Printable & Easy to Use GCIH Dumps 100% Same Q&A In Your Real Exam
GCIH Practice Test Give You First Time Success with 100% Money Back Guarantee!
The GIAC GCIH exam is necessary for obtaining the GIAC Certified Incident Handler certification that validates the candidate’s skills in resolving incidents related to computer security.
The GCIH certification exam covers various topics related to incident handling, such as incident response, network security, malware analysis, and digital forensics. GCIH exam consists of 150 multiple-choice questions that are designed to assess the candidate's knowledge and understanding of various incident handling scenarios. GCIH exam is timed, and candidates have four hours to complete it. The passing score for the GCIH certification exam is 73%, and candidates who pass the exam are awarded the GIAC GCIH certification.
To prepare for the GIAC GCIH certification exam, candidates can enroll in a training course or study on their own. GIAC offers an official course that covers all the topics on the exam and provides hands-on experience with incident handling tools and techniques. Candidates can also purchase study materials, such as books, practice exams, and online courses, to supplement their learning.
NEW QUESTION # 157
Which of the following incident response team members ensures that the policies of the organization are enforced during the incident response?
- A. Legal representative
- B. Human Resource
- C. Information Security representative
- D. Technical representative
Answer: B
NEW QUESTION # 158
Which of the following is used to gather information about a remote network protected by a firewall?
- A. Warchalking
- B. Firewalking
- C. Wardialing
- D. Firechalking
Answer: B
NEW QUESTION # 159
You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?
- A. UPDATE DBM CONFIGURATION USING DFT_MON_TABLE
- B. UPDATE DBM CONFIGURATION USING DFT_MON_SORT
- C. UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP
- D. UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL
Answer: B
NEW QUESTION # 160
You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of
various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the
Web site login page and you run the following SQL query:
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = '[email protected]'; DROP TABLE members; --'
What task will the above SQL query perform?
- A. Deletes the rows of members table where email id is '[email protected]' given.
- B. Deletes the entire members table.
- C. Performs the XSS attacks.
- D. Deletes the database in which members table resides.
Answer: B
NEW QUESTION # 161
Which of the following steps can be taken as countermeasures against sniffer attacks?
Each correct answer represents a complete solution. Choose all that apply.
- A. Use encrypted protocols for all communications.
- B. Use switches instead of hubs since they switch communications, which means that information is
delivered only to the predefined host. - C. Use tools such as StackGuard and Immunix System to avoid attacks.
- D. Reduce the range of the network to avoid attacks into wireless networks.
Answer: A,B,D
NEW QUESTION # 162
Which of the following statements about reconnaissance is true?
- A. It is any program that allows a hacker to connect to a computer without going through the normal authentication process.
- B. It is a computer that is used to attract potential intruders or attackers.
- C. It is also known as half-open scanning.
- D. It describes an attempt to transfer DNS zone data.
Answer: D
Explanation:
Section: Volume B
NEW QUESTION # 163
Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology was looking to law enforcement officials to protect their intellectual property.
The intruder entered through an employee's home machine, which was connected to Umbrella Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge.
The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a remote location, posing as employees.
Which of the following actions can Adam perform to prevent such attacks from occurring in future?
- A. Allow VPN access but replace the standard authentication with biometric authentication
- B. Apply different security policy to make passwords of employees more complex
- C. Disable VPN access to all employees of the company from home machines
- D. Replace the VPN access with dial-up modem access to the company's network
Answer: C
Explanation:
Section: Volume C
NEW QUESTION # 164
Which of the following can be used as a countermeasure against the SQL injection attack?
Each correct answer represents a complete solution. Choose two.
- A. session_regenerate_id()
- B. mysql_real_escape_string()
- C. Prepared statement
- D. mysql_escape_string()
Answer: B,C
NEW QUESTION # 165
Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS
cache poisoning?
- A. BINDER
- B. Domain Name System Extension (DNSSEC)
- C. Stub resolver
- D. Split-horizon DNS
Answer: B
NEW QUESTION # 166
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?
- A. Backdoor
- B. Worm
- C. Spyware
- D. Adware
Answer: A
NEW QUESTION # 167
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?
- A. Backdoor
- B. Worm
- C. Spyware
- D. Adware
Answer: A
NEW QUESTION # 168
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing.
