GPEN Exam Questions

John works as a professional Ethical Hacker. He is assigned a project to test the security of placed a backdoor in the network. Now, he wants to clear all event logs related to pre...

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function);...

A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It provides an attacker unauthorized access to a computer. Which of the foll...

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional...

John works as a Network Security Professional. He is assigned a project to test the security of with netcat and sends a bad html request in order to retrieve information about the...

John works as a professional Ethical Hacker. He has been assigned the project of testing the preattack phase: Information gathering Determining network range Identifying active mac...

You work as a Network Administrator for McNeil Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Wind...

You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows...

John works as a professional Ethical Hacker. He has been assigned the project of testing the and observes that the server crashes. Which of the following is the most likely cause o...

The 3-way handshake method is used by the TCP protocol to establish a connection between a client and the server. It involves three steps: 1. In the first step, a SYN message is se...

Which of the following tools crashes computers running Windows 2000/XP/NT by sending crafted SMB requests?

Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable infor...

John works as a professional Ethical Hacker. He has been assigned the project of testing the Weare- secure network. Which of the following IEEE-based traffic can be sniffed with Ki...

Which of the following are countermeasures to prevent unauthorized database access attacks? Each correct answer represents a complete solution. Choose all that apply.

You work as an IT Technician for PassGuide Inc. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the c...

Which of the following wireless security features provides the best wireless security mechanism?

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalen...

You want to search Microsoft Outlook Web Access Default Portal using Google search on the Internet so that you can perform the brute force attack and get unauthorized access. What...

Mark works as a Network Administrator for NetTech Inc. Several employees of the company work from the remote locations. The company provides a dial-up connection to employees to co...

You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

Which of the following protocols uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity for secure browsi...

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the ite...

Which of the following attacks can be overcome by applying cryptography?

You are auditing the security of a client company. You find that their password policy only requires a minimum of 5 characters with letters and numbers. What, if anything, is wrong...

In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?

You have detected what appears to be an unauthorized wireless access point on your network. However this access point has the same MAC address as one of your real access points and...

In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

In which of the following IDS evasion techniques does an attacker deliver data in multiple small sized packets, which makes it very difficult for an IDS to detect the attack signat...

You work as a Network Administrator in the Secure Inc. You often need to send PDF documents that contain secret information, such as, client password, their credit card details, em...

Which of the following tasks can be performed by using netcat utility? Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a proj...

Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mai...

John works as a professional Ethical Hacker. He has been assigned the project of testing the preattack phase to check the security of the We-are-secure network: l Gathering informa...

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security o...

Joseph works as a Network Administrator for WebTech Inc. He has to set up a centralized area on the network so that each employee can share resources and documents with one another...

Adam works as a professional Computer Hacking Forensic Investigator. He works with the local police. A project has been assigned to him to investigate an iPod, which was seized fro...

Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?

Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?

Which of the following is a passive information gathering tool?

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 Active Directory domain-based network. The domain consists of a domain controller, two Windows...

You work as a professional Ethical Hacker. You are assigned a project to perform blackhat mechanic. You claim that someone from the office called you saying that there is some faul...

You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?

John works as a professional Ethical Hacker. He has been assigned a project to test the security secure.c Considering the above scenario, which of the following statements are true...

John works as a Professional Penetration Tester. He has been assigned a project to test the ='or''=' as a username and successfully logs on to the user page of the Web site. Now, J...

Which of the following Web authentication techniques uses a single sign-on scheme?

Which of the following tools is spyware that makes Windows clients send their passwords as clear text?

Which of the following tools allow you to perform HTTP tunneling? Each correct answer represents a complete solution. Choose all that apply.

You want to create a binary log file using tcpdump. Which of the following commands will you use?

Which of the following standards is used in wireless local area networks (WLANs)?