[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 21-30

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!
http://www.CollectDumps.com/GPEN.html

GIAC Penetration Tester

Question No: 21 – (Topic 1)

Which of the following is a WEP weakness that makes it easy to Inject arbitrary clear text packets onto a WEP network?

  1. Reversible hashes use for IVs

  2. Cryptographically weak CRC32 checksum

  3. RC4 algorithm

  4. Small key space

Answer: D

Question No: 22 – (Topic 1)

Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

  1. This is where sites typically store sensitive information such as credit card numbers.

  2. These tables contain a list of allowed database applications

  3. The information in these tables will reveal details about the web application#39;s code.

  4. These tables contain metadata that can be queried to gain additional helpful information.

Answer: D

Reference:

http://www.rackspace.com/knowledge_center/article/sql-injection-in-mysql

Question No: 23 – (Topic 1)

You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the svchost process. After modifying some files to set up a persistent backdoor you realize that you will need to change the modified and access times of the files to ensure that the administrator can#39;t see the changes you made. Which

Meterpreter module would you need to load in order to do this?

  1. Core

  2. Priv

  3. Stdapi

  4. Browser

Answer: D

Question No: 24 – (Topic 1)

Which of the following is a method of gathering user names from a Linux system?

  1. Displaying the owner information of system-specific binaries

  2. Reviewing the contents of the system log files

  3. Gathering listening services from the xinetd configuration files

  4. Extracting text strings from the system password file

Answer: C

Reference:

https://access.redhat.com/documentation/en- US/Red_Hat_Enterprise_Linux/6/pdf/Security_Guide/Red_Hat_Enterprise_Linux-6- Security_Guide-en-US.pdf

Question No: 25 – (Topic 1)

You#39;ve been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is quot;loadingquot; but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn#39;t displayed the page yet?

Collectdumps 2017 PDF and VCE

  1. The proxy is likely hung and must be restarted.

  2. The proxy is configured to trap responses.

  3. The proxy is configured to trap requests.

  4. The site you are trying to reach is currently down.

Answer: C

Question No: 26 – (Topic 1)

Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?

  1. No triggering of IDS signatures from the attack privileges at the level of theacquired password hash and no corruption of the LSASS process.

  2. No triggering of IDS signatures from the attack, no account lockout and use ofnative windows file and print sharing tools on the compromised system.

  3. No account lockout, privileges at the level of the acquired password hash and useof native windows file and print Sharif tools on the compromised system.

  4. No account lockout, use of native file and print sharing tools on the compromisedsystem and no corruption of the LSASS process.

Answer: D

Question No: 27 – (Topic 1)

You are performing a wireless penetration lest and are currently looking for rogue access

points in one of their large facilities. You need to select an antenna that you can setup in a building and monitor the area for several days to see if any access points are turned on during the duration of the test. What type of antenna will you be selecting for this task?

  1. High gain and Omni-Directional

  2. High gain and Directional

  3. Low gain and Omni-Directional

  4. Low gain and Directional

Answer: B

Question No: 28 – (Topic 1)

Which of the following best describes a server side exploit?

  1. Attack on the physical machine

  2. Attack of a service listening on a network port

  3. Attack that escalates user privilege to root or administrator

  4. Attack of a client application that retrieves content from the network

Answer: C

Question No: 29 – (Topic 1)

How can web server logs be leveraged to perform Cross-Site Scripting (XSSI?

  1. Web logs containing XSS may execute shell scripts when opened In a GUI textbrowser

  2. XSS attacks cause web logs to become unreadable and therefore are an effective DOS attack.

  3. If web logs are viewed in a web-based console, log entries containing XSS mayexecute on the browser.

  4. When web logs are viewed in a terminal. XSS can escape to the shell and executecommands.

Answer: C

Question No: 30 – (Topic 1)

Which Metasploit payload includes simple upload and download functionality for moving files to and from compromised systems?

  1. DLL inject

  2. Upexec

  3. Meterpreter

  4. Vncinject

Answer: D

Reference:

http://www.opensourceforu.com/2011/02/metasploit-meterpreter-payload/

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE