GCIH PDF Dumps Apr 24, 2024 Recently Updated Questions [Q179-Q202]

Share

GCIH PDF Dumps | Apr 24, 2024 Recently Updated Questions

GCIH Exam Questions – Valid GCIH Dumps Pdf


GIAC GCIH (GIAC Certified Incident Handler) exam is a highly respected certification that validates a candidate's ability to detect, respond to, and resolve computer security incidents. GIAC Certified Incident Handler certification is designed for professionals who have some experience in the field of computer security and want to develop their skills further. The GCIH certification is globally recognized and is highly regarded by employers as a benchmark for incident handling skills.


How to book GCIH Exams

In order to apply for the GCIH, You have to follow these steps

  1. Go to the GCIH Official Site
  2. Read the instruction Carefully
  3. Follow the given steps
  4. Apply for the GCIH

GCIH Structure

The test GCIH is the only benchmark necessary for obtaining the GIAC Certified Incident Handler designation. Also, it’s a proctored exam and candidates should pay a registration fee of $1,999 to be eligible for it. To add more, the exam includes 100 to 150 inquiries with different levels of complexity and structure. The candidates should know that they will have only 4 hours to reply to as many questions as possible and get a passing score of 70%.

 

NEW QUESTION # 179
You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?

  • A. UPDATE DBM CONFIGURATION USING DFT_MON_SORT
  • B. UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL
  • C. UPDATE DBM CONFIGURATION USING DFT_MON_TABLE
  • D. UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP

Answer: A

Explanation:
Section: Volume C


NEW QUESTION # 180
Which of the following attacks capture the secret value like a hash and reuse it later to gain access to
a system without ever decrypting or decoding the hash?

  • A. Rainbow attack
  • B. Replay attack
  • C. Hashing attack
  • D. Cross Site Scripting attack

Answer: B


NEW QUESTION # 181
You run the following command while using Nikto Web scanner:
perl nikto.pl -h 192.168.0.1 -p 443
What action do you want to perform?

  • A. Port scanning
  • B. Using it as a proxy server
  • C. Seting Nikto for network sniffing
  • D. Updating Nikto

Answer: A


NEW QUESTION # 182
Which of the following statements are true about firewalking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.
  • B. Firewalking works on the UDP packets.
  • C. A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.
  • D. To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

Answer: A,C,D

Explanation:
Section: Volume A
Explanation/Reference:


NEW QUESTION # 183
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise.
The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will
be decided by you. Which of the following stages in the Incident handling process involves your decision making?

  • A. Containment
  • B. Preparation
  • C. Eradication
  • D. Identification

Answer: B


NEW QUESTION # 184
Which of the following viruses/worms uses the buffer overflow attack?

  • A. Nimda virus
  • B. Chernobyl (CIH) virus
  • C. Klez worm
  • D. Code red worm

Answer: D


NEW QUESTION # 185
Which of the following statements about threats are true?
Each correct answer represents a complete solution. Choose all that apply.

  • A. A threat is a potential for violation of security which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.
  • B. A threat is a sequence of circumstances and events that allows a human or other agent to cause an information-related misfortune by exploiting vulnerability in an IT product.
  • C. A threat is a weakness or lack of safeguard that can be exploited by vulnerability, thus causing harm to the information systems or networks.
  • D. A threat is any circumstance or event with the potential of causing harm to a system in the form of destruction, disclosure, modification of data, or denial of service.

Answer: A,B,D


NEW QUESTION # 186
Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?

  • A. Biometric device
  • B. Proximity cards
  • C. One Time Password
  • D. Security token

Answer: D


NEW QUESTION # 187
You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will
you perform to accomplish the task?

  • A. Ping sweep scan
  • B. TCP SYN scan
  • C. Idle scan
  • D. XMAS scan

Answer: A


NEW QUESTION # 188
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently,
your company has assigned you a project to test the security of the we-aresecure.com Web site. For this, you want to
perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using GIACing tool
to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented
on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than
one value.
What may be the reason?

