[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GCIH Dumps with VCE and PDF 171-180

CollectDumps 2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GCIH.html

GIAC Certified Incident Handler

Question No: 171 – (Topic 2)

You enter the netstat -an command in the command prompt and you receive intimation that port number 7777 is open on your computer. Which of the following Trojans may be installed on your computer?

  1. NetBus

  2. QAZ

  3. Donald Dick

  4. Tini

Answer: D

Question No: 172 – (Topic 2)

Adam works as a Penetration Tester for Umbrella Inc. A project has been assigned to him check the security of wireless network of the company. He re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Adam assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs.

Which of the following types of attack is Adam performing?

  1. Replay attack

  2. MAC Spoofing attack

  3. Caffe Latte attack

  4. Network injection attack

Answer: A

Question No: 173 – (Topic 2)

John works as a Penetration Tester in a security service providing firm named you-are- secure Inc. Recently, John#39;s company has got a project to test the security of a promotional Website www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:

lt;scriptgt;alert(#39;Hi, John#39;)lt;/scriptgt;

After pressing the search button, a pop-up box appears on his screen with the text – quot;Hi, John.quot; Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?

  1. Replay attack

  2. CSRF attack

  3. Buffer overflow attack

  4. XSS attack

Answer: D

Question No: 174 – (Topic 2)

You work as a Security Administrator for Net Perfect Inc. The company has a Windows- based network. You want to use a scanning technique which works as a reconnaissance attack. The technique should direct to a specific host or network to determine the services that the host offers.

Which of the following scanning techniques can you use to accomplish the task?

  1. IDLE scan

  2. Nmap

  3. SYN scan

  4. Host port scan

Answer: D

Question No: 175 – (Topic 2)

Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration. The tool uses raw IP packets to determine the following:

What ports are open on our network systems. What hosts are available on the network.

Identify unauthorized wireless access points.

What services (application name and version) those hosts are offering. What operating systems (and OS versions) they are running.

What type of packet filters/firewalls are in use. Which of the following tools is Victor using?

  1. Nessus

  2. Kismet

  3. Nmap

  4. Sniffer

Answer: C

Question No: 176 – (Topic 2)

Which of the following attacks can be overcome by applying cryptography?

  1. Buffer overflow

  2. Web ripping

  3. Sniffing

  4. DoS

Answer: C

Question No: 177 – (Topic 2)

Which of the following functions in c/c can be the cause of buffer overflow? Each correct answer represents a complete solution. Choose two.

  1. printf()

  2. strcat()

  3. strcpy()

  4. strlength()

Answer: B,C

Question No: 178 – (Topic 2)

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee#39;s computer?

  1. Buffer-overflow attack

  2. Shoulder surfing attack

  3. Man-in-the-middle attack

  4. Denial-of-Service (DoS) attack

Answer: B

Question No: 179 – (Topic 2)

Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?

  1. SID filtering

  2. Cookie poisoning

  3. Cross-site scripting

  4. Privilege Escalation

Answer: C

Question No: 180 – (Topic 2)

Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?

  1. US Incident Management System (USIMS)

  2. National Disaster Management System (NDMS)

  3. National Emergency Management System (NEMS)

  4. National Incident Management System (NIMS)

Answer: D

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GCIH Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE