GPEN Exam Questions

Which of the following statements are true about NTLMv1? Each correct answer represents a complete solution. Choose all that apply.

Which of the following can be used as a countermeasure against the SQL injection attack? Each correct answer represents a complete solution. Choose two.

You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

Which of the following tools connects to and executes files on remote systems?

You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

How many bits encryption does SHA-1 use?

You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee...

You run the rdisk /s command to retrieve the backup SAM file on a computer. Where should you go on the computer to find the file?

You want to use a Windows-based GUI tool which can perform MITM attacks, along with sniffing and ARP poisoning. Which of the following tools will you use?

Which of the following commands can be used for port scanning?

Which of the following tools allows you to download World Wide Web sites from the Internet to a local computer?

Which of the following are the countermeasures against WEP cracking? Each correct answer represents a part of the solution. Choose all that apply.

Adam is a novice Internet user. He is using Google search engine to search documents of his interest. Adam wants to search the text present in the link of a Website. Which of the f...

You want to retrieve the default security report of nessus. Which of the following google search queries will you use?

You run the following command while using Nikto Web scanner: perl nikto.pl -h 192.168.0.1 -p 443 What action do you want to perform?

John works as a professional Ethical Hacker. He has been assigned the project of testing the preattack phase successfully: Information gathering Determination of network range Iden...

Which of the following statements are true about session hijacking? Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for Tech-E-book Inc. You are configuring the ISA Server 2006 firewall to provide your company with a secure wireless intranet. You want to accep...

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking...

Which of the following scanning methods is most accurate and reliable, although it is easily detectable and hence avoided by a hacker?

Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?

Which of the following password cracking tools can work on the Unix and Linux environment?

Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniff...

Which of the following tools are used for footprinting? Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator in the Secure Inc. Your company is facing various network attacks due to the insecure wireless network. You are assigned a task to secure your w...

John works as a Penetration Tester in a security service providing firm named you-are-secure Inc. Recently, John's company has got a project to test the security of a promotional W...

Which of the following laws or acts, formed in Australia, enforces prohibition against cyber stalking?

John works as a professional Ethical Hacker. He has been assigned a project to test the security and successfully logs in to the user page of the Web site. The We-are-secure login...

You want to retrieve password files (stored in the Web server's index directory) from various Web sites. Which of the following tools can you use to accomplish the task?

John works as a professional Ethical Hacker. He has been assigned the project of testing the enters the following command on the command prompt: However, he receives an incomplete...

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security o...

How many bits does SYSKEY use for encryption?

Which of the following is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards and also detects wireless netw...

In which of the following attacking methods does an attacker distribute incorrect IP address?

LM hash is one of the password schemes that Microsoft LAN Manager and Microsoft Windows versions prior to the Windows Vista use to store user passwords that are less than 15 charac...

You are using the dsniff tool to intercept communications between two entities and establish credentials with both sides of the connections. These entities do not notice that you w...

John works as a professional Ethical Hacker. He is assigned a project to test the security of connected to the server or not. Which of the following will he use to ping these compu...

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze...

Which of the following tools can be used to automate the MITM attack?

You have changed the RestrictAnonymous registry setting from 0 to 1 on your servers to secure your Windows 2000 system so that any malicious user cannot establish a null session on...

You are a Web Administrator of Millennium Inc. The company has hosted its Web site within its network. The management wants the company's vendors to be able to connect to the corpo...

Which of the following federal laws are related to hacking activities? Each correct answer represents a complete solution. Choose three.

Which of the following statements are true about the Enum tool? Each correct answer represents a complete solution. Choose all that apply.

Which of the following security protocols can be used to support MS-CHAPv2 for wireless client authentication? Each correct answer represents a complete solution. Choose two.

Which of the following tools automates password guessing in the NetBIOS session?

In which of the following scanning methods does an attacker send SYN packets and then a RST packet?

Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

GSM uses either A5/1 or A5/2 stream cipher for ensuring over-the-air voice privacy. Which of the following cryptographic attacks can be used to break both ciphers?

You run the following command on the remote Windows server 2003 computer: c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d 192...

John works as a professional Ethical Hacker. He is assigned a project to test the security of placed a backdoor in the network. Now, he wants to clear all event logs related to pre...