[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 11-20

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GPEN.html

GIAC Penetration Tester

Question No: 11 – (Topic 1)

You are done pen testing a Windows system and need to clean up some of the changes you have made. You created an account ‘pentester’ on the system, what command would you use to delete that account?

  1. Net user pentester /del

  2. Net name pentester /del

  3. Net localuser pentester /del

  4. Net account pentester /del

Answer: D

Question No: 12 – (Topic 1)

Identify the network activity shown below;

Collectdumps 2017 PDF and VCE

  1. A sweep of available hosts on the local subnet

  2. A flood of the local switch#39;s CAM table.

  3. An attempt to disassociate wireless clients.

  4. An attempt to impersonate the local gateway

Answer: D

Question No: 13 – (Topic 1)

When a DNS server transfers its zone file to a remote system, what port does it typically use?

  1. 53/TCP

  2. 153/UDP

  3. 35/TCP

  4. 53/UDP

Answer: D

Reference:

http://www.networkworld.com/article/2231682/cisco-subnet/cisco-subnet-allow-both-tcp- and-udp-port-53-to-your-dns-servers.html

Question No: 14 – (Topic 1)

You have gained shell on a Windows host and want to find other machines to pivot to, but the rules of engagement state that you can only use tools that are already available. How could you find other machines on the target network?

  1. Use the quot;pingquot; utility to automatically discover other hosts

  2. Use the quot;pingquot; utility in a for loop to sweep the network.

  3. Use the quot;editquot; utility to read the target#39;s HOSTS file.

  4. Use the quot;net sharequot; utility to see who is connected to local shared drives.

Answer: B

Reference:

http://www.slashroot.in/what-ping-sweep-and-how-do-ping-sweep

Question No: 15 – (Topic 1)

Which of the following is the JavaScript variable used to store a cookie?

  1. Browsercookie

  2. Windowcookie

  3. Document cookie

  4. Session cookie

Answer: C

Reference: http://www.w3schools.com/js/js_cookies.asp

Question No: 16 – (Topic 1)

Which type of Cross-Sire Scripting (XSSgt; vulnerability is hardest for automated testing tools to detect, and for what reason?

  1. Stored XSS. because it may be located anywhere within static or dynamic sitecontent

  2. Stored XSS. because it depends on emails and instant messaging systems.

  3. Reflected XSS. because It can only be found by analyzing web server responses.

  4. Reflected XSS: because it is difficult to find within large web server logs.

Answer: A

Question No: 17 – (Topic 1)

While performing a code audit, you discover a SQL injection vulnerability assuming the following vulnerable query, what user input could be injected to make the query true and return data?

select * from widgets where name = #39;[user-input]#39;;

  1. #39;or 1=1

  2. ‘or l=l…

C. #39;or 1=1-

D. ‘or l=1’

Answer: D

Question No: 18 – (Topic 1)

You are running a vulnerability scan on a remote network and the traffic Is not making It to the target system. You investigate the connection issue and determine that the traffic is making it to the internal interface of your network firewall, but not making. It to the external Interface or to any systems outside your firewall. What is the most likely problem?

  1. Your network firewall is blocking the traffic

  2. The NAT or pat tables on your network based firewall are filling up and droppingthe traffic

  3. A host based firewall is blocking the traffic

  4. Your ISP Is blocking the traffic

Answer: C

Question No: 19 – (Topic 1)

You suspect that a firewall or IPS exists between you and the target machine. Which nmap option will elicit responses from some firewalls and IPSs while being silently dropped by the target, thus confirming the existence of a firewall or IPS?

  1. -Traceroute

  2. -Firewalk

  3. -Badsum

  4. -SF

Answer: B

Question No: 20 – (Topic 1)

What is the purpose of die following command: nc.exe -I -p 2222 -e cmd.exe

  1. It is used to start a persistent listener linked to cmd.exe on port 2222 TCP

  2. It is used to start a listener linked to cmd.exe on port 2222 TCP

  3. It is used to start a listener linked to cmd.exe on port 2222 UDP

  4. It is used to start a persistent listener linked to cmd.exe on port 2222 UDP

Answer: C

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE