Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home GIAC GPEN

GIAC GPEN Exam Practice Questions (P. 4)

  • Full Access (385 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #31
When DNS is being used for load balancing, why would a penetration tester choose to identify a scan target by its IP address rather than its host name?
  1. A
    Asingle IP may have multiple domains.
  2. B
    A single domain name can only have one IP address.
  3. C
    Scanning tools only recognize IP addresses
  4. D
    A single domain name may have multiple IP addresses.

Correct Answer:
C
Reference:
http://www.flashcardmachine.com/sec-midterm.html

Question #32
What problem occurs when executing the following command from within a netcat raw shell? sudo cat /etc/shadow
  1. A
    Sudo does not work at all from a shell
  2. B
    Sudo works fine if the user and command are both in the /etc/sudoers file
  3. C
    The display blanks after typing the sudo command
  4. D
    You will not be able to type the password at the password prompt

Correct Answer:
A

Question #33
You are pen testing a Windows system remotely via a raw netcat shell. You want to get a listing of all the local users in the administrators group, what command would you use?
  1. A
    Net account administrators
  2. B
    Net user administrators
  3. C
    Net localgroup administrators
  4. D
    Net localuser administrators

Correct Answer:
C

Question #34
Analyze the screenshot below. What type of vulnerability is being attacked?

  1. A
    Windows Server service
  2. B
    Internet Explorer
  3. C
    Windows Powershell
  4. D
    Local Security Authority

Correct Answer:
B

Question #35
You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the smss process. You want to dump the SAM database of the remote system so you can crack it offline. Which Meterpreter module would you need to load in addition to the defaults so that you can accomplish this?
  1. A
    Core
  2. B
    Priv
  3. C
    Stdapi
  4. D
    Hashdump

Correct Answer:
C

Question #36
Which of the following is the feature that separates the use of Rainbow Tables from other applications such as Cain or John the Ripper?
  1. A
    Salts are used to create massive password databases for comparison.
  2. B
    Applications take advantage of 64-bit CPU processor and multithread the crackingprocess.
  3. C
    Data Is aligned efficiently in the rainbow tables making the search process quicker
  4. D
    Raw hashed passwords are compared to pre-calculated hash tables.

Correct Answer:
B

Question #37
You suspect that system administrators In one part of the target organization are turning off their systems during the times when penetration tests are scheduled, what feature could you add to the ' Rules of engagement' that could help your team test that part of the target organization?
  1. A
    Un announced test
  2. B
    Tell response personnel the exact lime the test will occur
  3. C
    Test systems after normal business hours
  4. D
    Limit tests to business hours

Correct Answer:
C

Question #38
You are conducting a penetration test for a private contractor located in Singapore. The scope extends to all internal hosts controlled by the company, you have gathered necessary hold-harmless and nondisclosure agreements. Which action by your group can incur criminal liability under Chapter 50a, Computer Misuse
Act?
  1. A
    Exploiting vulnerable web services on internal hosts
  2. B
    Attempts at social engineering employees via telephone calls
  3. C
    Testing denial-of-service tolerance of the communications provider
  4. D
    Cracking password hashes on the corporate domain server

Correct Answer:
D

Question #39
Which of the following is a WEP weakness that makes it easy to Inject arbitrary clear text packets onto a WEP network?
  1. A
    Reversible hashes use for IVs
  2. B
    Cryptographically weak CRC32 checksum
  3. C
    RC4 algorithm
  4. D
    Small key space

Correct Answer:
D

Question #40
During a penetration test we determine that TCP port 22 is listening on a target host. Knowing that SSHD is the typical service that listens on that port we attempt to validate that assumption with an SSH client but our effort Is unsuccessful. It turns out that it is actually an Apache webserver listening on the port, which type of scan would have helped us to determine what service was listening on port 22?
  1. A
    Version scanning
  2. B
    Port scanning
  3. C
    Network sweeping
  4. D
    OS fingerprinting

Correct Answer:
C

Previous Questions Next Questions

All Pages