GPEN Exam Questions

Which of the following IEEE standards defines Wired Equivalent Privacy encryption scheme?

Which of the following tools is a wireless sniffer and analyzer that works on the Windows operating system?

Which of the following tools is NOT used for wireless sniffing?

Which of the following options holds the strongest password?

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following a...

You want that some of your Web pages should not be crawled. Which one of the following options will you use to accomplish the task?

Which of the following tools can be used to automate the MITM attack?

The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol. W...

You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

You want to perform an active session hijack against Secure Inc. You have found a target that allows Telnet session. You have also searched an active session due to the high level...

Which of the following Web authentication techniques uses a single sign-on scheme?

Which of the following standards is used in wireless local area networks (WLANs)?

John works as a professional Ethical Hacker. He has been assigned the project of testing the description of the tool is as follows: Which of the following tools is John using to cr...

LM hash is one of the password schemes that Microsoft LAN Manager and Microsoft Windows versions prior to the Windows Vista use to store user passwords that are less than 15 charac...

You want to retrieve password files (stored in the Web server's index directory) from various Web sites. Which of the following tools can you use to accomplish the task?

You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?

Which of the following tools allow you to perform HTTP tunneling? Each correct answer represents a complete solution. Choose all that apply.

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable infor...

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

Which of the following are considered Bluetooth security violations? Each correct answer represents a complete solution. Choose two.

Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?

John works as a professional Ethical Hacker. He has been assigned the project of testing the preattack phase to check the security of the We-are-secure network: Gathering informati...

Which of the following are the countermeasures against WEP cracking? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following is the correct sequence of packets to perform the 3-way handshake method?

Which of the following nmap switches is used to perform ICMP netmask scanning?

Which of the following tasks is NOT performed into the enumeration phase?

Which of the following tools is based on the SATAN tool?

Which of the following is an open source Web scanner?

Which of the following statements about Fport is true?

Which of the following event logs contains traces of brute force attempts performed by an attacker?

Which of the following ports is used for NetBIOS null sessions?

Which of the following TCSEC classes defines verified protection?

Which of the following is the correct syntax to create a null session?

Which of the following tools is a wireless sniffer and analyzer that works on the Windows operating system?

Which of the following statements about SSID is NOT true?

Which of the following tools is an example of HIDS?

Which of the following tools is not a BlueSnarf attacking tool?

Which of the following tasks is NOT performed by antiviruses?

Which of the following does NOT use a proxy software to protect users?

You execute the following netcat command: c:\target\nc -1 -p 53 -d -e cmd.exe What action do you want to perform by issuing the above command?

TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent...

You work as a professional Ethical Hacker. You are assigned a project to perform blackhat mechanic. You claim that someone from the office called you saying that there is some faul...

Which of the following statements are true about KisMAC?

A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather...

Which of the following statements are true about SSIDs? Each correct answer represents a complete solution. Choose all that apply.

Adam works on a Linux system. He is using Sendmail as the primary application to transmit emails. Linux uses Syslog to maintain logs of what has occurred on the system. Which of th...

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which...

You have just installed a Windows 2003 server. What action should you take regarding the default administrator and guest accounts for securing a computer?

Which of the following are the two different file formats in which Microsoft Outlook saves e-mail messages based on system configuration? Each correct answer represents a complete...

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?