GIAC GCIH Exam Practice Questions (P. 5)
- Full Access (842 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #41
Which of the following methods can be used to detect session hijacking attack?
send
light_mode
delete
Question #42
Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?
send
light_mode
delete
Question #43
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?
- ABlock all outgoing traffic on port 21
- BBlock all outgoing traffic on port 53
- CBlock ICMP type 13 messages
- DBlock ICMP type 3 messagesMost Voted
Correct Answer:
C
C
send
light_mode
delete
Question #44
Which of the following are types of access control attacks?
Each correct answer represents a complete solution. (Choose all that apply.)
Each correct answer represents a complete solution. (Choose all that apply.)
send
light_mode
delete
Question #45
Which of the following attacks come under the category of layer 2 Denial-of-Service attacks?
Each correct answer represents a complete solution. (Choose all that apply.)
Each correct answer represents a complete solution. (Choose all that apply.)
- ASpoofing attack
- BSYN flood attack
- CPassword cracking
- DRF jamming attack
Correct Answer:
AB
AB
send
light_mode
delete
Question #46
You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast traffic. What is this most likely to be an indicator of?
send
light_mode
delete
Question #47
Which of the following is a reason to implement security logging on a DNS server?
- AFor preventing malware attacks on a DNS server
- BFor measuring a DNS server's performance
- CFor monitoring unauthorized zone transfer
- DFor recording the number of queries resolved
Correct Answer:
C
C
send
light_mode
delete
Question #48
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?
send
light_mode
delete
Question #49
Which of the following is spy software that records activity on Macintosh systems via snapshots, keystrokes, and Web site logging?
send
light_mode
delete
Question #50
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using
Nessus?
Each correct answer represents a complete solution. (Choose all that apply.)
Nessus?
Each correct answer represents a complete solution. (Choose all that apply.)
- AMisconfiguration (e.g. open mail relay, missing patches, etc.)
- BVulnerabilities that allow a remote cracker to control sensitive data on a system
- CVulnerabilities that allow a remote cracker to access sensitive data on a system
- DVulnerabilities that help in Code injection attacks
Correct Answer:
ABC
ABC
send
light_mode
delete
All Pages