[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 241-250

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 241 – (Topic 3)

You work as an IT Technician for uCertify Inc. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company#39;s wireless network. On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?

  1. MAC Filtering

  2. SSID

  3. RAS

  4. WEP

Answer: A

Question No: 242 – (Topic 3)

Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

  1. Single quote (#39;)

  2. Semi colon (;)

  3. Double quote (quot;)

  4. Dash (-)

Answer: A

Question No: 243 – (Topic 3)

GSM uses either A5/1 or A5/2 stream cipher for ensuring over-the-air voice privacy. Which of the following cryptographic attacks can be used to break both ciphers?

  1. Man-in-the-middle attack

  2. Ciphertext only attack

  3. Known plaintext attack

  4. Replay attack

Answer: B

Question No: 244 – (Topic 3)

Which of the following tools can be used by a user to hide his identity? Each correct answer represents a complete solution. Choose all that apply.

  1. IPchains

  2. Rootkit

  3. Proxy server

  4. War dialer

  5. Anonymizer

Answer: A,C,E

Question No: 245 – (Topic 3)

You work as a Network Administrator in the Secure Inc. Your company is facing various network attacks due to the insecure wireless network. You are assigned a task to secure your wireless network. For this, you have turned off broadcasting of the SSID. However, the unauthorized users are still able to connect to the wireless network. Which of the following statements can be the reason for this issue?

Each correct answer represents a complete solution. Choose all that apply.

  1. You have forgotten to turn off DHCP.

  2. You are using WPA2 security scheme.

  3. The SSID is still sent inside both client and AP packets.

  4. You are using the default SSID.

Answer: A,C,D

Question No: 246 – (Topic 3)

Which of the following can be used as a countermeasure against the SQL injection attack? Each correct answer represents a complete solution. Choose two.

  1. mysql_escape_string()

  2. session_regenerate_id()

  3. mysql_real_escape_string()

  4. Prepared statement

Answer: C,D

Question No: 247 – (Topic 3)

Adam is a novice Internet user. He is using Google search engine to search documents of his interest. Adam wants to search the text present in the link of a Website. Which of the following operators will he use in his query to accomplish the task?

  1. inanchor

  2. info

  3. link

  4. site

Answer: A

Question No: 248 – (Topic 3)

You run the following command while using Nikto Web scanner:

perl nikto.pl -h -p 443 What action do you want to perform?

  1. Updating Nikto.

  2. Seting Nikto for network sniffing.

  3. Port scanning.

  4. Using it as a proxy server.

Answer: C

Question No: 249 – (Topic 3)

You want to retrieve the default security report of nessus. Which of the following google search queries will you use?

  1. site:pdf nessus quot;Assessment reportquot;

  2. filetype:pdf nessus

  3. filetype:pdf quot;Assessment Reportquot; nessus

  4. link:pdf nessus quot;Assessment reportquot;

Answer: C

Question No: 250 – (Topic 3)

Which of the following tools allows you to download World Wide Web sites from the Internet to a local computer?

  1. Netcraft

  2. HTTrack

  3. Netstat

  4. Cheops-ng

Answer: B

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE