[Free] 2017(Sep) EnsurePass Dumpsleader GIAC GCIH Dumps with VCE and PDF 221-230

EnsurePass
2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/GCIH.html

GIAC Certified Incident Handler

Question No: 221 – (Topic 3)

Which of the following ensures that a party to a dispute cannot deny the authenticity of their signature on a document or the sending of a message that they originated?

  1. OS fingerprinting

  2. Reconnaissance

  3. Non-repudiation

  4. Confidentiality

Answer: C

Question No: 222 – (Topic 3)

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

  1. RPC

  2. IDLE

  3. UDP

  4. TCP SYN/ACK

Answer: B

Question No: 223 – (Topic 3)

Which of the following tools can be used for network sniffing as well as for intercepting conversations through session hijacking?

  1. Ethercap

  2. Tripwire

  3. IPChains

  4. Hunt

Answer: D

Question No: 224 – (Topic 3)

John works as a C programmer. He develops the following C program:

#include lt;stdlib.hgt;

#include lt;stdio.hgt;

#include lt;string.hgt; int buffer(char *str) { char buffer1[10]; strcpy(buffer1, str); return 1;

}

int main(int argc, char *argv[]) { buffer (argv[1]); printf(quot;Executed\nquot;);

return 1;

}

His program is vulnerable to a attack.

  1. SQL injection

  2. Denial-of-Service

  3. Buffer overflow

  4. Cross site scripting

Answer: C

Question No: 225 – (Topic 3)

You want to connect to your friend#39;s computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

  1. PSExec

  2. Remoxec

  3. Hk.exe

  4. GetAdmin.exe

Answer: A

Question No: 226 – (Topic 3)

John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide#39;s server using a port scanner. However, he does not want to establish a full TCP connection.

Which of the following scanning techniques will he use to accomplish this task?

  1. TCP FIN

  2. TCP SYN/ACK

  3. TCP SYN

  4. Xmas tree

Answer: C

Question No: 227 – (Topic 3)

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice#39;s password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?

  1. Replay

  2. Firewalking

  3. Session fixation

  4. Cross site scripting

Answer: A

Question No: 228 – (Topic 3)

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?

Each correct answer represents a complete solution. Choose all that apply.

  1. They allow an attacker to conduct a buffer overflow.

  2. They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.

  3. They allow an attacker to replace utility programs that can be used to detect the attacker#39;s activity.

  4. They allow an attacker to run packet sniffers secretly to capture passwords.

Answer: B,C,D

Question No: 229 – (Topic 3)

Which of the following statements are correct about spoofing and session hijacking? Each correct answer represents a complete solution. Choose all that apply.

  1. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target and the valid user cannot be active.

  2. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target but the valid user can be active.

  3. Session hijacking is an attack in which an attacker takes over the session, and the valid user#39;s session is disconnected.

  4. Session hijacking is an attack in which an attacker takes over the session, and the valid user#39;s session is not disconnected.

Answer: B,D

Question No: 230 – (Topic 3)

Which of the following Trojans is used by attackers to modify the Web browser settings?

  1. Win32/FlyStudio

  2. Trojan.Lodear

  3. WMA/TrojanDownloader.GetCodec

  4. Win32/Pacex.Gen

Answer: A

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass GCIH Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE