Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home GIAC GPEN

GIAC GPEN Exam Practice Questions (P. 5)

  • Full Access (385 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #41
Which type of Cross-Sire Scripting (XSS> vulnerability is hardest for automated testing tools to detect, and for what reason?
  1. A
    Stored XSS. because it may be located anywhere within static or dynamic sitecontent
  2. B
    Stored XSS. because it depends on emails and instant messaging systems.
  3. C
    Reflected XSS. because It can only be found by analyzing web server responses.
  4. D
    Reflected XSS: because it is difficult to find within large web server logs.

Correct Answer:
A

Question #42
You are using the Nmap Scripting Engine and want detailed output of the script as it runs. Which option do you include in the command string?
  1. A
    Nmap --script-output -script-SSH-hostkey.nse 155.65.3.221 -p 22
  2. B
    Nmap --script-trace --script-ssh-hostkey.nse 155.65.3.221 -p 22
  3. C
    Nmap -script-verbose --scrlpr-ssh-hostkey.nse 155.65.3.221 -p 22
  4. D
    Nmap -v --script=ssh-hostkey.nse 155.65.3.221 -p 22

Correct Answer:
C

Question #43
What is the purpose of the following command?
C:\>wmic /node:[target IP] /user:[admin-user]
/password:[password] process call create [command]
  1. A
    Running a command on a remote Windows machine
  2. B
    Creating a service on a remote Windows machine
  3. C
    Creating an admin account on a remote Windows machine
  4. D
    Listing the running processes on a remote windows machine

Correct Answer:
D

Question #44
Approximately how many packets are usually required to conduct a successful FMS attack onWEP?
  1. A
    250.000
  2. B
    20.000
  3. C
    10.000,000
  4. D
    l (with a weak IV)

Correct Answer:
B

Question #45
What is the most likely cause of the responses on lines 10 and 11 of the output below?

  1. A
    The device at hop 10 silently drops UDP packets with a high destination port.
  2. B
    The device at hop 10 is down and not forwarding any requests at all.
  3. C
    The host running the tracer utility lost its network connection during the scan
  4. D
    The devices at hops 10 and II did not return an "ICMP TTL Exceeded in Transit" message.

Correct Answer:
D

Question #46
A penetration tester wishes to stop the Windows Firewall process on a remote host running Windows Vista She issues the following commands:

A check of the remote host indicates that Windows Firewall is still running. Why did the command fail?
  1. A
    The kernel prevented the command from being executed.
  2. B
    The user does not have the access level needed to stop the firewall.
  3. C
    The sc command needs to be passed the IP address of the target.
  4. D
    The remote server timed out and did not complete the command.

Correct Answer:
C

Question #47
By default Active Directory Controllers store password representations in which file?
  1. A
    %system roots .system 32/ntds.dit
  2. B
    %System roots /ntds\ntds.dit
  3. C
    %System roots /ntds\sam.dat
  4. D
    %System roots /ntds\sam.dit

Correct Answer:
A
Reference:
http://www.scribd.com/doc/212238158/Windows-Administrator-L2-Interview-Question-System-Administrator#scribd

Question #48
192.168.116.9 Is an IP address forvvww.scanned-server.com. Why are the results from the two scans, shown below, different?

  1. A
    John.pot
  2. B
    John conf
  3. C
    John.rec
  4. D
    John.ini

Correct Answer:
C

Question #49
You have been contracted to perform a black box pen test against the Internet facing servers for a company. They want to know, with a high level of confidence, if their servers are vulnerable to external attacks. Your contract states that you can use all tools available to you to pen test the systems. What course of action would you use to generate a report with the lowest false positive rate?
  1. A
    Use a port scanner to find open service ports and generate a report listing allvulnerabilities associated with those listening services.
  2. B
    Use a vulnerability or port scanner to find listening services and then try to exploitthose services.
  3. C
    Use a vulnerability scanner to generate a report of vulnerable services.
  4. D
    Log into the system and record the patch levels of each service then generate areport that lists known vulnerabilities for all the running services.

Correct Answer:
B

Question #50
You successfully compromise a target system's web application using blind command injection. The command you injected is ping-n 1 192.168.1.200. Assuming your machine is 192.168.1 200, which of the following would you see?
  1. A
    Ping-n 1 192.168.1 200 on the compromised system
  2. B
    A 'Destination host unreachable' error message on the compromised system
  3. C
    A packet containing 'Packets: Sent - 1 Received = 1, Loss = 0 (0% loss) on yoursniffer
  4. D
    An ICMP Echo packet on your sniffer containing the source address of the target

Correct Answer:
A

Previous Questions Next Questions

All Pages