GPEN Exam Questions

You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall. Wh...

Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?

You want to retrieve the default security report of nessus. Which of the following google search queries will you use?

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security o...

Which of the following can be used to mitigate the evil twin phishing attack?

Which of the following attacks can be overcome by applying cryptography?

Which of the following can be used as a countermeasure against the SQL injection attack? Each correct answer represents a complete solution. Choose two.

You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

Which of the following are considered Bluetooth security violations? Each correct answer represents a complete solution. Choose two.

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security o...

Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the followi...

You want to search the Apache Web server having version 2.0 using google hacking. Which of the following search queries will you use?

What happens when you scan a broadcast IP address of a network? Each correct answer represents a complete solution. Choose all that apply.

John works as a professional Ethical Hacker. He has been assigned a project to test the security server. Now, he suggests some countermeasures to avoid such brute force attacks on...

Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mai...

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters...

You have received a file named new.com in your email as an attachment. When you execute this file in your laptop, you get the following message: 'EICAR-STANDARD-ANTIVIRUS-TEST-FILE...

Which of the following statements are true about session hijacking? Each correct answer represents a complete solution. Choose all that apply.

Which of the following are the countermeasures against WEP cracking? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking...

Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized fro...

Which of the following tools allows you to download World Wide Web sites from the Internet to a local computer?

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only o...

You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?

Which of the following is the most common method for an attacker to spoof email?

Adam, a malicious hacker, hides a hacking tool from a system administrator of his company by using Alternate Data Streams (ADS) feature. Which of the following statements is true i...

John works as a professional Ethical Hacker. He has been assigned the project of testing the description of the tool is as follows: Which of the following tools is John using to cr...

Which of the following is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards and also detects wireless netw...

Which of the following is NOT an example of passive footprinting?

The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol. W...

What does APNIC stand for?

Which of the following is NOT a valid DNS zone type?

Which of the following nmap switches is used to perform NULL scan?

Which of the following tools is used for SNMP enumeration?

If a password is seven characters or less, the second half of the LM hash is always ___________________.

What does TCSEC stand for?

Which of the following tools is used for port redirection?

Which of the following is the default port value of beast Trojan?

Which of the following Trojans does not use TCP protocol?

In which layer of the OSI model does a sniffer operate?

In which of the following attacks does the attacker overload the CAM table of the switch?

Which of the following tools can be used for session splicing attacks?

__________ firewall architecture uses two NICs with a screening router inserted between the host and the untrusted network.

Which of the following worms performs random scanning?

Which of the following syntaxes is the correct syntax for the master.dbo.sp_makewebtask procedure?

Which of the following is the second half of the LAN manager Hash?

Which of the following types of Penetration testing provides the testers with complete knowledge of the infrastructure to be tested?

Which of the following Penetration Testing steps includes network mapping and OS fingerprinting?

Which of the following techniques is used to monitor telephonic and Internet conversations by a third party?