live chatMcAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Pass4Test 10%OFF Discount Code

GIAC Certified Incident Handler - GCIH Exam Questions

QUESTION NO: 1
Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone.
Which of the following methods has the attacker used to crack Andrew's password?
Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: A,B,E,F,G
QUESTION NO: 2
Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.
Correct Answer: A,D
QUESTION NO: 3
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?
Correct Answer: C
QUESTION NO: 4
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: A,C,D
QUESTION NO: 5
Which of the following statements is true about the difference between worms and Trojan horses?
Correct Answer: D
QUESTION NO: 6
What is the major difference between a worm and a Trojan horse?
Correct Answer: C
QUESTION NO: 7
Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform a user must install a packet capture library.
What is the name of this library?
Correct Answer: A
QUESTION NO: 8
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?
Correct Answer: B
QUESTION NO: 9
Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?
Correct Answer: A
QUESTION NO: 10
Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.
Correct Answer: A,D
QUESTION NO: 11
You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do
nc -q 2 -v $i 80 < request.txt done
Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?
Correct Answer: D
QUESTION NO: 12
John works as a Penetration Tester in a security service providing firm named you-are-secure Inc. Recently, John's company has got a project to test the security of a promotional Website www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:
<script>alert('Hi, John')</script>
After pressing the search button, a pop-up box appears on his screen with the text - "Hi, John." Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?
Correct Answer: D
QUESTION NO: 13
You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will you perform to accomplish the task?
Correct Answer: B
QUESTION NO: 14
You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
Correct Answer: B,D