Latest GCIH Exam GCIH Dumps 100% Free Download

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your GIAC Information Security Hotest GCIH study guide GIAC Certified Incident Handler exam. We will assist you clear the Jun 16,2022 Newest GCIH exam questions exam with GIAC Information Security GCIH actual tests. We GCIH practice tests are the most comprehensive ones.

We Geekcert has our own expert team. They selected and published the latest GCIH preparation materials from Official Exam-Center.

The following are the GCIH free dumps. Go through and check the validity and accuracy of our GCIH dumps.GCIH free dumps are questions from the latest full GCIH dumps. Check GCIH free questions to get a better understanding of GCIH exams.

Question 1:

Which of the following types of attack can guess a hashed password?

A. Brute force attack

B. Evasion attack

C. Denial of Service attack

D. Teardrop attack

Correct Answer: A


Question 2:

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

A. Ping of death

B. Jolt

C. Fraggle

D. Teardrop

Correct Answer: A


Question 3:

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router\’s logs and notices that the unfamiliar machine has the same MAC address as his laptop.

Which of the following attacks has been occurred on the wireless network of Adam?

A. NAT spoofing

B. DNS cache poisoning

C. MAC spoofing

D. ARP spoofing

Correct Answer: C


Question 4:

Which of the following statements are true about tcp wrappers?

Each correct answer represents a complete solution. Choose all that apply.

A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.

B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.

C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

D. tcp wrapper protects a Linux server from IP address spoofing.

Correct Answer: ABC


Question 5:

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against.

A. IIS buffer overflow

B. NetBIOS NULL session

C. SNMP enumeration

D. DNS zone transfer

Correct Answer: A


Question 6:

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc.

Which of the following types of Cross-Site Scripting attack Ryan intends to do?

A. Non persistent

B. Document Object Model (DOM)

C. SAX

D. Persistent

Correct Answer: D


Question 7:

Which of the following applications is an example of a data-sending Trojan?

A. SubSeven

B. Senna Spy Generator

C. Firekiller 2000

D. eBlaster

Correct Answer: D


Question 8:

Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold. Which of the following are the two popular types of buffer overflows? Each correct answer represents a complete solution. Choose two.

A. Dynamic buffer overflows

B. Stack based buffer overflow

C. Heap based buffer overflow

D. Static buffer overflows

Correct Answer: BC


Question 9:

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows: C:\whisker.pl -h target_IP_address — whisker / v1.4.0 / rain forest puppy / www.wiretrip.net — = – = – = – = – = = Host: target_IP_address = Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22

200 OK: HEAD /cgi-bin/printenv

John recognizes /cgi-bin/printenv vulnerability (\’Printenv\’ vulnerability) in the We_are_secure server. Which of the following statements about \’Printenv\’ vulnerability are true? Each correct answer represents a complete solution. Choose all that apply.

A. This vulnerability helps in a cross site scripting attack.

B. \’Printenv\’ vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.

C. The countermeasure to \’printenv\’ vulnerability is to remove the CGI script.

D. With the help of \’printenv\’ vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Correct Answer: ACD


Question 10:

Which of the following commands is used to access Windows resources from Linux workstation?

A. mutt

B. scp

C. rsync

D. smbclient

Correct Answer: D


Question 11:

Which of the following statements about Denial-of-Service (DoS) attack are true? Each correct answer represents a complete solution. Choose three.

A. It disrupts services to a specific computer.

B. It changes the configuration of the TCP/IP protocol.

C. It saturates network resources.

D. It disrupts connections between two computers, preventing communications between services.

Correct Answer: ACD


Question 12:

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

A. Vulnerability attack

B. Man-in-the-middle attack

C. Denial-of-Service (DoS) attack

D. Impersonation attack

Correct Answer: C


Question 13:

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

A. Piggybacking

B. Hacking

C. Session hijacking

D. Keystroke logging

Correct Answer: C


Question 14:

Which of the following malicious software travels across computer networks without the assistance of a user?

A. Worm

B. Virus

C. Hoax

D. Trojan horses

Correct Answer: A


Question 15:

What is the major difference between a worm and a Trojan horse?

A. A worm spreads via e-mail, while a Trojan horse does not.

B. A worm is a form of malicious program, while a Trojan horse is a utility.

C. A worm is self replicating, while a Trojan horse is not.

D. A Trojan horse is a malicious program, while a worm is an anti-virus software.

Correct Answer: C


Tagged: Tags