GPEN Exam Questions

Anonymizers are the services that help make a user's own Web surfing anonymous. An anonymizer removes all the identifying information from a user's computer while the user surfs th...

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN. Which of the fol...

Which of the following vulnerability scanner scans from CGI, IDA, Unicode, and Nimda vulnerabilities?

You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linuxbased server. Recently, you have updated the password policy of the company in which th...

Which of the following is the correct sequence of packets to perform the 3-way handshake method?

John is a black hat hacker. FBI arrested him while performing some email scams. Under which of the following US laws will john be charged?

Which of the following is a person-to-person attack in which an attacker convinces the target that he or she has a problem or might have a certain problem in the future and that he...

As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to r...

Which of the following tools is a Windows-based commercial wireless LAN analyzer for IEEE802.11b and supports all high level protocols such as TCP/IP, NetBEUI, and IPX?

Which of the following tools will you use to prevent from session hijacking? Each correct answer represents a complete solution. Choose all that apply.

Which of the following tools can be used to assign, display, or modify ACLs (access control lists) to files or folders and could also be used within batch files in Windows NT/2000/...

You have received a file named new.com in your email as an attachment. When you execute this file in your laptop, you get the following message: 'EICAR-STANDARD-ANTIVIRUS-TEST-FILE...

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. Rick, your assistant, is configuring some laptops for wireless access. For securit...

Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs? Each correct answer re...

Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a multimedia enabled mobile phone, which is suspected to be u...

John works as a professional Ethical Hacker. He has been assigned a project to test the security server. Now, he suggests some countermeasures to avoid such brute force attacks on...

Which of the following attacks allows an attacker to recover the key in an RC4 encrypted stream from a large number of messages in that stream?

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only o...

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the followin...

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest i...

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest i...

Which of the following are considered Bluetooth security violations? Each correct answer represents a complete solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned the project of testing the and applications running on the We-are-secure server. For this purpose, he wants to ini...

Which of the following methods can be used to detect session hijacking attack?

Which of the following is generally practiced by the police or any other recognized governmental authority?

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following a...

Which of the following tools can be used by a user to hide his identity? Each correct answer represents a complete solution. Choose all that apply.

Which of the following techniques are NOT used to perform active OS fingerprinting? Each correct answer represents a complete solution. Choose all that apply.

Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for networ...

John works as a professional Ethical Hacker. He is assigned a project to test the security of Weare- secure Web site and receives the following error message: Microsoft OLE DB Prov...

Which of the following ports must you filter to check null sessions on your network?

Which of the following tools can be used to perform Windows password cracking, Windows enumeration, and VoIP session sniffing?

You enter the following URL on your Web browser: af../windows/system32/cmd.exe?/c+dir+c:\ What task do you want to perform?

ACME corporation has decided to setup wireless (IEEE 802.11) network in it's sales branch at Tokyo and found that channels 1, 6, 9,11 are in use by the neighboring offices. Which i...

Which Metasploitvncinject stager will allow VNC communications from the attacker to a listening port of the attacker's choosing on the victim machine?

What is the MOST important document to obtain before beginning any penetration testing?

While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers: C:\>sc winternet.host.com create ncser...

Which of the following best describes a client side exploit?

Which of the following TCP packet sequences are common during a SYN (or half-open) scan? (a) The source computer sends SYN and the destination computer responds with RST (b) The so...

Which of the following describes the direction of the challenges issued when establishing a wireless (IEEE 802.11) connection?

You have gained shell on a Windows host and want to find other machines to pivot to, but the rules of engagement state that you can only use tools that are already available. How c...

A penetration tester obtains telnet access to a target machine using a captured credential. While trying to transfer her exploit to the target machine, the network intrusion detect...

What section of the penetration test or ethical hacking engagement final report is used to detail and prioritize the results of your testing?

You are pen testing a Windows system remotely via a raw netcat shell. You want to quickly change directories to where the Windows operating system resides, what command could you u...

A client with 7200 employees in 14 cities (all connected via high speed WAN connections) has suffered a major external security breach via a desktop which cost them more than SI 72...

Which Metasploit payload includes simple upload and download functionality for moving files to and from compromised systems?

A junior penetration tester at your firm is using a non-transparent proxy for the first time to test a web server. He sees the web site In his browser but nothing shows up In the p...

Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?

You are pen testing a Linux target from your windows-based attack platform. You just moved a script file from the windows system to the Linux target, but it will not execute proper...

Which of the following is the JavaScript variable used to store a cookie?