• Home
  • Articles
  • Pass GIAC GPEN exam Dumps 100 Pass Guarantee With Latest Demo [Q157-Q180]

Pass GIAC GPEN exam Dumps 100 Pass Guarantee With Latest Demo [Q157-Q180]

Share

Pass GIAC GPEN exam Dumps 100 Pass Guarantee With Latest Demo

The  GPEN PDF Dumps Greatest for the GIAC Exam Study Guide!

NEW QUESTION # 157
You are using the Nmap Scripting Engine and want detailed output of the script as it runs. Which option do you include in the command string?

  • A. Nmap -script-verbose --scrlpr-ssh-hostkey.nse 155.65.3.221 -p 22
  • B. Nmap -v --script=ssh-hostkey.nse 155.65.3.221 -p 22
  • C. Nmap --script-trace --script-ssh-hostkey.nse 155.65.3.221 -p 22
  • D. Nmap --script-output -script-SSH-hostkey.nse 155.65.3.221 -p 22

Answer: A

Explanation:
Section: Volume A
Explanation


NEW QUESTION # 158
You are done pen testing a Windows system and need to clean up some of the changes you have made.
You created an account 'pentester' on the system, what command would you use to delete that account?

  • A. Net localuser pentester /del
  • B. Net user pentester /del
  • C. Net name pentester /del
  • D. Net account pentester /del

Answer: B


NEW QUESTION # 159
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

  • A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
  • B. Attacker can use the Ping Flood DoS attack if WZC is used.
  • C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
  • D. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.

Answer: A,C


NEW QUESTION # 160
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

  • A. TCP FIN
  • B. TCP SYN
  • C. XMAS
  • D. FTP bounce

Answer: A


NEW QUESTION # 161
Analyze the command output below. What information can the tester infer directly from the information shown?

  • A. Null sessions are enabled on the target
  • B. Account lockouts must be reset by the Administrator
  • C. The administrator account has no password
  • D. The target host is running Linux with Samba services

Answer: D


NEW QUESTION # 162
You work as a Web developer in the IBM Inc. Your area of proficiency is PHP. Since you have proper knowledge of security, you have bewared from rainbow attack. For mitigating this attack, you design the PHP code based on the following algorithm:
key = hash(password + salt)
for 1 to 65000 do
key = hash(key + salt)
Which of the following techniques are you implementing in the above algorithm?

  • A. Salting
  • B. Hashing
  • C. Sniffing
  • D. Key strengthening

Answer: D

Explanation:
Section: Volume B


NEW QUESTION # 163
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

  • A. The target site should have limited lifetime authentication cookies.
  • B. The attacker must target a site that doesn't check the referrer header.
  • C. The attacker must determine the right values for all the form inputs.
  • D. The target site should authenticate in GET and POST parameters, not only cookies.

Answer: B,C


NEW QUESTION # 164
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He enters the following command on the
Linux terminal:chmod 741 secure.c
Considering the above scenario, which of the following statements are true?
Each correct answer represents a complete solution. Choose all that apply.

  • A. John is restricting a guest to only write or execute the secure.c file.
  • B. By the octal representation of the file access permission, John is restricting the group members to only read the secure.c file.
  • C. John is providing all rights to the owner of the file.
  • D. The textual representation of the file access permission of 741 will be -rwxr--rw-.

Answer: B,C


NEW QUESTION # 165
By default Active Directory Controllers store password representations in which file?

  • A. %systemroot .system 32/ntds.dit
  • B. %systemroot /ntds\ntds.dit
  • C. %systemroot /ntds\sam.dit
  • D. %systemroot /ntds\sam.dat

Answer: B

Explanation:
Section: Volume A


NEW QUESTION # 166
Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

  • A. The information in these tables will reveal details about the web application's code.
  • B. This is where sites typically store sensitive information such as credit card numbers.
  • C. These tables contain a list of allowed database applications
  • D. These tables contain metadata that can be queried to gain additional helpful information.

Answer: D

Explanation:
Explanation/Reference:
Reference:
http://www.rackspace.com/knowledge_center/article/sql-injection-in-mysql


NEW QUESTION # 167
You work as a Web developer in the IBM Inc. Your area of proficiency is PHP. Since you have proper knowledge of security, you have bewared from rainbow attack. For mitigating this attack, you design the PHP code based on the following algorithm:
key = hash(password + salt)
for 1 to 65000 do
key = hash(key + salt)
Which of the following techniques are you implementing in the above algorithm?

  • A. Salting
  • B. Hashing
  • C. Sniffing
  • D. Key strengthening

Answer: D


NEW QUESTION # 168
Analyze the command output below. What action is being performed by the tester?

