the statement given below?
"It ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at."
- A. Role-based Access Control
- B. Attribute-based Access Control
- C. Discretionary Access Control
- D. Mandatory Access Control
Answer: D
NEW QUESTION 7
466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.
NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6- 0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 Exambiblegw1. customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19 www.Exambible.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20 www.Exambible.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms
Which of the following is the most like cause of this issue?
- A. An application firewall
- B. Intrusion Detection System
- C. Network Intrusion system
- D. A stateful inspection firewall
Answer: D
NEW QUESTION 8
CORRECT TEXT
Fill in the blank with the correct numeric value.
ARP poisoning is achieved in ______ steps.
- A.
Answer: 2
NEW QUESTION 9
Which of the following is the best method of accurately identifying the services running on a victim host?
- A. Use of the manual method of telnet to each of the open ports.
- B. Use of a port scanner to scan each port to confirm the services running.
- C. Use of hit and trial method to guess the services and ports of the victim host.
- D. Use of a vulnerability scanner to try to probe each port to verify which service is running.
Answer: A
NEW QUESTION 10
Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notices that hops 19 and 20 both show the same IP address.
1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net
(68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net
(68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv. cox.net (68.100.0.1) 16.743 ms 16.207 ms 4 ip68- 100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms 5 68.1.1.4
(68.1.1.4) 12.439 ms 220.166 ms 204.170 ms
6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7
unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "Exambible" - 8 so-0-1- 0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1.
NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0- 0.edge1.NewYork1.Level3.
net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3- oc48.NewYork1.Level3.net
(209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78)
Solution:
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 11
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?
- A. Rainbow attack
- B. Brute Force attack
- C. Dictionary attack
- D. Hybrid attack
Answer: A
NEW QUESTION 12
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?
- A. Scanning
- B. Preparation
- C. gaining access
- D. Reconnaissance
Answer: B
NEW QUESTION 13
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
- A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
- B. It can be used as a file transfer solution.
- C. It provides outbound and inbound connections for TCP and UDP ports.
- D. The nc -z command can be used to redirect stdin/stdout from a program.
Answer: ABC
NEW QUESTION 14
Which of the following are the primary goals of the incident handling team?
Each correct answer represents a complete solution. Choose all that apply.
- A. Freeze the scene.
- B. Repair any damage caused by an incident.
- C. Prevent any further damage.
- D. Inform higher authorities.
Answer: ABC
NEW QUESTION 15
Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?
- A. SID filtering
- B. Cookie poisoning
- C. Cross-site scripting
- D. Privilege Escalation
Answer: C
NEW QUESTION 16
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?
- A. nmap -vO
- B. nmap -sS
- C. nmap -sT
- D. nmap -sO
Answer: D
NEW QUESTION 17
Which of the following tools is used to download the Web pages of a Website on the local system?
- A. wget
- B. jplag
- C. Nessus
- D. Ettercap
Answer: A
NEW QUESTION 18
......
Recommend!! Get the Full GCIH dumps in VCE and PDF From 2passeasy, Welcome to Download: https://www.2passeasy.com/dumps/GCIH/ (New 328 Q&As Version)