21 December, 2024
A Review Of Real GCIH Exam Topics
It is impossible to pass GIAC GCIH exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed GIAC GCIH practice questions. You will get a surprising result by our Regenerate GIAC Certified Incident Handler practice guides.
Question 1
Which of the following attacks allows an attacker to retrieve crucial information from a Web server's database?
Question 2
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
Question 3
Adam, a novice web user, is very conscious about the security. He wants to visit the Web site that is known to have malicious applets and code. Adam always makes use of a basic Web Browser to perform such testing.
Which of the following web browsers can adequately fill this purpose?
Which of the following web browsers can adequately fill this purpose?
Question 4
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.
The we-are-secure login page is vulnerable to a __________.
The we-are-secure login page is vulnerable to a __________.
Question 5
Which of the following types of attacks come under the category of hacker attacks?
Each correct answer represents a complete solution. Choose all that apply.
Each correct answer represents a complete solution. Choose all that apply.
Question 6
Which of the following viruses/worms uses the buffer overflow attack?
Question 7
Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer.
After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting.
for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting.
for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
Which of the following actions does Adam want to perform by the above command?
Question 8
Which of the following IP packet elements is responsible for authentication while using IPSec?
Question 9
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?
Question 10
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.
Each correct answer represents a complete solution. Choose two.
Question 11
Which of the following terms describes an attempt to transfer DNS zone data?
Question 12
Drag and drop the mapping techniques to their respective descriptions.
Solution:
Does this meet the goal?
Solution:
Does this meet the goal?
Question 13
You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?
Question 14
Which of the following is the Web 2.0 programming methodology that is used to create Web pages that are dynamic and interactive?
Question 15
Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?
Question 16
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?