[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 131-140

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 131 – (Topic 2)

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Collectdumps 2017 PDF and VCE

Which of the following tools is John using to crack the wireless encryption keys?

  1. AirSnort

  2. PsPasswd

  3. Cain

  4. Kismet

Answer: A

Question No: 132 – (Topic 2)

You work as a professional Ethical Hacker. You are assigned a project to perform blackhat testing on www.we-are-secure.com. You visit the office of we-are-secure.com as an air- condition mechanic. You claim that someone from the office called you saying that there is some fault in the air-conditioner of the server room. After some inquiries/arguments, the Security Administrator allows you to repair the air-conditioner of the server room.

When you get into the room, you found the server is Linux-based. You press the reboot button of the server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly boots backup into Knoppix. You mount the root partition of the server after replacing the root password in the /etc/shadow file with a known password hash and salt. Further, you copy the netcat tool on the server and install its startup files to create a reverse tunnel and move a shell to a remote server whenever the server is restarted. You simply restart the server, pull out the Knoppix Live CD from the server, and inform that the air-conditioner is working properly.

After completing this attack process, you create a security auditing report in which you mention various threats such as social engineering threat, boot from Live CD, etc. and suggest the countermeasures to stop booting from the external media and retrieving sensitive data. Which of the following steps have you suggested to stop booting from the external media and retrieving sensitive data with regard to the above scenario?

Each correct answer represents a complete solution. Choose two.

  1. Setting only the root level access for sensitive data.

  2. Encrypting disk partitions.

  3. Placing BIOS password.

  4. Using password protected hard drives.

Answer: B,D

Question No: 133 – (Topic 2)

Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized from a student of the high school. It is suspected that the explicit child pornography contents are stored in the iPod. Adam wants to investigate the iPod extensively. Which of the following operating systems will Adam use to carry out his investigations in more

extensive and elaborate manner?

  1. Windows XP

  2. Mac OS

  3. MINIX 3

  4. Linux

Answer: B

Question No: 134 – (Topic 2)

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN

), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the following is the required information that you will need to configure the client computer?

Each correct answer represents a part of the solution. Choose two.

  1. WEP key

  2. MAC address of the router

  3. IP address of the router

  4. SSID of the WLAN

Answer: A,D

Question No: 135 – (Topic 2)

Which of the following tools uses exploits to break into remote operating systems?

  1. Nessus

  2. Metasploit framework

  3. Nmap

  4. John the Ripper

Answer: B

Question No: 136 – (Topic 2)

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of the Bluehill Inc. For this, you start monitoring the network traffic of the Bluehill Inc.

In this process, you get that there are too many FTP packets traveling in the Bluehill Inc. network.

Now, you want to sniff the traffic and extract usernames and passwords of the FTP server. Which of the following tools will you use to accomplish the task?

  1. Ettercap

  2. L0phtcrack

  3. NetStumbler

  4. SARA

Answer: A

Question No: 137 – (Topic 2)

Which of the following tools connects to and executes files on remote systems?

  1. Spector

  2. Hk.exe

  3. PsExec

  4. GetAdmin.exe

Answer: C

Question No: 138 – (Topic 2)

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 Active Directory domain-based network. The domain consists of a domain controller, two Windows 2003 member servers, and one hundred client computers. The company employees use laptops with Windows XP Professional. These laptops are equipped with wireless network cards that are used to connect to access points located in the Marketing department of the company. The company employees log on to the domain by using a user name and password combination. The wireless network has been configured with WEP in addition to 802.1x. Mark wants to provide the best level of security for the kind of authentication used by the company. What will Mark do to accomplish the task?

  1. Use EAP-TLS

  2. Use MD5

  3. Use PEAP

  4. Use IPSec

Answer: C

Question No: 139 – (Topic 2)

Ryan wants to create an ad hoc wireless network so that he can share some important files with another employee of his company. Which of the following wireless security protocols should he choose for setting up an ad hoc wireless network?

Each correct answer represents a part of the solution. Choose two.

  1. WPA2 -EAP

  2. WPA-PSK

  3. WPA-EAP

  4. WEP

Answer: B,D

Question No: 140 – (Topic 2)

Which of the following United States laws protects stored electronic information?

  1. Title 18, Section 1029

  2. Title 18, Section 1362

  3. Title 18, Section 2701

  4. Title 18, Section 2510

Answer: D

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE