[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 41-50

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 41 – (Topic 1)

Which of the following file transfer programs will automatically convert end-of line characters between different platforms when placed in ASCII Mode?

  1. ftp

  2. nc

  3. tftp

  4. scp

Answer: A



Question No: 42 – (Topic 1)

What is the most likely cause of the responses on lines 10 and 11 of the output below?

Collectdumps 2017 PDF and VCE

  1. The device at hop 10 silently drops UDP packets with a high destination port.

  2. The device at hop 10 is down and not forwarding any requests at all.

  3. The host running the tracer utility lost its network connection during the scan

  4. The devices at hops 10 and II did not return an quot;ICMP TTL Exceeded in Transitquot; message.

Answer: D

Question No: 43 – (Topic 1)

Which of the following is the feature that separates the use of Rainbow Tables from other applications such as Cain or John the Ripper?

  1. Salts are used to create massive password databases for comparison.

  2. Applications take advantage of 64-bit CPU processor and multithread the crackingprocess.

  3. Data Is aligned efficiently in the rainbow tables making the search process quicker

  4. Raw hashed passwords are compared to pre-calculated hash tables.

Answer: B

Question No: 44 – (Topic 1)

You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the smss process. You want to dump the SAM database of the remote system so you can crack it offline. Which Meterpreter module would you need to load in addition to the defaults so that you can accomplish this?

  1. Core

  2. Priv

  3. Stdapi

  4. Hashdump

Answer: C

Question No: 45 – (Topic 1)

Analyze the command output below. What information can the tester infer directly from the information shown?

Collectdumps 2017 PDF and VCE

  1. The administrator account has no password

  2. Null sessions are enabled on the target

  3. The target host is running Linux with Samba services

  4. Account lockouts must be reset by the Administrator

Answer: C

Question No: 46 – (Topic 1)

Which of the following is the number of bits of encryption that 64-bit Wired Equivalent Privacy (WEP) effectively provides?

  1. 64

  2. 40

  3. 60

  4. 44

Answer: A

Reference: http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

Question No: 47 – (Topic 1)

You are pen testing a network and have shell access to a machine via Netcat. You try to use ssh to access another machine from the first machine. What is the expected result?

  1. The ssh connection will succeed If you have root access on the intermediate machine

  2. The ssh connection will fail

  3. The ssh connection will succeed

  4. The ssh connection will succeed if no password required

Answer: C

Question No: 48 – (Topic 1)

Analyze the screenshot below. What event is depicted?

Collectdumps 2017 PDF and VCE

  1. An exploit that was attempted does not work against the target selected.

  2. A payload was used that is not compatible with the chosen exploit.

  3. The exploit is designed to work against the local host only.

  4. The payload Is designed to create an interactive session.

Answer: D

Question No: 49 – (Topic 1)

You suspect that system administrators In one part of the target organization are turning off their systems during the times when penetration tests are scheduled, what feature could you add to the #39; Rules of engagement#39; that could help your team test that part of the target organization?

  1. Un announced test

  2. Tell response personnel the exact lime the test will occur

  3. Test systems after normal business hours

  4. Limit tests to business hours

Answer: C

Question No: 50 – (Topic 1)

Why is OSSTMM beneficial to the pen tester?

  1. It provides a legal and contractual framework for testing

  2. It provides in-depth knowledge on tools

  3. It provides report templates

  4. It includes an automated testing engine similar to Metasploit

Answer: C



100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE