Breathing GIAC GPEN Pdf Online

NEW QUESTION 1

You want to use a Windows-based GUI tool which can perform MITM attacks, along with sniffing and ARP poisoning. Which of the following tools will you use?

• A. Cain and Abel
• B. Brutus
• C. Dsniff
• D. Nmap

Answer: A

NEW QUESTION 2

When a DNS server transfers its zone file to a remote system, what port does it typically use?

• A. 53/TCP
• B. 153/UDP
• C. 35/TCP
• D. 53/UDP

Answer: D

Explanation:
Reference:
http://www.networkworld.com/article/2231682/cisco-subnet/cisco-subnet-allow-both-tcp-and-udp-port-53-to-your-dns-servers.html

NEW QUESTION 3

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP). Which of the following statements is true in such situation?

• A. The laptop will be able to access the wireless network but the security will be compromised
• B. The WAP will allow the connection with the guest account's privilege
• C. The laptop will be able to access the wireless network but other wireless devices will be unable to communicate with i
• D. The laptop will not be able to access the wireless networ

Answer: D

NEW QUESTION 4

You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

• A. Ettercap
• B. Nmap
• C. Netcraft
• D. Ethereal

Answer: C

NEW QUESTION 5

John works as a Penetration Tester in a security service providing firm named you-are-secure Inc.
Recently, John's company has got a project to test the security of a promotional Website
www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:
<script>alert('Hi, John')</script>
After pressing the search button, a pop-up box appears on his screen with the text - "Hi, John."
Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?

• A. XSS attack
• B. Replay attack
• C. Buffer overflow attack
• D. CSRF attack

Answer: A

NEW QUESTION 6

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?

• A. The zombie computer is the system interacting with some other system besides your comp ute
• B. The firewall is blocking the scanning proces
• C. The zombie computer is not connected to the we-are-secure.com Web serve
• D. Hping does not perform idle scannin

Answer: A

NEW QUESTION 7

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

• A. Post-attack phase
• B. Attack phase
• C. On-attack phase
• D. Pre-attack phase

Answer: D

NEW QUESTION 8

What is the main difference between LAN MAN and NTLMv1 challenge/responses?

• A. NTLMv1 only pads IS bytes, whereas LANMAN pads to 21 bytes
• B. NTLMv1 starts with the NT hash, whereas LANMAN starts with the LANMAN hash
• C. NTLMv1utilizes DES, whereas LANMAN utilizes MD4
• D. NTLMv1 splits the hash into 3 eight-byte pieces, whereas LAN MAN splits the hash Into 3 seven-byte pieces

Answer: A

NEW QUESTION 9

The resulting business impact, of the penetration test or ethical hacking engagement is explained in what section of the final report?

• A. Problems
• B. Findings
• C. Impact Assessment
• D. Executive Summary

Answer: D

Explanation:
Reference:
http://www.frost.com/upld/get-data.do?id=1568233

NEW QUESTION 10

Which of the following tools connects to and executes files on remote systems?

• A. Spector
• B. Hk.exe
• C. PsExec
• D. GetAdmin.exe

Answer: C

NEW QUESTION 11

You work as a Web developer in the IBM Inc. Your area of proficiency is PHP. Since you have proper knowledge of security, you have bewared from rainbow attack. For mitigating this attack, you design the PHP code based on the following algorithm:
key = hash(password + salt)
for 1 to 65000 do
key = hash(key + salt)
Which of the following techniques are you implementing in the above algorithm?

• A. Key strengthening
• B. Hashing
• C. Sniffing
• D. Salting

Answer: A

NEW QUESTION 12

You work as an IT Technician for uCertify Inc. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company's wireless network. On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?

• A. MAC Filtering
• B. SSID
• C. RAS
• D. WEP

Answer: A

NEW QUESTION 13

Which of the following Nmap commands is used to perform a UDP port scan?

• A. nmap -sS
• B. nmap -sY
• C. nmap -sN
• D. nmap –sU

Answer: D

NEW QUESTION 14

In which of the following attacking methods does an attacker distribute incorrect IP address?

• A. IP spoofing
• B. Mac flooding
• C. Man-in-the-middle
• D. DNS poisoning

Answer: D

NEW QUESTION 15
168.1 200, which of the following would you see?

• A. Ping-n 1 192.168.1 200 on the compromised system
• B. A 'Destination host unreachable' error message on the compromised system
• C. A packet containing 'Packets: Sent - 1 Received = 1, Loss = 0 (0% loss) on yoursniffer
• D. An ICMP Echo packet on your sniffer containing the source address of the target

Answer: A

NEW QUESTION 16

Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized from a student of the high school. It is suspected that the explicit child pornography contents are stored in the iPod. Adam wants to investigate the iPod extensively. Which of the following operating systems will Adam use to carry out his investigations in more extensive and elaborate manner?

• A. MINIX 3
• B. Linux
• C. Windows XP
• D. Mac OS

Answer: D

NEW QUESTION 17

You work as a Network Administrator in the Secure Inc. Your company is facing various network attacks due to the insecure wireless network. You are assigned a task to secure your wireless network. For this, you have turned off broadcasting of the SSID. However, the unauthorized users are still able to connect to the wireless network. Which of the following statements can be the reason for this issue?
Each correct answer represents a complete solution. Choose all that apply.

• A. You have forgotten to turn off DHC
• B. You are using WPA2 security schem
• C. The SSID is still sent inside both client and AP packet
• D. You are using the default SSI

Answer: ACD

NEW QUESTION 18

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the
following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

• A. Attacker can use the Ping Flood DoS attack if WZC is use
• B. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain acces
• C. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain acces
• D. It will not allow the configuration of encryption and MAC filterin
• E. Sending information is not secure on wireless networ

Answer: BC

NEW QUESTION 19
......