GCIH Exam Questions
829 real GCIH exam questions with expert-verified answers and explanations. Page 3 of 17.
- Question #103Vulnerability Exploitation & Privilege Escalation
Which of the following programming languages are NOT vulnerable to buffer overflow attacks? Each correct answer represents a complete solution. Choose two.
buffer overflowmemory safetyJavaunsafe languages - Question #104Malware Analysis & Advanced Persistent Threats
Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client computers and four Windows 2000 servers. All the client computers are ab...
malware preventionuser educationsecurity awarenessendpoint protection - Question #105Reconnaissance, Scanning, and Enumeration
Which of the following reads and writes data across network connections by using the TCP/IP protocol?
NetcatTCP/IPnetwork toolsdata transfer - Question #106Reconnaissance, Scanning, and Enumeration
Which of the following terms describes an attempt to transfer DNS zone data?
DNS zone transferAXFRDNS reconnaissanceinformation gathering - Question #107Web Application Attacks & Post-Exploitation
Adam, a novice web user, is very conscious about the security. He wants to visit the Web site that is known to have malicious applets and code. Adam always makes use of a basic Web...
malicious appletsLynx browsersafe browsingclient-side attacks - Question #108Web Application Attacks & Post-Exploitation
John works as a Penetration Tester in a security service providing firm named you-are-secure Inc. Recently, John's company has got a project to test the security of a promotional W...
XSScross-site scriptingscript injectionweb vulnerability - Question #109Web Application Attacks & Post-Exploitation
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the ite...
cookie poisoningcookie manipulationparameter tamperingweb attacks - Question #110Reconnaissance, Scanning, and Enumeration
You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.
firewalkingTTL manipulationhping2firewall evasion - Question #111Web Application Attacks & Post-Exploitation
John works as a professional Ethical Hacker. He is assigned a project to test the security of are-secure network and intercept a conversation between two employees of the company t...
session hijackingHunt toolTCP hijackingnetwork sniffing - Question #112Vulnerability Exploitation & Privilege Escalation
Adam works as a Security Administrator for the Umbrella Inc. A project has been assigned to him to strengthen the security policies of the company, including its password policies....
SAM databasepassword hash dumpingActive Directorycredential extraction - Question #113Incident Response & Cyber Kill Chain
Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofi...
ARP spoofingARP poisoningcountermeasuresstatic ARP entries - Question #114Malware Analysis & Advanced Persistent Threats
Which of the following malicious code can have more than one type of trigger, multiple task capabilities, and can replicate itself in more than one manner?
blended threatmalware classificationmulti-vector malwarereplication - Question #115Web Application Attacks & Post-Exploitation
Which of the following can be used as a countermeasure against the SQL injection attack? Each correct answer represents a complete solution. Choose two.
SQL injectionprepared statementsinput sanitizationmysql_real_escape_string - Question #116Reconnaissance, Scanning, and Enumeration
You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task? Each correct answer represents a complete...
NiktoNessusvulnerability scanner integrationweb scanning - Question #117Vulnerability Exploitation & Privilege Escalation
Adam works as a Penetration Tester for Umbrella Inc. A project has been assigned to him check the security of wireless network of the company. He re-injects a captured wireless pac...
replay attackwireless securityWEP IVpacket re-injection - Question #118Reconnaissance, Scanning, and Enumeration
John works as a professional Ethical Hacker. He has been assigned the project of testing the pre- attack phase: l Information gathering l Determining network range l Identifying ac...
network mappingTracerouteNeoTracepre-attack reconnaissance - Question #119Incident Response & Cyber Kill Chain
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which ty...
DoSresource exhaustionpacket floodingnetwork disruption - Question #120Reconnaissance, Scanning, and Enumeration
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux- based network. The company is aware of various types of security attacks and wants to impe...
nmap idle scanport scanningaudit policysecurity policy - Question #121Malware Analysis & Advanced Persistent Threats
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
keyloggerhardware keyloggerAV evasionendpoint detection - Question #122Vulnerability Exploitation & Privilege Escalation
Which of the following netcat parameters makes netcat a listener that automatically restarts itself when a connection is dropped?
netcatlistener modepersistencebackdoor - Question #123Web Application Attacks & Post-Exploitation
Which of the following tools can be used for network sniffing as well as for intercepting conversations through session hijacking?
session hijackingnetwork sniffingHunt toolARP - Question #124Malware Analysis & Advanced Persistent Threats
You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?
steganographyPGP filesdata hidingStealth tool - Question #125Reconnaissance, Scanning, and Enumeration
Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?
ARP spoofingLAN attackstraffic interceptionnetwork sniffing - Question #126Incident Response & Cyber Kill Chain
Which of the following protocols is a maintenance protocol and is normally considered a part of the IP layer, but has also been used to conduct denial-of-service attacks?
ICMPDoS attacksIP layernetwork protocols - Question #128Malware Analysis & Advanced Persistent Threats
to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'...
steganographysecurity through obscuritydata hidingcovert communication - Question #130Reconnaissance, Scanning, and Enumeration
Adam works as a Network administrator for Umbrella Inc. He noticed that an ICMP ECHO requests is coming from some suspected outside sources. Adam suspects that some malicious hacke...
ping sweepICMP filteringnetwork reconnaissancecountermeasure effectiveness - Question #131Web Application Attacks & Post-Exploitation
You are the Security Consultant and have been hired to check security for a client's network. Your client has stated that he has many concerns but the most critical is the security...
vulnerability scanningweb application securitysecurity assessmentpenetration testing methodology - Question #132Vulnerability Exploitation & Privilege Escalation
Which of the following tasks can be performed by using netcat utility? Each correct answer represents a complete solution. Choose all that apply.
netcatbackdoorport scanningfirewall testing - Question #133Web Application Attacks & Post-Exploitation
Which of the following statements are correct about spoofing and session hijacking? Each correct answer represents a complete solution. Choose all that apply.
IP spoofingsession hijackingidentity impersonationnetwork attacks - Question #134Vulnerability Exploitation & Privilege Escalation
You work as a professional Ethical Hacker. You are assigned a project to test the security of Windows based. While you are installing the NetCat tool as a backdoor in the we-are-se...
CryptCatnetcatencrypted transferbackdoor - Question #135Malware Analysis & Advanced Persistent Threats
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?
backdoorremote accessauthentication bypassmalware types - Question #136Malware Analysis & Advanced Persistent Threats
Which of the following statements is true about a Trojan engine?
TrojanTFN2KBO2Kcovert channel protocols - Question #137Vulnerability Exploitation & Privilege Escalation
Which of the following types of attacks come under the category of hacker attacks? Each correct answer represents a complete solution. Choose all that apply.
IP spoofingpassword crackinghacker attack typesnetwork attacks - Question #138Malware Analysis & Advanced Persistent Threats
Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections? Each correct answer represents a complete solution. Choose all that appl...
Linux rootkitsPhalanx2AdoreKnark - Question #139Vulnerability Exploitation & Privilege Escalation
John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking...
password crackingdictionary attackbrute forcehybrid attack - Question #140Malware Analysis & Advanced Persistent Threats
John works as a professional Ethical Hacker. He is assigned a project to test the security of Which of the following statements are true about rootkits? Each correct answer represe...
rootkitsbackdoorpacket sniffingutility replacement - Question #141Web Application Attacks & Post-Exploitation
You enter the following URL on your Web browser: af../windows/system32/cmd.exe?/c+dir+c:\ What kind of attack are you performing?
directory traversalURL manipulationpath traversalweb attacks - Question #142Incident Response & Cyber Kill Chain
A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation atta...
DoS mitigationbandwidth consumptiontraffic filteringnetwork saturation - Question #143Reconnaissance, Scanning, and Enumeration
Which of the following attacking methods allows the bypassing of access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate ano...
MAC spoofingACL bypassidentity impersonationnetwork attacks - Question #144Incident Response & Cyber Kill Chain
Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You d...
backdoorpersistencepost-exploitationincident response - Question #145Reconnaissance, Scanning, and Enumeration
Which of the following techniques does an attacker use to sniff data frames on a local area network and modify the traffic?
ARP spoofingLAN sniffingman-in-the-middleframe modification - Question #146Vulnerability Exploitation & Privilege Escalation
Brutus is a password cracking tool that can be used to crack the following authentications: l HTTP (Basic Authentication) l HTTP (HTML Form/CGI) l POP3 (Post Office Protocol v3) l...
password crackingbrute forcedictionary attackhybrid attack - Question #147Web Application Attacks & Post-Exploitation
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your em...
input validationweb application errorspecial charactersform injection - Question #148Reconnaissance, Scanning, and Enumeration
Maria works as a professional Ethical Hacker. She has been assigned the project of testing the Inc. In which of the following steps of malicious hacking does dumpster diving come u...
dumpster divingreconnaissanceOSINTinformation gathering - Question #149Incident Response & Cyber Kill Chain
Which of the following types of attacks slows down or stops a server by overloading it with requests?
DoS attackserver overloadavailability attack - Question #150Vulnerability Exploitation & Privilege Escalation
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small- sized packets to the target computer. Hence, it becomes very difficult for an IDS...
session splicingIDS evasionpacket fragmentationWhisker - Question #151Incident Response & Cyber Kill Chain
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is...
IP spoofing detectionDespoofnetwork monitoringLinux security - Question #152Malware Analysis & Advanced Persistent Threats
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of th...
HTTP response headersworm protectionSmartDefenseweb server security - Question #153Incident Response & Cyber Kill Chain
Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source...
DDoS attackFIN floodIP spoofingbotnet - Question #154Reconnaissance, Scanning, and Enumeration
When you conduct the XMAS scanning using Nmap, you find that most of the ports scanned do not give a response. What can be the state of these ports?
XMAS scanport scanningNmapfiltered ports