GCIH Exam Questions
829 real GCIH exam questions with expert-verified answers and explanations. Page 5 of 17.
- Question #207Web Application Attacks & Post-Exploitation
You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?
PSExecremote executionlateral movementTrojan deployment - Question #208Web Application Attacks & Post-Exploitation
In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?
session sidejackingcookie theftpacket sniffingsession hijacking - Question #209Malware Analysis & Advanced Persistent Threats
Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?
kernel rootkitrootkit typesOS modificationdevice drivers - Question #210Reconnaissance, Scanning, and Enumeration
Which of the following types of scan does not open a full TCP connection?
stealth scanSYN scanTCP half-openport scanning - Question #212Incident Response & Cyber Kill Chain
Which of the following statements about smurf is true?
smurf attackICMP floodIP spoofingDDoS - Question #213Reconnaissance, Scanning, and Enumeration
Which of the following tools is used for port scanning?
Nmapport scanningnetwork reconnaissancetools - Question #214Malware Analysis & Advanced Persistent Threats
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of t...
Ramen wormLinux malwaresynscanworm identification - Question #215Incident Response & Cyber Kill Chain
Which of the following steps can be taken as countermeasures against sniffer attacks? Each correct answer represents a complete solution. Choose all that apply.
sniffer countermeasuresencryptionnetwork switchestraffic interception - Question #216Incident Response & Cyber Kill Chain
Which of the following statements about threats are true? Each correct answer represents a complete solution. Choose all that apply.
threat definitionsecurity conceptsrisk terminologyvulnerability vs threat - Question #217Incident Response & Cyber Kill Chain
Which of the following provides packet-level encryption between hosts in a LAN?
IPSecpacket encryptionLAN securityVPN protocols - Question #218Web Application Attacks & Post-Exploitation
Which of the following attacks allows an attacker to retrieve crucial information from a Web server's database?
SQL injectiondatabase attackweb vulnerabilitiesdata exfiltration - Question #219Incident Response & Cyber Kill Chain
Which of the following IP packet elements is responsible for authentication while using IPSec?
IPSec AHAuthentication Headerpacket authenticationIPSec components - Question #220Reconnaissance, Scanning, and Enumeration
Which of the following techniques can be used to map 'open' or 'pass through' ports on a gateway?
traceroutefirewall mappinggateway enumerationport probing - Question #221Reconnaissance, Scanning, and Enumeration
Which of the following is used to gather information about a remote network protected by a firewall?
firewalkingfirewall evasionnetwork reconnaissancepacket analysis - Question #222Vulnerability Exploitation & Privilege Escalation
Which of the following hacking tools provides shell access over ICMP?
ICMP tunnelingcovert channelsshell accessLoki - Question #223Malware Analysis & Advanced Persistent Threats
Which of the following threats is a combination of worm, virus, and Trojan horse characteristics?
blended threatsmalware classificationwormtrojan - Question #224Incident Response & Cyber Kill Chain
Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?
file integrity monitoringTripwirecryptographic hasheshost-based detection - Question #225Malware Analysis & Advanced Persistent Threats
Which of the following types of channels is used by Trojans for communication?
covert channelstrojan communicationC2 channelsmalware persistence - Question #226Vulnerability Exploitation & Privilege Escalation
Which of the following is a method of gaining access to a system that bypasses normal authentication?
backdoorauthentication bypasspersistenceunauthorized access - Question #227Incident Response & Cyber Kill Chain
Which of the following are the rules by which an organization operates?
security policiesorganizational governancepolicy management - Question #228Incident Response & Cyber Kill Chain
Which of the following steps of incident response is steady in nature?
incident response lifecyclepreparation phaseIR steps - Question #229Incident Response & Cyber Kill Chain
Which of the following incident response team members ensures that the policies of the organization are enforced during the incident response?
IR team compositionHR rolepolicy enforcementincident response - Question #230Incident Response & Cyber Kill Chain
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?
IR team compositionlegal representativecomplianceinvestigation legality - Question #231Incident Response & Cyber Kill Chain
Which of the following are used to identify who is responsible for responding to an incident?
incident response policiesIR governanceresponsibility assignment - Question #232Reconnaissance, Scanning, and Enumeration
Which of the following applications is NOT used for passive OS fingerprinting?
passive OS fingerprintingNmapactive vs passive scanningnetwork reconnaissance - Question #233Reconnaissance, Scanning, and Enumeration
Which of the following is a process of searching unauthorized modems?
wardialingunauthorized modemsreconnaissancedial-up scanning - Question #234Reconnaissance, Scanning, and Enumeration
Which of the following is used to determine the range of IP addresses that are mapped to a live hosts?
ping sweephost discoveryICMPnetwork scanning - Question #235Reconnaissance, Scanning, and Enumeration
Which of the following options scans the networks for vulnerabilities regarding the security of a network?
network enumerationvulnerability scanningnetwork security assessment - Question #236Reconnaissance, Scanning, and Enumeration
Which of the following protocol loggers is used to detect ping sweep?
ipplping sweep detectionprotocol loggingintrusion detection - Question #237Web Application Attacks & Post-Exploitation
Which of the following is the Web 2.0 programming methodology that is used to create Web pages that are dynamic and interactive?
AjaxWeb 2.0dynamic web pagesweb technologies - Question #238Reconnaissance, Scanning, and Enumeration
Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?
MAC address filteringwireless securityaccess controlnetwork authentication - Question #239Malware Analysis & Advanced Persistent Threats
OutGuess is used for __________ attack.
steganographyOutGuessdata hidingcovert communication - Question #240Reconnaissance, Scanning, and Enumeration
Which of the following protocols uses only User Datagram Protocol (UDP)?
TFTPUDP protocolnetwork protocolsprotocol fundamentals - Question #241Incident Response & Cyber Kill Chain
Which of the following describes network traffic that originates from the inside of a network perimeter and progresses towards the outside?
egress trafficnetwork perimetertraffic direction - Question #242Incident Response & Cyber Kill Chain
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members o...
incident containmentVLAN isolationnetwork isolationincident handling process - Question #243Malware Analysis & Advanced Persistent Threats
Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. After about two mont...
kernel-level rootkitmalware symptomsstealth rootkitsystem performance - Question #244Incident Response & Cyber Kill Chain
Which of the following types of attacks is only intended to make a computer resource unavailable to its users?
denial of serviceavailability attackDoS definition - Question #245Vulnerability Exploitation & Privilege Escalation
Which of the following types of attack can guess a hashed password?
brute forcepassword crackinghash cracking - Question #246Incident Response & Cyber Kill Chain
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
ping of deathICMP oversized packetDoS attack65536 bytes - Question #247Reconnaissance, Scanning, and Enumeration
Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filte...
MAC spoofingwireless securityMAC filtering bypassWPA - Question #248Reconnaissance, Scanning, and Enumeration
Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers,...
wardialingmodem scanningtelephone enumeration - Question #249Reconnaissance, Scanning, and Enumeration
Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?
network mappingbanner grabbingIP enumerationmanual reconnaissance - Question #250Incident Response & Cyber Kill Chain
Which of the following statements are true about tcp wrappers? Each correct answer represents a complete solution. Choose all that apply.
TCP wrappersinetdhost-based access controlIP spoofing protection - Question #251Vulnerability Exploitation & Privilege Escalation
Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?
buffer overflowmemory corruptionpoor programmingvulnerability types - Question #252Vulnerability Exploitation & Privilege Escalation
John works as a professional Ethical Hacker. He has been assigned the project of testing the attacks. As a countermeasure, he suggests that the Network Administrator should remove...
IIS buffer overflowIPP printingweb server hardeningcountermeasures - Question #253Web Application Attacks & Post-Exploitation
Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets...
persistent XSSstored XSScross-site scriptingaccount hijacking - Question #254Malware Analysis & Advanced Persistent Threats
Adam works as a sales manager for Umbrella Inc. He wants to download software from the Internet. As the software comes from a site in his untrusted zone, Adam wants to ensure that...
MD5 hash verificationfile integritytrojan detectionsoftware validation - Question #255Incident Response & Cyber Kill Chain
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of that the firewall of the server is blocking the ICMP messages, but it is not checkin...
Fraggle attackUDP floodingIP spoofingbroadcast amplification - Question #256Incident Response & Cyber Kill Chain
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an ente...
preparation phaseincident handling lifecyclebackup planincident response planning - Question #257Malware Analysis & Advanced Persistent Threats
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?
SQL SlammerwormDoS worminternet disruption