2023 Realistic Verified Free GIAC GCIH Exam Questions [Q40-Q55]

Share

2023 Realistic Verified Free GIAC GCIH Exam Questions

GCIH Real Exam Questions and Answers FREE

NEW QUESTION 40
Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

  • A. Spoofing
  • B. Reconnaissance
  • C. File integrity auditing
  • D. Shoulder surfing

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 41
Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

  • A. Extensible Authentication Protocol (EAP)
  • B. Wireless Transport Layer Security (WTLS)
  • C. MAC address filtering
  • D. WEP

Answer: C

 

NEW QUESTION 42
US Garments wants all encrypted data communication between corporate office and remote location.
They want to achieve following results:
* l Authentication of users
* l Anti-replay
* l Anti-spoofing
* l IP packet encryption
They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Authentication of users
  • B. Anti-spoofing
  • C. IP packet encryption
  • D. Anti-replay

Answer: B,D

Explanation:
Section: Volume C

 

NEW QUESTION 43
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
The company is aware of various types of security attacks and wants to impede them. Hence, management has assigned John a project to port scan the company's Web Server. For this, he uses the nmap port scanner and issues the following command to perform idle port scanning:
nmap -PN -p- -sI IP_Address_of_Company_Server
He analyzes that the server's TCP ports 21, 25, 80, and 111 are open.
Which of the following security policies is the company using during this entire process to mitigate the risk of hacking attacks?

  • A. Non-disclosure agreement
  • B. Acceptable use policy
  • C. Audit policy
  • D. Antivirus policy

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 44
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

  • A. XMAS
  • B. FTP bounce
  • C. TCP FIN
  • D. TCP SYN

Answer: C

 

NEW QUESTION 45
You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP
protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data
packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential
cause of this?

  • A. Spoofing
  • B. Denial-of-Service
  • C. Eavesdropping
  • D. Packet manipulation

Answer: B

 

NEW QUESTION 46
CORRECT TEXT
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.

Answer:

Explanation:
canary

 

NEW QUESTION 47
You enter the netstat -an command in the command prompt and you receive intimation that port number
7777 is open on your computer. Which of the following Trojans may be installed on your computer?

  • A. Tini
  • B. QAZ
  • C. Donald Dick
  • D. NetBus

Answer: A

 

NEW QUESTION 48
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you
will definitely install the game on your computer. He picks up a Trojan and joins it with chess.exe. Which of the
following tools are required in such a scenario?
Each correct answer represents a part of the solution. Choose three.

  • A. Yet Another Binder
  • B. Absinthe
  • C. NetBus
  • D. Chess.exe

Answer: A,C,D

 

NEW QUESTION 49
Which of the following tools can be used to detect the steganography?

  • A. Dskprobe
  • B. ImageHide
  • C. Snow
  • D. Blindside

Answer: A

 

NEW QUESTION 50
Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Phalanx2
  • B. Beastkit
  • C. Adore
  • D. Knark

Answer: C,D

 

NEW QUESTION 51
Which of the following statements are true about firewalking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.
  • B. To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.
  • C. Firewalking works on the UDP packets.
  • D. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.

Answer: A,B,D

Explanation:
Section: Volume A

 

NEW QUESTION 52
Which of the following practices come in the category of denial of service attack?
Each correct answer represents a complete solution. Choose three.

  • A. Performing Back door attack on a system
  • B. Sending lots of ICMP packets to an IP address
  • C. Sending thousands of malformed packets to a network for bandwidth consumption
  • D. Disrupting services to a specific computer

Answer: B,C,D

 

NEW QUESTION 53
Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

  • A. Tripwire
  • B. Inzider
  • C. PrcView
  • D. TCPView

Answer: A

 

NEW QUESTION 54
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?

  • A. 22 hours
  • B. 5 minutes
  • C. 23 days
  • D. 200 years

Answer: B

Explanation:
Section: Volume B

 

NEW QUESTION 55
......


GCIH Certification Path

There are no prerequisites

 

Exam Dumps GCIH Practice Free Latest GIAC Practice Tests: https://www.realexamfree.com/GCIH-real-exam-dumps.html

GCIH Exam Questions | Real GCIH Practice Dumps: https://drive.google.com/open?id=1iGwZ6V-Pd27853Zfsk62ZmmaTGTvBGVA