Act now and download your GIAC GPEN test today! Do not waste time for the worthless GIAC GPEN tutorials. Download Renew GIAC GIAC Certified Penetration Tester exam with real questions and answers and begin to learn GIAC GPEN with a classic professional.

Check GPEN free dumps before getting the full version:

NEW QUESTION 1
CORRECT TEXT
Fill in the blanks with the appropriate protocol.
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is an IEEE___ encryption protocol created to replace both TKIP and WEP.

  • A.

Answer: 802.11i

NEW QUESTION 2

You've been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is "loading" but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn't displayed the page yet?
GPEN dumps exhibit

  • A. The proxy is likely hung and must be restarte
  • B. The proxy is configured to trap response
  • C. The proxy is configured to trap request
  • D. The site you are trying to reach is currently dow

Answer: C

NEW QUESTION 3

Which of the following techniques are NOT used to perform active OS fingerprinting?
Each correct answer represents a complete solution. Choose all that apply.

  • A. ICMP error message quoting
  • B. Analyzing email headers
  • C. Sniffing and analyzing packets
  • D. Sending FIN packets to open ports on the remote system

Answer: BC

NEW QUESTION 4

When a DNS server transfers its zone file to a remote system, what port does it typically use?

  • A. 53/TCP
  • B. 153/UDP
  • C. 35/TCP
  • D. 53/UDP

Answer: D

Explanation:
Reference:
http://www.networkworld.com/article/2231682/cisco-subnet/cisco-subnet-allow-both-tcp-and-udp-port-53-to-your-dns-servers.html

NEW QUESTION 5

John works as a Professional Ethical Hacker for we-are-secure Inc. The company is using a Wireless network. John has been assigned the work to check the security of WLAN of we-aresecure.
For this, he tries to capture the traffic, however, he does not find a good traffic to analyze data. He has already discovered the network using the ettercap tool. Which of the following tools can he use to generate traffic so that he can crack the Wep keys and enter into the network?

  • A. ICMP ping flood tool
  • B. Kismet
  • C. Netstumbler
  • D. AirSnort

Answer: A

NEW QUESTION 6

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  • A. Post-attack phase
  • B. Attack phase
  • C. Pre-attack phase
  • D. On-attack phase

Answer: C

NEW QUESTION 7

You have compromised a Windows XP system and Injected the Meterpreter payload into the lsass process. While looking over the system you notice that there is a popular
password management program on the system. When you attempt to access the file that contains the password you find it is locked. Further investigation reveals that it is locked by the passmgr process. How can you use the Meterpreter to get access to this file?

  • A. Use the getuid command to determine the user context the process is runningunder, then use the imp command to impersonate that use
  • B. use the getpid command to determine the user context the process is runningunder, then use the Imp command to impersonate that use
  • C. Use the execute command to the passmgr executabl
  • D. That will give you access to the fil
  • E. Use the migrate command to jump to the passmgr proces
  • F. That will give you accessto the fil

Answer: C

NEW QUESTION 8

Analyze the command output below, what action is being performed by the tester?
GPEN dumps exhibit

  • A. Displaying a Windows SAM database
  • B. Listing available workgroup services
  • C. Discovering valid user accounts
  • D. Querying locked out user accounts

Answer: C

NEW QUESTION 9

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:
Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'
This error message shows that the We-are-secure Website is vulnerable to __________.

  • A. A SQL injection attack
  • B. A Denial-of-Service attack
  • C. A buffer overflow
  • D. An XSS attack

Answer: A

NEW QUESTION 10

Which of the following Nmap commands is used to perform a UDP port scan?

  • A. nmap -sS
  • B. nmap -sY
  • C. nmap -sN
  • D. nmap –sU

Answer: D

NEW QUESTION 11

Which of the following tools can be used to find a username from a SID?

  • A. SNMPENUM
  • B. SID
  • C. SID2User
  • D. SIDENUM

Answer: C

NEW QUESTION 12

You are sending a file to an FTP server. The file will be broken into several pieces of information packets (segments) and will be sent to the server. The file will again be reassembled and reconstructed once the packets reach the FTP server. Which of the following information should be used to maintain the correct order of information packets during the reconstruction of the file?

  • A. Acknowledge number
  • B. TTL
  • C. Checksum
  • D. Sequence number

Answer: D

NEW QUESTION 13

You are pen testing a system and want to use Metasploit 3.X to open a listening port on the system so you can access it via a netcat shell. Which stager would you use to have the system listen on TCP port 50000?

  • A. Reverse.tcp
  • B. Bind.tcp
  • C. Fincltag.ord
  • D. Passivex

Answer: B

NEW QUESTION 14

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

  • A. The telnet session is being affected by the stateful inspection firewal
  • B. The telnet service of we-are-secure.com has corrupte
  • C. The we-are-secure.com server is using a TCP wrappe
  • D. The we-are-secure.com server is using honeypo

Answer: C

NEW QUESTION 15

Which of the following is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards and also detects wireless networks marking their relative position with a GPS?

  • A. Kismet
  • B. NetStumbler
  • C. Ettercap
  • D. Tcpdump

Answer: B

NEW QUESTION 16

Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

  • A. Whishker
  • B. SARA
  • C. Nmap
  • D. Nessus

Answer: D

NEW QUESTION 17
......

Thanks for reading the newest GPEN exam dumps! We recommend you to try the PREMIUM Allfreedumps.com GPEN dumps in VCE and PDF here: https://www.allfreedumps.com/GPEN-dumps.html (385 Q&As Dumps)