  • A. The zombie computer is not connected to the we-are-secure.com Web server.
  • B. The firewall is blocking the scanning process.
  • C. GIACing does not perform idle scanning.
  • D. The zombie computer is the system interacting with some other system besides your computer.

Answer: D


NEW QUESTION # 189
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

  • A. Gaining access
  • B. Maintaining access
  • C. Reconnaissance
  • D. Covering tracks

Answer: D


NEW QUESTION # 190
Which of the following are types of access control attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Mail bombing
  • B. Dictionary attack
  • C. Brute force attack
  • D. Spoofing

Answer: B,C,D

Explanation:
Section: Volume A


NEW QUESTION # 191
You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare-secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.
What steps should you take to accomplish the task?

  • A. You will use brutus.
  • B. You will use Wireshark.
  • C. You will use the ftp service.
  • D. You will use CryptCat instead of NetCat.

Answer: D


NEW QUESTION # 192
Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

  • A. Persistent
  • B. Non persistent
  • C. Document Object Model (DOM)
  • D. SAX

Answer: A


NEW QUESTION # 193
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?

  • A. Beast
  • B. Klez
  • C. SQL Slammer
  • D. Code red

Answer: C

Explanation:
Section: Volume A


NEW QUESTION # 194
Which of the following statements are true about a keylogger?
Each correct answer represents a complete solution. Choose all that apply.

  • A. It can be remotely installed on a computer system.
  • B. It records all keystrokes on the victim's computer in a predefined log file.
  • C. It is a software tool used to trace all or specific activities of a user on a computer.
  • D. It uses hidden code to destroy or scramble data on the hard disk.

Answer: A,B,C


NEW QUESTION # 195
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?
Each correct answer represents a complete solution. Choose all that apply.

  • A. They allow an attacker to conduct a buffer overflow.
  • B. They allow an attacker to replace utility programs that can be used to detect the attacker's activity.
  • C. They allow an attacker to run packet sniffers secretly to capture passwords.
  • D. They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.

Answer: B,C,D


NEW QUESTION # 196
Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

  • A. Spoofing
  • B. File integrity auditing
  • C. Reconnaissance
  • D. Shoulder surfing

Answer: B


NEW QUESTION # 197
Which of the following viruses/worms uses the buffer overflow attack?

  • A. Nimda virus
  • B. Chernobyl (CIH) virus
  • C. Klez worm
  • D. Code red worm

Answer: D

Explanation:
Section: Volume B


NEW QUESTION # 198
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email [email protected]
And press the submit button.
The Web application displays the server error. What can be the reason of the error?

  • A. Email entered is not valid.
  • B. The remote server is down.
  • C. You have entered any special character in email.
  • D. Your internet connection is slow.

Answer: C


NEW QUESTION # 199
Which of the following statements about buffer overflow are true?
Each correct answer represents a complete solution. Choose two.

  • A. It is a situation that occurs when an application receives more data than it is configured to accept.
  • B. It can terminate an application.
  • C. It is a situation that occurs when a storage device runs out of space.
  • D. It can improve application performance.

Answer: A,B


NEW QUESTION # 200
Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not concerned about being stealth at this point.
Which of the following type of scans would be most accurate and reliable?

  • A. TCP Connect scan
  • B. UDP sacn
  • C. ACK scan
  • D. Fin scan

Answer: A


NEW QUESTION # 201
Which of the following types of attacks slows down or stops a server by overloading it with requests?

  • A. Vulnerability attack
  • B. Impersonation attack
  • C. Network attack
  • D. DoS attack

Answer: D

Explanation:
Section: Volume C


NEW QUESTION # 202
......

GCIH dumps Sure Practice with 335 Questions: https://www.actualvce.com/GIAC/GCIH-valid-vce-dumps.html

GCIH Practice Test Questions Answers Updated 335 Questions: https://drive.google.com/open?id=1kl2QXTGxpdeXmCUL6KCxH1Mj12wyrydc