Share Latest Feb-2023 GCIH DUMP with 335 Questions and Answers

PDF Dumps 2023 Exam Questions with Practice Test

GIAC GCIH Exam Syllabus Topics:

Topic	Details
Topic 1	Demonstrate An Understanding Of The Techniques And Tools Used In Scanning, And How To Respond To And Prepare Against Scanning
Topic 2	Demonstrate An Understanding Of The Value Of The Open Web Application Security Project (Owasp)
Topic 3	Understanding Of Public And Open Source Reconnaissance Techniques Understanding Of The General Approaches To Get Rid Of The Attacker's Artifacts On Compromised Machines
Topic 4	Demonstrate An Understanding Of How Attackers Use Tunneling And Covert Channels To Cover Their Tracks On A Network
Topic 5	Understanding Of Best Practices To Take In Preparation For An Incident Understanding Of Various Network Attacks And How To Defend Against Them
Topic 6	Understanding Of How Overflow Attacks Work And How To Defend Against Them Demonstrate A Detailed Understanding Of The Three Methods Of Password Cracking
Topic 7	Understanding Of Scanning Fundamentals; To Discover And Map Networks And Hosts, And Reveal Services And Vulnerabilities
Topic 8	Demonstrate An Understanding Of What Incident Handling Is, Why It Is Important

 

NEW QUESTION 42
Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

• A. Port scanning
• B. ARP spoofing
• C. Man-in-the-middle
• D. Session hijacking

Answer: B

Explanation:
Section: Volume C

 

NEW QUESTION 43
John works as a Network Security Professional. He is assigned a project to test the security of
www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a
bad html request in order to retrieve information about the service on the host.

Which of the following attacks is John using?

• A. Eavesdropping
• B. Sniffing
• C. War driving
• D. Banner grabbing

Answer: D

 

NEW QUESTION 44
Fill in the blank with the appropriate term.
_______is the practice of monitoring and potentially restricting the flow of information outbound from one network to another.

Answer:

Explanation:
Egress filtering

 

NEW QUESTION 45
Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

• A. Extensible Authentication Protocol (EAP)
• B. Wireless Transport Layer Security (WTLS)
• C. WEP
• D. MAC address filtering

Answer: D

 

NEW QUESTION 46
You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning. The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident.
Which of the following steps of an incident handling process was performed by the incident response team?

• A. Eradication
• B. Identification
• C. Preparation
• D. Containment

Answer: B

 

NEW QUESTION 47
Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually
dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

• A. Warkitting
• B. Wardialing
• C. Demon dialing
• D. War driving

Answer: B

 

NEW QUESTION 48
The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for PassGuide Software Systems Pvt. Ltd.?

• A. Providing secure communications between the overseas office and the headquarters.
• B. Providing two-factor authentication.
• C. Preventing denial-of-service attacks.
• D. Protecting employee data on portable computers.
• E. Ensuring secure authentication.
• F. Preventing unauthorized network access.
• G. Providing secure communications between Washington and the headquarters office.
• H. Implementing Certificate services on Texas office.

Answer: A,D,E,F

Explanation:
Section: Volume C
Explanation/Reference:

 

NEW QUESTION 49
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

• A. Software keylogger
• B. Kernel keylogger
• C. Hardware keylogger
• D. OS keylogger

Answer: C

 

NEW QUESTION 50
Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly?

• A. AS PATH Inference
• B. Firewalking
• C. AS Route Inference
• D. Path MTU discovery (PMTUD)

Answer: A

 

NEW QUESTION 51
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you
will definitely install the game on your computer. He picks up a Trojan and joins it to chess.exe. The size of chess.exe
was 526,895 bytes originally, and after joining this chess file to the Trojan, the file size increased to 651,823 bytes.
When he gives you this new game, you install the infected chess.exe file on your computer. He now performs various
malicious tasks on your computer remotely. But you suspect that someone has installed a Trojan on your computer
and begin to investigate it. When you enter the netstat command in the command prompt, you get the following results:
C:\WINDOWS>netstat -an | find "UDP"
UDP IP_Address:31337 *:*
Now you check the following registry address:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
In the above address, you notice a 'default' key in the 'Name' field having " .exe" value in the
corresponding 'Data' field. Which of the following Trojans do you think your friend may have installed on your
computer on the basis of the above evidence?

• A. Qaz
• B. Tini
• C. Donald Dick
• D. Back Orifice

Answer: D

 

NEW QUESTION 52
You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

• A. Port scanning
• B. Spoofing
• C. Firewalking
• D. Cloaking

Answer: C

Explanation:
Section: Volume B
Explanation/Reference:

 

NEW QUESTION 53
Which of the following tools can be used to detect the steganography?

• A. Snow
• B. ImageHide
• C. Dskprobe
• D. Blindside

Answer: C

 

NEW QUESTION 54
US Garments wants all encrypted data communication between corporate office and remote location.
They want to achieve following results:
l Authentication of users

l Anti-replay

l Anti-spoofing

l IP packet encryption

They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide?
Each correct answer represents a complete solution. Choose all that apply.

• A. IP packet encryption
• B. Anti-spoofing
• C. Anti-replay
• D. Authentication of users

Answer: B,C

 

NEW QUESTION 55
Which of the following Trojans is used by attackers to modify the Web browser settings?

• A. Win32/FlyStudio
• B. Trojan.Lodear
• C. WMA/TrojanDownloader.GetCodec
• D. Win32/Pacex.Gen

Answer: A

 

NEW QUESTION 56
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. You use SmartDefense on the HTTP servers of the company to fix the limitation for the maximum number of response headers allowed.
Which of the following attacks will be blocked by defining this limitation?
Each correct answer represents a complete solution. Choose all that apply.

• A. Land attack
• B. User-defined worm
• C. Backdoor attack
• D. Code red worm

Answer: B,D

 

NEW QUESTION 57
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

• A. Block all outgoing traffic on port 53
• B. Block all outgoing traffic on port 21
• C. Block ICMP type 13 messages
• D. Block ICMP type 3 messages

Answer: C

 

NEW QUESTION 58
Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

• A. Session hijacking
• B. Hacking
• C. Piggybacking
• D. Keystroke logging

Answer: A

 

NEW QUESTION 59
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil
antivirus programs?

• A. Tiny
• B. NetBus
• C. Trojan Man
• D. EliteWrap

Answer: C

 

NEW QUESTION 60
......

Dumps for Free GCIH Practice Exam Questions: https://www.testsimulate.com/GCIH-study-materials.html