Recently, your company has assigned you a project to test the security of the we-aresecure.com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value.
What may be the reason?
- A. Hping does not perform idle scanning.
- B. The zombie computer is the system interacting with some other system besides your computer.
- C. The zombie computer is not connected to the we-are-secure.com Web server.
- D. The firewall is blocking the scanning process.
Answer: B
Explanation:
Section: Volume A
NEW QUESTION # 169
Which of the following statements about buffer overflow is true?
- A. It is a condition in which an application receives more data than it is configured to accept.
- B. It is a false warning about a virus.
- C. It manages security credentials and public keys for message encryption.
- D. It is a collection of files used by Microsoft for software updates released between major service pack releases.
Answer: A
NEW QUESTION # 170
John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection.
Which of the following scanning techniques will he use to accomplish this task?
- A. Xmas tree
- B. TCP SYN/ACK
- C. TCP FIN
- D. TCP SYN
Answer: D
NEW QUESTION # 171
You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Eradication
- B. Contamination
- C. Recovery
- D. Identification
- E. Preparation
Answer: A,B,C
NEW QUESTION # 172
Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic
altogether?
- A. Session hijacking
- B. ARP spoofing
- C. Port scanning
- D. Man-in-the-middle
Answer: B
NEW QUESTION # 173
Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication) l HTTP (HTML Form/CGI) l POP3 (Post Office Protocol v3) l FTP (File Transfer Protocol) l SMB (Server Message Block) l Telnet
Which of the following attacks can be performed by Brutus for password cracking? Each correct answer represents a complete solution. Choose all that apply.
- A. Dictionary attack
- B. Hybrid attack
- C. Replay attack
- D. Man-in-the-middle attack
- E. Brute force attack
Answer: A,B,E
NEW QUESTION # 174
John works as a Network Security Professional. He is assigned a project to test the security of
www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a
bad html request in order to retrieve information about the service on the host.
Which of the following attacks is John using?
- A. War driving
- B. Eavesdropping
- C. Banner grabbing
- D. Sniffing
Answer: C
NEW QUESTION # 175
Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of
DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the
target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then
disconnects the remote session. The employees of the company complain to Mark, who works as a Professional
Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some
irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has
accessed the network. Mark takes the help from Forensic Investigators and catches Jason.
Which of the following mistakes made by Jason helped the Forensic Investigators catch him?
- A. Jason did not perform port scanning.
- B. Jason did not perform foot printing.
- C. Jason did not perform covering tracks.
- D. Jason did not perform OS fingerprinting.
- E. Jason did not perform a vulnerability assessment.
Answer: C
NEW QUESTION # 176
Which of the following scanning tools is also a network analysis tool that sends packets with nontraditional IP stack parameters and allows the scanner to gather information from the response packets generated?
- A. Tcpview
- B. HPing
- C. Legion
- D. Nessus
Answer: B
NEW QUESTION # 177
Adam works as a sales manager for Umbrella Inc. He wants to download software from the Internet. As the software
comes from a site in his untrusted zone, Adam wants to ensure that the downloaded software has not been Trojaned.
Which of the following options would indicate the best course of action for Adam?
- A. Compare the file's virus signature with the one published on the distribution.
- B. Compare the file's MD5 signature with the one published on the distribution media.
- C. Compare the file size of the software with the one given on the Website.
- D. Compare the version of the software with the one published on the distribution media.
Answer: B
NEW QUESTION # 178
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.
- A. It is antivirus.
- B. It contains Trojans.
- C. It is a collection of various hacking tools.
- D. It is a virus.
Answer: B,C
NEW QUESTION # 179
Which of the following types of malware does not replicate itself but can spread only when the circumstances are beneficial?
- A. Blended threat
- B. Trojan horse
- C. Mass mailer
- D. Worm
Answer: B
NEW QUESTION # 180
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?
- A. Reconnaissance
- B. Preparation
- C. gaining access
- D. Scanning
Answer: B
Explanation:
Section: Volume C
NEW QUESTION # 181
......
Fully Updated Free Actual GIAC GCIH Exam Questions: https://www.torrentvalid.com/GCIH-valid-braindumps-torrent.html
All Obstacles During GCIH Exam Preparation with GCIH Real Test Questions: https://drive.google.com/open?id=12zLqit3BUFEGoFJZ4akiXo_HLDd16m_u