GCIH Study Guide Brilliant GCIH Exam Dumps PDF [Q161-Q185]

GCIH Study Guide Brilliant GCIH Exam Dumps PDF

View GCIH Exam Question Dumps With Latest Demo

Preparation Resources for GCIH Certification Test

A candidate who identifies and uses different preparation resources has a higher chance to pass the GIAC GCIH exam than one individual who doesn’t do so. Therefore, those individuals who want to clear the GCIH test can use the following training resources:

• GCIH GIAC Certified Incident Handler All-in-One Exam Guide, 1st Edition

  This book has been written by Nick Mitropoulos and is available on Amazon in different formats. The candidates can download it in Kindle format for $34.67 or choose the paperback format for $36.49. This material helps you prepare for the challenging exam necessary for getting the GIAC Certified Incident Handler certification and offers detailed information according to the exam blueprint. To know more, the author is a reputable cybersecurity expert who knows the tips and tricks that the candidates should care about when they take the GCIH exam. Plus, such material includes 300 questions offering the exam-takers the opportunity to get used to the exam structure and difficulty level. In particular, this resource offers the candidates the opportunity to learn about the following topics:

  • How to handle incidents and intrusion analysis;
  • The way to gather different types of information;
  • How to identify vulnerabilities through scanning and enumeration;
  • Means to exploit vulnerabilities;
  • Preventing and defending against endpoint and infrastructure attacks;
  • Managing and defending against Network, Web application, and DoS attacks;
  • How to cover tracks and evade detection;
  • Learning how to work with botnets, bots, and worms.

  Another important advantage brought by this material is the fact that each chapter ends with a detailed explanation of the exam domains and puts the candidates in real-world scenarios. So, the exam-takers will consolidate their skills and obtain a lot of practical experience.

• SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

  This training course lasts for 6 days and it can be taken either online or in the classroom. It is conducted by Michael Murr as Principal Instructor and Joshua Wright as the Fellow. During this official class, the candidates will learn about the following concepts:

  • Preparing most effectively for preventing a security breach;
  • Developing reactive and preventive defense methods;
  • Identifying immediately any active attacks and knowing how to understand the compromises;
  • Understanding how to stop different types of the computer attack vector;
  • Developing different measures that block attackers from returning;
  • Learning how to recover from attacks and restoring the systems to avoid business disruptions;
  • Using and understanding how different types of hacking techniques and tools work;
  • Developing strategies that help in preventing any hacking attacks;
  • Discovering vulnerabilities, defenses, and attacks;
  • Understanding how to handle the legal issues when it comes to handling incidents.

 

NEW QUESTION 161
Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?

• A. Spoofing
• B. SYN attack
• C. Hacking
• D. PING attack

Answer: B

Explanation:
Section: Volume C

 

NEW QUESTION 162
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

• A. Block all outgoing traffic on port 53
• B. Block all outgoing traffic on port 21
• C. Block ICMP type 13 messages
• D. Block ICMP type 3 messages

Answer: C

 

NEW QUESTION 163
What is the major difference between a worm and a Trojan horse?

• A. A worm spreads via e-mail, while a Trojan horse does not.
• B. A worm is a form of malicious program, while a Trojan horse is a utility.
• C. A worm is self replicating, while a Trojan horse is not.
• D. A Trojan horse is a malicious program, while a worm is an anti-virus software.

Answer: C

Explanation:
Section: Volume A
Explanation

 

NEW QUESTION 164
You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

• A. PSExec
• B. Hk.exe
• C. Remoxec
• D. GetAdmin.exe

Answer: A

Explanation:
Section: Volume C

 

NEW QUESTION 165
You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

• A. Spoofing
• B. Firewalking
• C. Cloaking
• D. Port scanning

Answer: B

 

NEW QUESTION 166
Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which
some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the
task:
1. Smoothening and decreasing contrast by averaging the pixels of the area where significant
color transitions occurs.
2. Reducing noise by adjusting color and averaging pixel value.
3. Sharpening, Rotating, Resampling, and Softening the image.
Which of the following Steganography attacks is Victor using?

• A. Chosen-Stego Attack
• B. Active Attacks
• C. Steg-Only Attack
• D. Stegdetect Attack

Answer: B

 

NEW QUESTION 167
Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.

• A. It disrupts connections between two computers, preventing communications between services.
• B. It changes the configuration of the TCP/IP protocol.
• C. It disrupts services to a specific computer.
• D. It saturates network resources.

Answer: A,C,D

 

NEW QUESTION 168
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

• A. Brute force attack
• B. Distributed denial of service (DDOS) attack
• C. Malware installation from unknown Web sites
• D. Mail bombing

Answer: C

 

NEW QUESTION 169
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

• A. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
• B. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
• C. tcp wrapper protects a Linux server from IP address spoofing.
• D. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

Answer: A,B,D

 

NEW QUESTION 170
A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to a network. The problems caused by a DoS attack are as follows:
l Saturation of network resources
l Disruption of connections between two computers, thereby preventing communications between services
l Disruption of services to a specific computer
l Failure to access a Web site l Increase in the amount of spam
Which of the following can be used as countermeasures against DoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Permitting network access only to desired traffic
• B. Blocking undesired IP addresses
• C. Disabling unneeded network services
• D. Applying router filtering

Answer: A,B,C,D

 

NEW QUESTION 171
Your company has been hired to provide consultancy, development, and integration services for a company named Brainbridge International. You have prepared a case study to plan the upgrade for the company. Based on the case study, which of the following steps will you suggest for configuring WebStore1?
Each correct answer represents a part of the solution. Choose two.

• A. Move the WebStore1 server to the internal network.
• B. Move the computer account of WebStore1 to the Remote organizational unit (OU).
• C. Configure IIS 6.0 on WebStore1 to scan the URL for known buffer overflow attacks.
• D. Customize IIS 6.0 to display a legal warning page on the generation of the 404.2 and 404.3 errors.

Answer: C,D

 

NEW QUESTION 172
You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of
various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the
Web site login page and you run the following SQL query:
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = '[email protected]'; DROP TABLE members; --'
What task will the above SQL query perform?

• A. Deletes the entire members table.
• B. Deletes the database in which members table resides.
• C. Performs the XSS attacks.
• D. Deletes the rows of members table where email id is '[email protected]' given.

Answer: A

 

NEW QUESTION 173
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

• A. Gaining access
• B. Covering tracks
• C. Reconnaissance
• D. Maintaining access

Answer: B

 

NEW QUESTION 174
Which of the following wireless network security solutions refers to an authentication process in which a user can
connect wireless access points to a centralized server to ensure that all hosts are properly authenticated?

• A. Wi-Fi Protected Access 2 (WPA2)
• B. IEEE 802.1x
• C. Remote Authentication Dial-In User Service (RADIUS)
• D. Wired Equivalent Privacy (WEP)

Answer: B

 

NEW QUESTION 175
Which of the following can be used as a countermeasure against the SQL injection attack?
Each correct answer represents a complete solution. Choose two.

• A. Prepared statement
• B. mysql_real_escape_string()
• C. session_regenerate_id()
• D. mysql_escape_string()

Answer: A,B

 

NEW QUESTION 176
Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use Steganographic file system method to encrypt and hide some secret information. Which of the following disk spaces will he use to store this secret information?
Each correct answer represents a complete solution. Choose all that apply.

• A. Hidden partition
• B. Unused Sectors
• C. Dumb space
• D. Slack space

Answer: A,B,D

 

NEW QUESTION 177
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the wearesecure.com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value.
What may be the reason?

• A. Hping does not perform idle scanning.
• B. The firewall is blocking the scanning process.
• C. The zombie computer is the system interacting with some other system besides your computer.
• D. The zombie computer is not connected to the we-are-secure.com Web server.

Answer: C

 

NEW QUESTION 178
Which of the following is a technique for creating Internet maps?
Each correct answer represents a complete solution. Choose two.

• A. Object Relational Mapping
• B. Active Probing
• C. AS PATH Inference
• D. Network Quota

Answer: B,C

 

NEW QUESTION 179
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

• A. Social Engineering attack
• B. Impersonation attack
• C. Vulnerability attack
• D. Denial-of-Service attack

Answer: D

Explanation:
Section: Volume B

 

NEW QUESTION 180
In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

• A. Physical accessing
• B. Session fixation
• C. Session sidejacking
• D. Cross-site scripting

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 181
Which of the following practices come in the category of denial of service attack?
Each correct answer represents a complete solution. Choose three.

• A. Sending lots of ICMP packets to an IP address
• B. Performing Back door attack on a system
• C. Sending thousands of malformed packets to a network for bandwidth consumption
• D. Disrupting services to a specific computer

Answer: A,C,D

 

NEW QUESTION 182
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?

• A. 23 days
• B. 22 hours
• C. 5 minutes
• D. 200 years

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 183
Which of the following is a process of searching unauthorized modems?

• A. Wardialing
• B. Espionage
• C. Scavenging
• D. System auditing

Answer: A

 

NEW QUESTION 184
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

• A. The target site should have limited lifetime authentication cookies.
• B. The attacker must determine the right values for all the form inputs.
• C. The target site should authenticate in GET and POST parameters, not only cookies.
• D. The attacker must target a site that doesn't check the referrer header.

Answer: B,D

 

NEW QUESTION 185
......

GCIH Certification Path

There are no prerequisites

How to book GCIH Exams

In order to apply for the GCIH, You have to follow these steps

1. Go to the GCIH Official Site
2. Read the instruction Carefully
3. Follow the given steps
4. Apply for the GCIH

 

Free GCIH Test Questions Real Practice Test Questions: https://www.dumpexams.com/GCIH-real-answers.html

GCIH Dumps Updated Mar 29, 2023 WIith 335 Questions: https://drive.google.com/open?id=1P-1MaMNjDDOfmncnBAZpeWFaF5rAD8HS