How Many Questions Of GCIH Practice Test

NEW QUESTION 1
Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.

• A. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
• B. Worms can exist inside files such as Word or Excel documents.
• C. One feature of worms is keystroke logging.
• D. Worms replicate themselves from one system to another without using a host file.

Answer: ABD

NEW QUESTION 2
Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.
In which of the following steps of malicious hacking does dumpster diving come under?

• A. Multi-factor authentication
• B. Role-based access control
• C. Mutual authentication
• D. Reconnaissance

Answer: D

NEW QUESTION 3
Peter works as a Network Administrator for the Exambible Inc. The company has a Windows- based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

• A. SQL injection attack
• B. Denial-of-Service (DoS) attack
• C. Man-in-the-middle attack
• D. Buffer overflow attack

Answer: B

NEW QUESTION 4
Which of the following is the difference between SSL and S-HTTP?

• A. SSL operates at the application layer and S-HTTP operates at the network layer.
• B. SSL operates at the application layer and S-HTTP operates at the transport layer.
• C. SSL operates at the network layer and S-HTTP operates at the application layer.
• D. SSL operates at the transport layer and S-HTTP operates at the application layer.

Answer: D

NEW QUESTION 5
You are monitoring your network's behavior. You find a sudden increase in traffic on the network. It seems to come in bursts and emanate from one specific machine. You have been able to determine that a user of that machine is unaware of the activity and lacks the computer knowledge required to be responsible for a computer attack. What attack might this indicate?

• A. Spyware
• B. Ping Flood
• C. Denial of Service
• D. Session Hijacking

Answer: A

NEW QUESTION 6
Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS cache poisoning?

• A. Stub resolver
• B. BINDER
• C. Split-horizon DNS
• D. Domain Name System Extension (DNSSEC)

Answer: D

NEW QUESTION 7
Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.

• A. Dynamic buffer overflows
• B. Stack based buffer overflow
• C. Heap based buffer overflow
• D. Static buffer overflows

Answer: BC

NEW QUESTION 8
Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).
What attack will his program expose the Web application to?

• A. Format string attack
• B. Cross Site Scripting attack
• C. SQL injection attack
• D. Sequence++ attack

Answer: A

NEW QUESTION 9
Which of the following statements about a Trojan horse are true?
Each correct answer represents a complete solution. Choose two.

• A. It is a macro or script that attaches itself to a file or template.
• B. The writers of a Trojan horse can use it later to gain unauthorized access to a computer.
• C. It is a malicious software program code that resembles another normal program.
• D. It infects the boot record on hard disks and floppy disks.

Answer: BC

NEW QUESTION 10
Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism?
Each correct answer represents a complete solution. Choose two.

• A. Land attack
• B. SYN flood attack
• C. Teardrop attack
• D. Ping of Death attack

Answer: CD

NEW QUESTION 11
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

• A. Block all outgoing traffic on port 21
• B. Block all outgoing traffic on port 53
• C. Block ICMP type 13 messages
• D. Block ICMP type 3 messages

Answer: C

NEW QUESTION 12
Which of the following rootkits is able to load the original operating system as a virtual machine, thereby enabling it to intercept all hardware calls made by the original operating system?

• A. Kernel level rootkit
• B. Boot loader rootkit
• C. Hypervisor rootkit
• D. Library rootkit

Answer: C

NEW QUESTION 13
Which of the following protocols uses only User Datagram Protocol (UDP)?

• A. POP3
• B. FTP
• C. ICMP
• D. TFTP

Answer: D

NEW QUESTION 14
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

• A. The attack was social engineering and the firewall did not detect it.
• B. Security was not compromised as the webpage was hosted internally.
• C. The attack was Cross Site Scripting and the firewall blocked it.
• D. Security was compromised as keylogger is invisible for firewall.

Answer: A

NEW QUESTION 15
Which of the following is a version of netcat with integrated transport encryption capabilities?

• A. Encat
• B. Nikto
• C. Socat
• D. Cryptcat

Answer: D

NEW QUESTION 16
Which of the following is a method of gaining access to a system that bypasses normal authentication?

• A. Teardrop
• B. Trojan horse
• C. Back door
• D. Smurf

Answer: C

NEW QUESTION 17
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

• A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
• B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
• C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
• D. tcp wrapper protects a Linux server from IP address spoofing.

Answer: ABC

NEW QUESTION 18
Which of the following types of attacks come under the category of hacker attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Smurf
• B. IP address spoofing
• C. Teardrop
• D. Password cracking

Answer: BD

NEW QUESTION 19
......