  • A. Creating user accounts on 10.0.1.4 and testing privileges
  • B. Attempting to exploit windows File and Print Sharing service
  • C. Collecting password hashes for users on 10.0.1.4
  • D. Gathering Security identifiers for accounts on 10.0.1.4

Answer: B


NEW QUESTION # 169
What command will correctly reformat the Unix passwordcopy and shadowcopy Tiles for input to John The Ripper?

  • A. /Unshadow shadowcopy passwdcopy >john file
  • B. /Unshadow passwdcopy shadowcopy > johnfile
  • C. /Un shadow passwd copy shadowcopy > johnfile
  • D. /Unshadow passwdcopy shadowcopy > johnfile

Answer: A

Explanation:
Section: Volume A
Explanation/Reference:
https://books.google.co.in/books?id=SC-tAwAAQBAJ&pg=PA286&lpg=PA286&dq=/Unshadow+shadow+copy
+passwd+copy+%3Ejohn
+file&source=bl&ots=OnZK9atlc1&sig=co7EM5EHye96vO74W3wZxky3sXU&hl=en&sa=X&ei=FBuoVPLHDc- cugSDxYGYBA&ved=0CCwQ6AEwAg#v=onepage&q=%2FUnshadow%20shadow%20copy%20passwd%
20copy%20%3Ejohn%20file&f=false


NEW QUESTION # 170
You successfully compromise a target system's web application using blind command injection. The command you injected is ping-n 1 192.168.1.200. Assuming your machine is 192.168.1 200, which of the following would you see?

  • A. A 'Destination host unreachable' error message on the compromised system
  • B. An ICMP Echo packet on your sniffer containing the source address of the target
  • C. Ping-n 1 192.168.1 200 on the compromised system
  • D. A packet containing 'Packets: Sent - 1 Received = 1, Loss = 0 (0% loss) on yoursniffer

Answer: C


NEW QUESTION # 171
Which of the following laws or acts, formed in Australia, enforces prohibition against cyber stalking?

  • A. Malicious Communications Act (1998)
  • B. Stalking Amendment Act (1999)
  • C. Stalking by Electronic Communications Act (2001)
  • D. Anti-Cyber-Stalking law (1999)

Answer: B


NEW QUESTION # 172
You want that some of your Web pages should not be crawled. Which one of the following options will you use to accomplish the task?

  • A. Place the name of restricted Web pages in the private.txt file
  • B. Use HTML NO Crawl tag in the Web page not to be crawled
  • C. Place the name of restricted Web pages in the robotes.txt file
  • D. Enable the SSL

Answer: C


NEW QUESTION # 173
A penetration tester wishes to stop the Windows Firewall process on a remote host running Windows Vista She issues the following commands:

A check of the remote host indicates that Windows Firewall is still running. Why did the command fail?

  • A. The user does not have the access level needed to stop the firewall.
  • B. The remote server timed out and did not complete the command.
  • C. The kernel prevented the command from being executed.
  • D. The sc command needs to be passed the IP address of the target.

Answer: D


NEW QUESTION # 174
You want to use a Windows-based GUI tool which can perform MITM attacks, along with sniffing and ARP poisoning. Which of the following tools will you use?

  • A. Cain and Abel
  • B. Nmap
  • C. Brutus
  • D. Dsniff

Answer: A

Explanation:
Section: Volume B


NEW QUESTION # 175
You are pen testing a system and want to use Metasploit 3.X to open a listening port on the system so you can access it via a netcat shell. Which stager would you use to have the system listen on TCP port 50000?

  • A. Passivex
  • B. Fincltag.ord
  • C. Reverse.tcp
  • D. Bind.tcp

Answer: D

Explanation:
Section: Volume A


NEW QUESTION # 176
Which of the following is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards and also detects wireless networks marking their relative position with a GPS?

  • A. NetStumbler
  • B. Tcpdump
  • C. Kismet
  • D. Ettercap

Answer: A


NEW QUESTION # 177
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint. Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

  • A. nmap -O -p
  • B. nmap -sU -p
  • C. nmap -sS
  • D. nmap -sT

Answer: A


NEW QUESTION # 178
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are- secure.com. John has gained the access to the network of the organization and placed a backdoor in the network. Now, he wants to clear all event logs related to previous hacking attempts. Which of the following tools can John use if we-are-secure.com is using the Windows 2000 server?
Each correct answer represents a complete solution. Choose two.

  • A. WinZapper
  • B. elsave.exe
  • C. Blindside
  • D. AuditPol

Answer: A,B


NEW QUESTION # 179
Which of the following TCSEC classes defines verified protection?

  • A. Class A
  • B. Class D
  • C. Class C
  • D. Class B

Answer: A

Explanation:
Section: Volume D


NEW QUESTION # 180
......

Read Online GPEN Test Practice Test Questions Exam Dumps: https://www.examdiscuss.com/GIAC/exam/GPEN/

Related Articles

more
Go To GPEN Questions
0
0
0
10