[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 161-170

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 161 – (Topic 2)

You want to perform an active session hijack against Secure Inc. You have found a target that allows Telnet session. You have also searched an active session due to the high level of traffic on the network. What should you do next?

  1. Use a sniffer to listen network traffic.

  2. Use macoff to change MAC address.

  3. Guess the sequence numbers.

  4. Use brutus to crack telnet password.

Answer: C

Question No: 162 – (Topic 2)

John works as a Penetration Tester in a security service providing firm named you-are- secure Inc.

Recently, John#39;s company has got a project to test the security of a promotional Website www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:

lt;scriptgt;alert(#39;Hi, John#39;)lt;/scriptgt;

After pressing the search button, a pop-up box appears on his screen with the text – quot;Hi, John.quot;

Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?

  1. Replay attack

  2. Buffer overflow attack

  3. CSRF attack

  4. XSS attack

Answer: D

Question No: 163 – (Topic 2)

Which of the following statements are true about firewalking?

Each correct answer represents a complete solution. Choose all that apply.

  1. To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

  2. Firewalking works on the UDP packets.

  3. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.

  4. A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.

Answer: A,C,D

Question No: 164 – (Topic 2)

Which of the following Web authentication techniques uses a single sign-on scheme?

  1. NTLM authentication

  2. Microsoft Passport authentication

  3. Basic authentication

  4. Digest authentication

Answer: B

Question No: 165 – (Topic 2)

You run the following bash script in Linux:

for i in #39;cat hostlist.txt#39; ;do nc -q 2 -v $i 80 lt; request.txt done where, hostlist.txt file contains the list of IP addresses and request.txt is the output file.

Which of the following tasks do you want to perform by running this script?

  1. You want to perform port scanning to the hosts given in the IP address list.

  2. You want to transfer file hostlist.txt to the hosts given in the IP address list.

  3. You want to perform banner grabbing to the hosts given in the IP address list.

  4. You want to put nmap in the listen mode to the hosts given in the IP address list.

Answer: C

Question No: 166 – (Topic 2)

Which protocol would need to be available on a target in order for Nmap to identify services like IMAPS and POP3S?

  1. HTTPS

  2. SSL

  3. LDAP

  4. TLS

Answer: A

Reference: http://nmap.org/book/vscan.html

Question No: 167 – (Topic 2)

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  1. Post-attack phase

  2. Attack phase

  3. Pre-attack phase

  4. On-attack phase

    Answer: C

    Question No: 168 – (Topic 2)

    This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:

    It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.

    It is commonly used for the following purposes:

    1. War driving

    2. Detecting unauthorized access points

    3. Detecting causes of interference on a WLAN

    4. WEP ICV error tracking

    5. Making Graphs and Alarms on 802.11 Data, including Signal Strength This tool is known as .

      1. Absinthe

      2. THC-Scan

      3. NetStumbler

      4. Kismet

Answer: C

Question No: 169 – (Topic 2)

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?

  1. The zombie computer is not connected to the we-are-secure.com Web server.

  2. The zombie computer is the system interacting with some other system besides your comp uter.

  3. Hping does not perform idle scanning.

  4. The firewall is blocking the scanning process.

Answer: B

Question No: 170 – (Topic 2)

What difference would you expect to result from running the following commands;

(I). S dig 漏ns domain.com target.com -t AXFR and

(2). S dig 漏ns.domain.com target.com -t IXFR=1002200301

  1. Command (I) will display incremental information about a domain and command (2) Will provide only 1002200301 bytes of information

  2. Command (1) will display all information about a domain and command (2) willprovide only incremental updates from SOA 1002200301

  3. Command (I) will display all information about a domain and command (2) willprovide only incremental updates up to SOA 1002200301

  4. Command (I) will display all information about a domain and command (2) willprovide only 1002200301 bytes of information

Answer: B

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE