Pass4Test est un site à offrir les Q&As de tout les tests Certification IT. Chez Pass4Test, vous pouvez trouvez de meilleurs matériaux. Nos guides d'étude vous permettent de réussir le test Certification GIAC GPEN sans aucune doute, sinon nous allons rendre votre argent d'acheter la Q&A et la mettre à jour tout de suite, en fait, c'est une situation très rare. Bien que il existe plusieurs façons à améliorer votre concurrence de carrière, Pass4Test est lequel plus efficace : Moins d'argent et moins de temps dépensés, plus sûr à passer le test Certification. De plus, un an de service après vendre est gratuit pour vous.
Le produit de Pass4Test est réputée par une bonne qualité et fiabilité. Vous pouvez télécharger le démo grantuit pour prendre un essai, nons avons la confiance que vous seriez satisfait. Vous n'aurez plus de raison à s'hésiter en face d'un aussi bon produit. Ajoutez notre Q&A au panier, vous aurez une meilleure préparation avant le test.
Selon les feedbacks les professionnels bien réputés dans l'Industrie IT, Pass4Test est un bon catalyseur de leurs succès. L'outil de formation offert par Pass4Test leur aide d'économiser le temps et l'argent, le plus important est qu'ils aient passé le test GIAC GPEN avec succès. Pass4Test est un fournissur fiable. Vous allez réaliser votre rêve avec l'aide de Pass4Test.
C'est un bon choix si vous prendre l'outil de formation de Pass4Test. Vous pouvez télécharger tout d'abord le démo gratuit pour prendre un essai. Vous aurez plus confiances sur Pass4Test après l'essai de notre démo. Si malheureusement, vous ne passe pas le test, votre argent sera tout rendu.
Code d'Examen: GPEN
Nom d'Examen: GIAC (GIAC Certified Penetration Tester)
Questions et réponses: 384 Q&As
Selon les feedbacks offerts par les candidats, c'est facile à réussir le test GIAC GPEN avec l'aide de la Q&A de Pass4Test qui est recherché particulièrement pour le test Certification GIAC GPEN. C'est une bonne preuve que notre produit est bien effective. Le produit de Pass4Test peut vous aider à renforcer les connaissances demandées par le test GIAC GPEN, vous aurez une meilleure préparation avec l'aide de Pass4Test.
Pass4Test a capacité d'économiser vos temps et de vous faire plus confiant à réussir le test. Vous pouvez télécharger le démo GIAC GPEN gratuit à connaître mieux la bonne fiabilité de Pass4Test. Nous nous font toujours confiant sur nos produits, et vous aussi dans un temps proche. La réussite de test GIAC GPEN n'est pas loin de vous une fois que vous choisissez le produit de Pass4Test. C'est un choix élégant pour vous faciliter à réussir le test GIAC GPEN.
GPEN Démo gratuit à télécharger: http://www.pass4test.fr/GPEN.html
NO.1 Which of the following ports will you scan to search for SNMP enabled devices in the network?
A. 163
B. 123
C. 151
D. 161
Answer: D
certification GIAC GPEN examen GPEN GPEN certification GPEN
NO.2 Which of the following are the scanning methods used in penetration testing?
Each correct answer represents a complete solution. Choose all that apply.
A. Vulnerability
B. Port
C. Network
D. Services
Answer: A,B,C
certification GIAC GPEN examen certification GPEN certification GPEN
NO.3 Which of the following tools can be used to read NetStumbler's collected data files and present street
maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal
strength?
A. NetStumbler
B. StumbVerter
C. WEPcrack
D. Kismet
Answer: B
GIAC GPEN examen GPEN examen
NO.4 Which of the following enables an inventor to legally enforce his right to exclude others from using his
invention?
A. Patent
B. Spam
C. Phishing
D. Artistic license
Answer: A
GIAC examen GPEN GPEN certification GPEN certification GPEN
NO.5 Adam works on a Linux system. He is using Sendmail as the primary application to transmit emails.
Linux uses Syslog to maintain logs of what has occurred on the system. Which of the following log files
contains e-mail information such as source and destination IP addresses, date and time stamps etc?
A. /log/var/logd
B. /var/log/logmail
C. /log/var/mailog
D. /var/log/mailog
Answer: D
GIAC GPEN examen GPEN GPEN GPEN GPEN examen
NO.6 You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will
you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. Restart nessusd service.
B. Place nikto.pl file in the /var/www directory.
C. Place nikto.pl file in the /etc/nessus directory.
D. Place the directory containing nikto.pl in root's PATH environment variable.
Answer: A,D
GIAC examen GPEN examen certification GPEN GPEN examen certification GPEN GPEN
NO.7 Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or
stop the traffic altogether?
A. Man-in-the-middle
B. ARP spoofing
C. Port scanning
D. Session hijacking
Answer: B
certification GIAC GPEN GPEN certification GPEN certification GPEN
NO.8 Which of the following types of cyber stalking damage the reputation of their victim and turn other
people against them by setting up their own Websites, blogs or user pages for this purpose?
A. Encouraging others to harass the victim
B. False accusations
C. Attempts to gather information about the victim
D. False victimization
Answer: B
GIAC certification GPEN GPEN examen certification GPEN GPEN examen
NO.9 Which of the following tools is used to verify the network structure packets and confirm that the packets
are constructed according to specification?
A. EtherApe
B. Snort decoder
C. AirSnort
D. snort_inline
Answer: B
certification GIAC certification GPEN GPEN certification GPEN certification GPEN
NO.10 You work as a Network Administrator for Net World International. The company has a Windows Active
Directory-based single domain single forest network. The functional level of the forest is Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its
Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the
company's network through wireless connections. The company's management wants to implement
Shared Key authentication for these laptops. When you try to configure the network interface card of one
of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared
Key authentication?
A. Install PEAP-MS-CHAP v2
B. Install Service Pack 1
C. Enable WEP
D. Install EAP-TLS
Answer: C
GIAC GPEN certification GPEN GPEN
NO.11 You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized
access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer,
Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string
in the log file:
(Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001)
When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool
is being used for the unauthorized access. Which of the following tools have you ascertained?
A. AirSnort
B. Kismet
C. AiroPeek
D. NetStumbler
Answer: D
GIAC certification GPEN GPEN examen
NO.12 A Web developer with your company wants to have wireless access for contractors that come in to work
on various projects. The process of getting this approved takes time. So rather than wait, he has put his
own wireless router attached to one of the network ports in his department. What security risk does this
present?
A. An unauthorized WAP is one way for hackers to get into a network.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. None, adding a wireless access point is a common task and not a security risk.
Answer: A
GIAC certification GPEN GPEN certification GPEN
NO.13 In which of the following scanning techniques does a scanner connect to an FTP server and request
that server to start data transfer to the third system?
A. Bounce attack scanning
B. Xmas Tree scanning
C. TCP FIN scanning
D. TCP SYN scanning
Answer: A
GIAC GPEN GPEN GPEN certification GPEN
NO.14 You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
A. Capture data on port 53 and performing banner grabbing.
B. Listen the incoming traffic on port 53 and execute the remote shell.
C. Listen the incoming data and performing port scanning.
D. Capture data on port 53 and delete the remote shell.
Answer: B
certification GIAC GPEN examen GPEN examen GPEN
NO.15 You have inserted a Trojan on your friend's computer and you want to put it in the startup so that
whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry
entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D
GIAC GPEN GPEN GPEN
NO.16 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning.?
A. Solaris
B. Red Hat
C. Windows
D. Knoppix
Answer: C
GIAC certification GPEN GPEN examen GPEN certification GPEN GPEN
NO.17 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk
and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his
task?
A. TCP FTP proxy scanning
B. Eavesdropping
C. Web ripping
D. Fingerprinting
Answer: C
GIAC examen GPEN GPEN certification GPEN
NO.18 Which of the following statements is true about the Digest Authentication scheme?
A. In this authentication scheme, the username and password are passed with every request, not just
when the user first types them.
B. A valid response from the client contains a checksum of the username, the password, the given
random value, the HTTP method, and the requested URL.
C. The password is sent over the network in clear text format.
D. It uses the base64 encoding encryption scheme.
Answer: B
certification GIAC certification GPEN GPEN certification GPEN GPEN
NO.19 Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.
A. The target site should have limited lifetime authentication cookies.
B. The attacker must target a site that doesn't check the referrer header.
C. The target site should authenticate in GET and POST parameters, not only cookies.
D. The attacker must determine the right values for all the form inputs.
Answer: B,D
GIAC GPEN examen certification GPEN GPEN
NO.20 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other
networks will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate with
each other.
Answer: B,C,D
GIAC GPEN examen GPEN certification GPEN GPEN
NO.21 Which of the following options holds the strongest password?
A. california
B. $#164aviD
没有评论:
发表评论