Up To Date GIAC Certified Incident Handler GCIH Dump

Exam Code: GCIH (Practice Exam Latest Test Questions VCE PDF)
Exam Name: GIAC Certified Incident Handler
Certification Provider: GIAC
Free Today! Guaranteed Training- Pass GCIH Exam.

Free demo questions for GIAC GCIH Exam Dumps Below:

NEW QUESTION 1
Which of the following attacks involves multiple compromised systems to attack a single target?

  • A. Brute force attack
  • B. Replay attack
  • C. Dictionary attack
  • D. DDoS attack

Answer: D

NEW QUESTION 2
Which of the following netcat parameters makes netcat a listener that automatically restarts itself when a connection is dropped?

  • A. -u
  • B. -l
  • C. -p
  • D. -L

Answer: D

NEW QUESTION 3
Which of the following are based on malicious code?
Each correct answer represents a complete solution. Choose two.

  • A. Denial-of-Service (DoS)
  • B. Biometrics
  • C. Trojan horse
  • D. Worm

Answer: CD

NEW QUESTION 4
Adam, a novice web user, is very conscious about the security. He wants to visit the Web site that is known to have malicious applets and code. Adam always makes use of a basic Web Browser to perform such testing.
Which of the following web browsers can adequately fill this purpose?

  • A. Mozilla Firefox
  • B. Internet explorer
  • C. Lynx
  • D. Safari

Answer: C

NEW QUESTION 5
Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target and the valid user cannot be active.
  • B. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the target but the valid user can be active.
  • C. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is disconnected.
  • D. Session hijacking is an attack in which an attacker takes over the session, and the valid user's session is not disconnected.

Answer: BD

NEW QUESTION 6
Which of the following rootkits is able to load the original operating system as a virtual machine, thereby enabling it to intercept all hardware calls made by the original operating system?

  • A. Kernel level rootkit
  • B. Boot loader rootkit
  • C. Hypervisor rootkit
  • D. Library rootkit

Answer: C

NEW QUESTION 7
Which of the following tools uses common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures of the rootkits?

  • A. rkhunter
  • B. OSSEC
  • C. chkrootkit
  • D. Blue Pill

Answer: C

NEW QUESTION 8
108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 9
Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.
Which of the following is the destination MAC address of a broadcast frame?

  • A. 0xDDDDDDDDD
  • B. 0x00000000000
  • C. 0xFFFFFFFFFFFF
  • D. 0xAAAAAAAAAA

Answer: C

NEW QUESTION 10
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

  • A. Brute force attack
  • B. Mail bombing
  • C. Distributed denial of service (DDOS) attack
  • D. Malware installation from unknown Web sites

Answer: D

NEW QUESTION 11
Which of the following reads and writes data across network connections by using the TCP/IP protocol?

  • A. Fpipe
  • B. NSLOOKUP
  • C. Netcat
  • D. 2Mosaic

Answer: C

NEW QUESTION 12
Which of the following hacking tools provides shell access over ICMP?

  • A. John the Ripper
  • B. Nmap
  • C. Nessus
  • D. Loki

Answer: D

NEW QUESTION 13
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre- attack phase:
l Information gathering
l Determining network range
l Identifying active machines
l Finding open ports and applications
l OS fingerprinting
l Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Ettercap
  • B. Traceroute
  • C. Cheops
  • D. NeoTrace

Answer: BCD

NEW QUESTION 14
Which of the following are used to identify who is responsible for responding to an incident?

  • A. Disaster management policies
  • B. Incident response manuals
  • C. Disaster management manuals
  • D. Incident response policies

Answer: D

NEW QUESTION 15
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

  • A. Hardware
  • B. Grayware
  • C. Firmware
  • D. Melissa

Answer: B

NEW QUESTION 16
Which of the following types of skills are required in the members of an incident handling team?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Organizational skills
  • B. Diplomatic skills
  • C. Methodical skills
  • D. Technical skills

Answer: ABD

NEW QUESTION 17
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.

  • A. It contains Trojans.
  • B. It is a virus.
  • C. It is antivirus.
  • D. It is a collection of various hacking tools.

Answer: AD

NEW QUESTION 18
......

P.S. Easily pass GCIH Exam with 328 Q&As Certshared Dumps & pdf Version, Welcome to Download the Newest Certshared GCIH Dumps: https://www.certshared.com/exam/GCIH/ (328 New Questions)