[Free] 2017(Sep) CollectDumps Dumpsleader GIAC GPEN Dumps with VCE and PDF 91-100

CollectDumps 2017 Sep GIAC Official New Released GPEN
100% Free Download! 100% Pass Guaranteed!

GIAC Penetration Tester

Question No: 91 – (Topic 1)

How can a non-privileged user on a Unix system determine if shadow passwords are being used?

  1. Read /etc/password and look for quot;xquot; or “II” in the second colon-delimited field

  2. Read /etc/shadow and look for “x” or “II” in the second colon-delimited field

  3. Verify that /etc/password has been replaced with /etc/shadow

  4. Read /etc/shadow and look NULL values In the second comma delimited field

Answer: B

Question No: 92 – (Topic 1)

You are pen testing a system and want to use Metasploit 3.X to open a listening port on the system so you can access it via a netcat shell. Which stager would you use to have the system listen on TCP port 50000?

  1. Reverse.tcp

  2. Bind.tcp

  3. Fincltag.ord

  4. Passivex

Answer: B

Question No: 93 – (Topic 1)

Raw netcat shells and telnet terminals share which characteristic?

  1. Ability to send commands to a target machine.

  2. Ability to adapt output to the size of display window

  3. Shells and terminals are exactly the same.

  4. Ability to process standard output control sequences.

Answer: D



Question No: 94 – (Topic 1)

You are pen testing a Windows system remotely via a raw netcat shell. You want to get a listing of all the local users in the administrators group, what command would you use?

  1. Net account administrators

  2. Net user administrators

  3. Net localgroup administrators

  4. Net localuser administrators

Answer: C

Question No: 95 – (Topic 1)

While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers:

C:\gt;sc winternet.host.com create ncservicebinpath- quot;c:\tools\ncexe -I -p 2222 -e cmd.exequot; C:\gt;sc vJnternet.host.com query ncservice.

What is the intent of the commands?

  1. The first command creates a backdoor shell as a service. It is being started on TCP2222 using cmd.exe. The second command verifies the service is created and itsstatus.

  2. The first command creates a backdoor shell as a service. It is being started on UDP2222 using cmd.exe. The second command verifies the service is created and itsstatus.

  3. This creates a service called ncservice which is linked to the cmd.exe command andits designed to stop any instance of nc.exe being run. The second command verifiesthe service is created and its status.

  4. The first command verifies the service is created and its status. The secondcommand creates a backdoor shell as a service. It is being started on TCP 2222connected to cmd.exe.

Answer: C

Question No: 96 – (Topic 1)

What is the main difference between LAN MAN and NTLMv1 challenge/responses?

  1. NTLMv1 only pads IS bytes, whereas LANMAN pads to 21 bytes

  2. NTLMv1 starts with the NT hash, whereas LANMAN starts with the LANMAN hash

  3. NTLMv1utilizes DES, whereas LANMAN utilizes MD4

  4. NTLMv1 splits the hash into 3 eight-byte pieces, whereas LAN MAN splits the hash Into 3 seven-byte pieces

Answer: A

Question No: 97 – (Topic 1)

You#39;ve been contracted by the owner of a secure facility to try and break into their office in the middle of the night. Your client requested photographs of any sensitive information found as proof of your accomplishments. The job you#39;ve been hired to perform is an example of what practice?

  1. Penetration Testing

  2. Ethical Hacking

  3. Vulnerability Assessing

  4. Security Auditing

Answer: B

Question No: 98 – (Topic 1)

When attempting to crack a password using Rainbow Tables, what is the output of the reduction function?

  1. A new potential chain

  2. A new potential table

  3. A new potential password

  4. A new potential hash

Answer: D

Reference: http://en.wikipedia.org/wiki/Rainbow_table

Question No: 99 – (Topic 1)

You are pen testing a Linux target from your windows-based attack platform. You just moved a script file from the windows system to the Linux target, but it will not execute properly. What is the most likely problem?

  1. The byte length is different on the two machines

  2. End of-line characters are different on the two machines

  3. The file must have become corrupt during transfer

  4. ASCII character sets are different on the two machines

Answer: A

Question No: 100 – (Topic 1)

A client has asked for a vulnerability scan on an internal network that does not have internet access. The rules of engagement prohibits any outside connection for the Nessus scanning machine. The customer has asked you to scan for a new critical vulnerability,

which was released after the testing started, winch of the following methods of updating the Nessus plugins does not violate the rules of engagement?

  1. Connect the scanning machine via wireless bridge and download the updateddirectly

  2. Change the routing and connect through an alternative gateway

  3. Proceed with the test and note the limitation of updating the plugins

  4. Download the updates on an alternative machine and manually load on scanningmachine

Answer: D

Topic 2, Volume B

100% Free Download!
Download Free Demo:GPEN Demo PDF
100% Pass Guaranteed!
Download 2017 CollectDumps GPEN Full Exam PDF and VCE

CollectDumps ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 CollectDumps IT Certification PDF and VCE