[Free] 2017(Sep) EnsurePass Dumpsleader GIAC GCIH Dumps with VCE and PDF 211-220

EnsurePass
2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCIH.html

GIAC Certified Incident Handler

Question No: 211 – (Topic 3)

Which of the following languages are vulnerable to a buffer overflow attack? Each correct answer represents a complete solution. Choose all that apply.

  1. Java

  2. C

  3. C

  4. Action script

Answer: B,C

Question No: 212 – (Topic 3)

Which of the following tools are used as a network traffic monitoring tool in the Linux operating system?

Each correct answer represents a complete solution. Choose all that apply.

  1. Netbus

  2. IPTraf

  3. MRTG

  4. Ntop

Answer: B,C,D

Question No: 213 – (Topic 3)

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS)

from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

  1. Containment

  2. Preparation

  3. Recovery

  4. Identification

Answer: A

Question No: 214 – (Topic 3)

Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.

In which of the following steps of malicious hacking does dumpster diving come under?

  1. Multi-factor authentication

  2. Role-based access control

  3. Mutual authentication

  4. Reconnaissance

Answer: D

Question No: 215 – (Topic 3)

You enter the following URL on your Web browser:

http://www.we-are-secure.com/scripts/..%co../..%co% af../windows/system32/cmd.exe?/c dir c:\

What kind of attack are you performing?

  1. Directory traversal

  2. Replay

  3. Session hijacking

  4. URL obfuscating

Answer: A

Question No: 216 – (Topic 3)

Which of the following is the method of hiding data within another media type such as graphic or document?

  1. Spoofing

  2. Steganography

  3. Packet sniffing

  4. Cryptanalysis

Answer: B

Question No: 217 – (Topic 3)

Which of the following statements about smurf is true?

  1. It is a UDP attack that involves spoofing and flooding.

  2. It is an ICMP attack that involves spoofing and flooding.

  3. It is an attack with IP fragments that cannot be reassembled.

  4. It is a denial of service (DoS) attack that leaves TCP ports open.

Answer: B

Question No: 218 – (Topic 3)

Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

  1. An example of privilege escalation.

  2. A normal account you simply did not notice before. Large networks have a number of accounts; it is hard to track them all.

  3. A backdoor the intruder created so that he can re-enter the network.

  4. An example of IP spoofing.

Answer: C

Question No: 219 – (Topic 3)

Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

  1. Extensible Authentication Protocol (EAP)

  2. WEP

  3. MAC address filtering

  4. Wireless Transport Layer Security (WTLS)

Answer: C

Question No: 220 – (Topic 3)

Which of the following provides packet-level encryption between hosts in a LAN?

  1. PPTP

  2. IPsec

  3. PFS

  4. Tunneling protocol

Answer: B

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass GCIH Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE