Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Home
GIAC
Security Administration
GPEN
GIAC Penetration Tester Questions and Answers

Pass the GIAC Security Administration GPEN Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam GPEN Premium Access

View all detail and faqs for the GPEN exam

Go to Exam

371 Students Passed

91% Average Score

96% Same Questions

Viewing page 1 out of 12 pages

Viewing questions 1-10 out of questions

Questions # 1:

Analyze the screenshot below, which of the following sets of results will be retrieved using this search?

Question # 1

Options:

Pages from the domain sans.edu that have external links.

Files of type .php from the domain sans.edu.

Pages that contain the term ext:php and slte.sans.edu.

Files of type .php that redirect to the sans.edu domain.

Answer

Questions # 2:

Which of the following is the frequency range to tune IEEE 802.11a network?

Options:

1.15-3.825 GHz

5.15-5.825 GHz

5.25-9.825 GHz

6.25-9.825 GHz

Answer

Questions # 3:

You have obtained the hash below from the /etc/shadow file. What are you able to discern simply by looking at this hash?

Question # 3

Options:

A4XD$B4COCqWaEpFjLLDe. is a SHAI hash that was created using the salt $1

SuWeOhL6k$ 1

A4XD$B4COCqWaEpFjLLDe. is an MD5 hash that was created using the salt $1

SuWeOhL6k$

A4XDsB4COGqWaEpFjLLDe. is an MD5 hash that was created using the salt

uWeOhL6k

A4XDsB4COCqWaEpFjLLDe. is a SHAI hash that was created using the salt

uweohL6k

Answer

Questions # 4:

Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter committing?

Options:

E-mail spoofing

E-mail Spam

E-mail bombing

E-mail Storm

Answer

Questions # 5:

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He enters the following command on the

Linux terminal:chmod 741 secure.c

Considering the above scenario, which of the following statements are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

John is restricting a guest to only write or execute the secure.c file.

John is providing all rights to the owner of the file.

By the octal representation of the file access permission, John is restricting the group members to only read the secure.c file.

The textual representation of the file access permission of 741 will be -rwxr--rw-.

Answer

B, C

Questions # 6:

You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email you@gmail.com' and press the submit button. The Web application displays the server error.

What can be the reason of the error?

Options:

The remote server is down.

You have entered any special character in email.

Your internet connection is slow.

Email entered is not valid.

Answer

Questions # 7:

Which of the following statements are true about NTLMv1?

Each correct answer represents a complete solution. Choose all that apply.

Options:

It uses the LANMAN hash of the user's password.

It is mostly used when no Active Directory domain exists.

It is a challenge-response authentication protocol.

It uses the MD5 hash of the user's password.

Answer

A, B, C

Questions # 8:

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:

SELECT email, passwd, login_id, full_name

FROM members

WHERE email = 'attacker@somehwere.com'; DROP TABLE members; --'

What task will the above SQL query perform?