[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GCIH Dumps with VCE and PDF 1-10

CollectDumps 2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!

GIAC Certified Incident Handler

Question No: 1 – (Topic 1)

Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?

  1. SPI

  2. Distributive firewall

  3. Honey Pot

  4. Internet bot

Answer: A

Question No: 2 – (Topic 1)

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company#39;s icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.

How was security compromised and how did the firewall respond?

  1. The attack was social engineering and the firewall did not detect it.

  2. Security was not compromised as the webpage was hosted internally.

  3. The attack was Cross Site Scripting and the firewall blocked it.

  4. Security was compromised as keylogger is invisible for firewall.

Answer: A

Question No: 3 – (Topic 1)

You run the following bash script in Linux:

for i in #39;cat hostlist.txt#39; ;do

nc -q 2 -v $i 80 lt; request.txt done

Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?

  1. You want to put nmap in the listen mode to the hosts given in the IP address list.

  2. You want to perform banner grabbing to the hosts given in the IP address list.

  3. You want to perform port scanning to the hosts given in the IP address list.

  4. You want to transfer file hostlist.txt to the hosts given in the IP address list.

Answer: B

Question No: 4 – (Topic 1)

Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:

Scan directed at open port: ClientServer —–FIN—–gt; lt;–NO RESPONSE–


Scan directed at closed port: ClientServer —–FIN—–gt;;—RST/ACK

Which of the following types of port scan is Adam running?

  1. ACK scan

  2. FIN scan

  3. XMAS scan

  4. Idle scan

Answer: B

Question No: 5 – (Topic 1)

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf(quot;%squot;, str).

What attack will his program expose the Web application to?

  1. Format string attack

  2. Cross Site Scripting attack

  3. SQL injection attack

  4. Sequence attack

Answer: A

Question No: 6 – (Topic 1)

Which of the following tools can be used to detect the steganography?

  1. Dskprobe

  2. Blindside

  3. ImageHide

  4. Snow

Answer: A

Question No: 7 – (Topic 1)

Which of the following tools can be used for steganography?

Each correct answer represents a complete solution. Choose all that apply.

  1. Image hide

  2. Stegbreak

  3. Snow.exe

  4. Anti-x

Answer: A,C

Question No: 8 – (Topic 1)

Your company has been hired to provide consultancy, development, and integration services for a company named Brainbridge International. You have prepared a case study to plan the upgrade for the company. Based on the case study, which of the following steps will you suggest for configuring WebStore1?

Each correct answer represents a part of the solution. Choose two.

  1. Customize IIS 6.0 to display a legal warning page on the generation of the 404.2 and

    404.3 errors.

  2. Move the WebStore1 server to the internal network.

  3. Configure IIS 6.0 on WebStore1 to scan the URL for known buffer overflow attacks.

  4. Move the computer account of WebStore1 to the Remote organizational unit (OU).

Answer: A,C

Question No: 9 – (Topic 1)

Which of the following tools is used to download the Web pages of a Website on the local system?

  1. wget

  2. jplag

  3. Nessus

  4. Ettercap

Answer: A

Question No: 10 – (Topic 1)

Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?

  1. Klez

  2. Code red

  3. SQL Slammer

  4. Beast

Answer: C

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GCIH Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE