Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
GIAC
Security Administration
GCIH
GIAC Certified Incident Handler Questions and Answers

Pass the GIAC Security Administration GCIH Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam GCIH Premium Access

View all detail and faqs for the GCIH exam

Go to Exam

817 Students Passed

93% Average Score

92% Same Questions

Viewing page 7 out of 10 pages

Viewing questions 61-70 out of questions

Questions # 61:

Which of the following languages are vulnerable to a buffer overflow attack?

Each correct answer represents a complete solution. Choose all that apply.

Options:

Java

C++

Action script

Answer

B, C

Questions # 62:

John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection.

Which of the following scanning techniques will he use to accomplish this task?

Options:

TCP FIN

TCP SYN/ACK

TCP SYN

Xmas tree

Answer

Questions # 63:

You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

Options:

Blindside

Snow

ImageHide

Stealth

Answer

Questions # 64:

Fill in the blank with the appropriate term.

______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.

Options:

Answer

Answer:

Ingress filtering

Questions # 65:

Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

Options:

Port scanning

ARP spoofing

Man-in-the-middle

Session hijacking

Answer

Questions # 66:

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

Options:

Containment

Preparation

Recovery

Identification

Answer

Questions # 67:

Against which of the following does SSH provide protection?

Each correct answer represents a complete solution. Choose two.

Options:

DoS attack

IP spoofing

Password sniffing

Broadcast storm

Answer

B, C

Questions # 68:

Which of the following netcat parameters makes netcat a listener that automatically restarts itself when a connection is dropped?

Options:

-u

-l

-p

-L

Answer

Questions # 69:

Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN. What steps can be used as a countermeasure of ARP spoofing?

Each correct answer represents a complete solution. Choose all that apply.

Options:

Using smash guard utility

Using ARP Guard utility

Using static ARP entries on servers, workstation and routers

Using ARP watch utility

Using IDS Sensors to check continually for large amount of ARP traffic on local subnets

Answer

B, C, D, E

Questions # 70:

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?