[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 141-150

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 141 – (Topic 2)

Anonymizers are the services that help make a user#39;s own Web surfing anonymous. An anonymizer removes all the identifying information from a user#39;s computer while the user surfs the Internet. It ensures the privacy of the user in this manner. After the user

anonymizes a Web access with an anonymizer prefix, every subsequent link selected is also automatically accessed anonymously. Which of the following are limitations of anonymizers?

Each correct answer represents a complete solution. Choose all that apply.

  1. Java applications

  2. Secure protocols

  3. ActiveX controls

  4. JavaScript

  5. Plugins

Answer: A,B,C,D,E

Question No: 142 CORRECT TEXT – (Topic 2)

Fill in the blank with the appropriate tool.

scans IP networks for NetBIOS name information and works in the same manner as nbtstat, but it operates on a range of addresses instead of just one.

Answer: NBTscan

Question No: 143 – (Topic 2)

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone#39;s DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

  1. NSLookup

  2. Host

  3. DSniff

  4. Dig

Answer: A,B,D

Question No: 144 – (Topic 2)

Which of following tasks can be performed when Nikto Web scanner is using a mutation technique?

Each correct answer represents a complete solution. Choose all that apply.

  1. Guessing for password file names.

  2. Sending mutation payload for Trojan attack.

  3. Testing all files with all root directories.

  4. Enumerating user names via Apache.

Answer: A,C,D

Question No: 145 – (Topic 2)

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

  1. History folder

  2. Temporary Internet Folder

  3. Cookies folder

  4. Download folder

Answer: A,B,C

Question No: 146 CORRECT TEXT – (Topic 2)

Write the appropriate attack name to fill in the blank.

In a DoS attack, the attacker sends a spoofed TCP SYN packet in which the IP address of the target is filled in both the source and destination fields.

Answer: land

Question No: 147 – (Topic 2)

Which of the following is the frequency range to tune IEEE 802.11a network?

A. 1.15-3.825 GHz

B. 5.15-5.825 GHz

C. 5.25-9.825 GHz

D. 6.25-9.825 GHz

Answer: B

Question No: 148 – (Topic 2)

What happens when you scan a broadcast IP address of a network?

Each correct answer represents a complete solution. Choose all that apply.

  1. It will show an error in the scanning process.

  2. Scanning of the broadcast IP address cannot be performed.

  3. It may show smurf DoS attack in the network IDS of the victim.

  4. It leads to scanning of all the IP addresses on that subnet at the same time.

Answer: C,D

Question No: 149 – (Topic 2)

You work as a Web developer in the IBM Inc. Your area of proficiency is PHP. Since you have proper knowledge of security, you have bewared from rainbow attack. For mitigating this attack, you design the PHP code based on the following algorithm:

key = hash(password salt) for 1 to 65000 do

key = hash(key salt)

Which of the following techniques are you implementing in the above algorithm?

  1. Key strengthening

  2. Hashing

  3. Sniffing

  4. Salting

Answer: A

Question No: 150 – (Topic 2)

Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter committing?

  1. E-mail spoofing

  2. E-mail Spam

  3. E-mail bombing

  4. E-mail Storm

Answer: B

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE