[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GCIH Dumps with VCE and PDF 191-200

CollectDumps 2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GCIH.html

GIAC Certified Incident Handler

Question No: 191 – (Topic 2)

Which of the following statements are true about Dsniff?

Each correct answer represents a complete solution. Choose two.

  1. It contains Trojans.

  2. It is a virus.

  3. It is antivirus.

  4. It is a collection of various hacking tools.

Answer: A,D

Question No: 192 – (Topic 2)

You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise#39;s network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

  1. Packet manipulation

  2. Denial-of-Service

  3. Spoofing

  4. Eavesdropping

Answer: B

Question No: 193 – (Topic 2)

Which of the following is a technique for creating Internet maps? Each correct answer represents a complete solution. Choose two.

  1. Active Probing

  2. AS PATH Inference

  3. Object Relational Mapping

  4. Network Quota

Answer: A,B

Question No: 194 – (Topic 2)

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative

server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone#39;s DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

  1. Host

  2. Dig

  3. DSniff

  4. NSLookup

Answer: A,B,D

Topic 3, Volume C

Question No: 195 – (Topic 3)

You are the Security Consultant and have been hired to check security for a client#39;s network. Your client has stated that he has many concerns but the most critical is the security of Web applications on their Web server. What should be your highest priority then in checking his network?

  1. Setting up IDS

  2. Port scanning

  3. Vulnerability scanning

  4. Setting up a honey pot

Answer: C

Question No: 196 – (Topic 3)

Which of the following statements is true about a Trojan engine?

  1. It limits the system resource usage.

  2. It specifies the signatures that keep a watch for a host or a network sending multiple packets to a single host or a single network.

  3. It specifies events that occur in a related manner within a sliding time interval.

  4. It analyzes the nonstandard protocols, such as TFN2K and BO2K.

Answer: D

Question No: 197 – (Topic 3)

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  1. Post-attack phase

  2. On-attack phase

  3. Attack phase

  4. Pre-attack phase

Answer: D

Question No: 198 CORRECT TEXT – (Topic 3)

Fill in the blank with the appropriate option to complete the statement below.

You want to block all UDP packets coming to the Linux server using the portsentry utility. For this, you have to enable the option in the portsentry configuration file.

Answer: BLOCK_UDP

Question No: 199 – (Topic 3)

Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen.

Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.

Which of the following steps of the incident handling process is being performed by Adam?

  1. Recovery

  2. Eradication

  3. Identification

  4. Containment

Answer: D

Question No: 200 – (Topic 3)

You want to create an SSH tunnel for POP and SMTP protocols. Which of the following commands will you run?

  1. ssh -L 110:mailhost:110 -L 25

  2. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1

  3. ssh -L 25:mailhost:110 -L 110

  4. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1 user -N mailhost

Answer: D

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GCIH Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE