• Home
  • Articles
  • GIAC Information Security GCIH Exam Dumps and Certification Test Engine [Q163-Q184]

GIAC Information Security GCIH Exam Dumps and Certification Test Engine [Q163-Q184]

Share

(PDF) GIAC Information Security GCIH Exam and Certification Test Engine

Use GCIH Exam Dumps (2022 PDF Dumps) To Have Reliable GCIH Test Engine


GCIH Certification Path

There are no prerequisites

 

NEW QUESTION 163
You work as a System Engineer for Cyber World Inc. Your company has a single Active Directory domain.
All servers in the domain run Windows Server 2008. The Microsoft Hyper-V server role has been installed on one of the servers, namely uC1. uC1 hosts twelve virtual machines. You have been given the task to configure the Shutdown option for uC1, so that each virtual machine shuts down before the main Hyper-V server shuts down. Which of the following actions will you perform to accomplish the task?

  • A. Manually shut down each of the guest operating systems before the server shuts down.
  • B. Create a logon script to shut down the guest operating system before the server shuts down.
  • C. Enable the Shut Down the Guest Operating System option in the Automatic Stop Action Properties on each virtual machine.
  • D. Create a batch file to shut down the guest operating system before the server shuts down.

Answer: C

 

NEW QUESTION 164
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

  • A. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
  • B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
  • C. tcp wrapper protects a Linux server from IP address spoofing.
  • D. tcp wrapper provides access control, host address spoofing, client username lookups, etc.

Answer: A,B,D

 

NEW QUESTION 165
You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server
2003. The virtual machine is protected by DPM. Now, you want to move the virtual machine to another host. Which of the following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Run consistency check.
  • B. Copy the virtual machine to the new server.
  • C. Add the copied virtual machine to a protection group.
  • D. Remove the original virtual machine from the old server and stop the protection for the original virtual machine.

Answer: B,C,D

 

NEW QUESTION 166
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

  • A. Containment
  • B. Recovery
  • C. Identification
  • D. Preparation

Answer: A

 

NEW QUESTION 167
Which of the following rootkits is used to attack against full disk encryption systems?

  • A. Library rootkit
  • B. Boot loader rootkit
  • C. Hypervisor rootkit
  • D. Kernel level rootkit

Answer: B

 

NEW QUESTION 168
Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.
In which of the following steps of malicious hacking does dumpster diving come under?

  • A. Reconnaissance
  • B. Multi-factor authentication
  • C. Mutual authentication
  • D. Role-based access control

Answer: A

Explanation:
Section: Volume C

 

NEW QUESTION 169
Which of the following is the most common vulnerability that can affect desktop applications written in native code?

  • A. Buffer overflow
  • B. SpyWare
  • C. Malware
  • D. DDoS attack

Answer: A

 

NEW QUESTION 170
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically
slowed down general Internet traffic?

  • A. SQL Slammer
  • B. Beast
  • C. Code red
  • D. Klez

Answer: A

 

NEW QUESTION 171
Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

  • A. Session hijacking
  • B. ARP spoofing
  • C. Man-in-the-middle
  • D. Port scanning

Answer: B

 

NEW QUESTION 172
Which of the following nmap command parameters is used for TCP SYN port scanning?

  • A. -sS
  • B. -sF
  • C. -sX
  • D. -sU

Answer: A

 

NEW QUESTION 173
Which of the following malicious code can have more than one type of trigger, multiple task capabilities, and can replicate itself in more than one manner?

  • A. Macro virus
  • B. Trojan
  • C. Boot sector virus
  • D. Blended threat

Answer: D

Explanation:
Section: Volume B

 

NEW QUESTION 174
Which of the following programming languages are NOT vulnerable to buffer overflow attacks?
Each correct answer represents a complete solution. Choose two.

  • A. Perl
  • B. C++
  • C. Java
  • D. C

Answer: A,C

Explanation:
Section: Volume B

 

NEW QUESTION 175
SIMULATION
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.

Answer:

Explanation:
Ingress filtering

 

NEW QUESTION 176
John works as a Penetration Tester in a security service providing firm named you-are-secure Inc.
Recently, John's company has got a project to test the security of a promotional Website www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:
<script>alert('Hi, John')</script>
After pressing the search button, a pop-up box appears on his screen with the text - "Hi, John." Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?

  • A. XSS attack
  • B. Replay attack
  • C. Buffer overflow attack
  • D. CSRF attack

Answer: A

 

NEW QUESTION 177
Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

  • A. Trojan horse
  • B. Session Hijacking
  • C. Social Engineering
  • D. Dictionary attack

Answer: B

 

NEW QUESTION 178
The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

  • A. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
  • B. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
  • C. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • D. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Answer: B

Explanation:
Section: Volume A

 

NEW QUESTION 179
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?

  • A. nmap -sT
  • B. nmap -sO
  • C. nmap -vO
  • D. nmap -sS

Answer: B

Explanation:
Section: Volume B

 

NEW QUESTION 180
You are the Security Consultant and have been hired to check security for a client's network. Your client has stated
that he has many concerns but the most critical is the security of Web applications on their Web server. What should
be your highest priority then in checking his network?

  • A. Vulnerability scanning
  • B. Setting up a honey pot
  • C. Setting up IDS
  • D. Port scanning

Answer: A

 

NEW QUESTION 181
You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

  • A. Hk.exe
  • B. PSExec
  • C. Remoxec
  • D. GetAdmin.exe

Answer: B

 

NEW QUESTION 182
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard
layer 4 network communications. The combination of parameters may then be used to infer the remote operating
system (OS fingerprinting), or incorporated into a device fingerprint.
Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

  • A. nmap -sU -p
  • B. nmap -sT
  • C. nmap -O -p
  • D. nmap -sS

Answer: C

 

NEW QUESTION 183
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  • A. On-attack phase
  • B. Attack phase
  • C. Post-attack phase
  • D. Pre-attack phase

Answer: D

Explanation:
Section: Volume C

 

NEW QUESTION 184
......

GCIH Dumps Full Questions with Free PDF Questions to Pass: https://www.pass4guide.com/GCIH-exam-guide-torrent.html

GCIH PDF Recently Updated Questions Dumps to Improve Exam Score: https://drive.google.com/open?id=1rAIQUnbinxfjZkIoqAe0mBVAS_ZRV6Vp 

Related Articles

more
GIAC GCIH Certification Practice Exam