[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 1-10

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 1 – (Topic 1)

What is the impact on pre-calculated Rainbow Tables of adding multiple salts to a set of passwords?

  1. Salts increases the time to crack the original password by increasing the number oftables that must be calculated.

  2. Salts double the total size of a rainbow table database.

  3. Salts can be reversed or removed from encoding quickly to produce unsaltedhashes.

  4. Salts have little effect because they can be calculated on the fly with applicationssuch as Ophcrack.

Answer: B

Question No: 2 – (Topic 1)

If the privacy bit is set in the 802.11 header, what does it indicate?

  1. SSID cloaking is being used.

  2. Some form of encryption is In use.

  3. WAP is being used.

  4. Some form of PEAP is being used.

Answer: C

Question No: 3 – (Topic 1)

Analyze the command output below. What information can the tester infer directly from the Information shown?

Collectdumps 2017 PDF and VCE

  1. Usernames for the domain tesrdomain.com

  2. Directory indexing is allowed on the web server

  3. Vulnerable versions of Adobe software in use

  4. Naming convention for public documents

Answer: D

Question No: 4 – (Topic 1)

Which Metasploitvncinject stager will allow VNC communications from the attacker to a listening port of the attacker#39;s choosing on the victim machine?

  1. Vncinject/find.lag

  2. Vncinject/reverse.tcp

  3. Vncinject/reverse-http

  4. Vncinject /bind.tcp

Answer: B

Reference: http://www.rapid7.com/db/modules/payload/windows/vncinject/reverse_tcp

Question No: 5 – (Topic 1)

You are pen testing a Windows system remotely via a raw netcat shell. You want to quickly change directories to where the Windows operating system resides, what command could you use?

  1. cd systemroot

  2. cd-

  3. cd /systemroot/

  4. cd %systemroot%

Answer: B

Question No: 6 – (Topic 1)

What command will correctly reformat the Unix passwordcopy and shadowcopy Tiles for input to John The Ripper?

  1. /Un shadow passwd copy shadowcopy gt; johnfile

  2. /Unshadow passwdcopy shadowcopy gt; johnfile

  3. /Unshadow shadowcopy passwdcopy gt;john file

  4. /Unshadow passwdcopy shadowcopy gt; johnfile

Answer: C


https://books.google.co.in/books?id=SC- tAwAAQBAJamp;pg=PA286amp;lpg=PA286amp;dq=/Unshadow shadow copy passwd copy >j ohn fileamp;source=blamp;ots=OnZK9atlc1amp;sig=co7EM5EHye96vO74W3wZxky3sXUamp;hl=enamp;sa

=Xamp;ei=FBuoVPLHDc- cugSDxYGYBAamp;ved=0CCwQ6AEwAg#v=onepageamp;q=/Unshadow shadow cop y passwd copy >john fileamp;f=false

Question No: 7 – (Topic 1)

Which of the following is possible in some SQL injection vulnerabilities on certain types of databases that affects the underlying server OS?

  1. Database structure retrieval

  2. Shell command execution

  3. Data manipulation

  4. Data query capabilities

Answer: A



Question No: 8 – (Topic 1)

Which of the following describes the direction of the challenges issued when establishing a wireless (IEEE 802.11) connection?

  1. One-way, the client challenges the access point

  2. One-way, the access point challenges the client

  3. No challenges occur (or wireless connection

  4. Two-way, both the client and the access point challenge each other

Answer: D

Question No: 9 – (Topic 1)

While scanning a remote system that is running a web server with a UDP scan and monitoring the scan with a sniffer, you notice that the target is responding with ICMP Port Unreachable only once a second What operating system is the target likely running?

  1. Linux

  2. Windows

  3. OpenBSD

  4. Mac OS X

Answer: A

Question No: 10 – (Topic 1)

Approximately how many packets are usually required to conduct a successful FMS attack onWEP?

A. 250.000

B. 20.000

C. 10.000,000

D. l (with a weak IV)

Answer: B

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE