Pass GCIH Brain Dump Updated Certification Sample Questions [Q27-Q49]

Pass GCIH Brain Dump Updated Certification Sample Questions

Online GCIH Test Brain Dump Question and Test Engine

NEW QUESTION # 27
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare- secure.com. He enters a single quote in the input field of the login page of the We-are-secure Web site and receives the following error message:
Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'
This error message shows that the We-are-secure Website is vulnerable to __________.

• A. An XSS attack
• B. A buffer overflow
• C. A SQL injection attack
• D. A Denial-of-Service attack

Answer: C

Explanation:
Section: Volume C

NEW QUESTION # 28
Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?

• A. The Electronic Communications Privacy Act of 1986 (ECPA)
• B. The Equal Credit Opportunity Act (ECOA)
• C. Federal Information Security Management Act of 2002 (FISMA)
• D. The Fair Credit Reporting Act (FCRA)

Answer: C

Explanation:
Section: Volume B

NEW QUESTION # 29
Which of the following incident response team members ensures that the policies of the organization are enforced during the incident response?

• A. Legal representative
• B. Information Security representative
• C. Technical representative
• D. Human Resource

Answer: D

NEW QUESTION # 30
You want to add a netbus Trojan in the chess.exe game program so that you can gain remote access to a friend's computer. Which of the following tools will you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Beast
• B. Pretator Wrapper
• C. Yet Another Binder
• D. Tripwire

Answer: B,C

NEW QUESTION # 31
You run the following command while using Nikto Web scanner:
perl nikto.pl -h 192.168.0.1 -p 443
What action do you want to perform?

• A. Seting Nikto for network sniffing
• B. Using it as a proxy server
• C. Updating Nikto
• D. Port scanning

Answer: D

Explanation:
Section: Volume A

NEW QUESTION # 32
The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in
Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows
Address Book (WAB). Which of the following registry values can be used to identify this worm?

• A. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
• B. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
• C. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
• D. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices

Answer: A

NEW QUESTION # 33
Which of the following tools will you use to prevent from session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

• A. SSL
• B. Rlogin
• C. OpenSSH
• D. Telnet

Answer: A,C

NEW QUESTION # 34
Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.

• A. Phalanx2
• B. Knark
• C. Adore
• D. Beastkit

Answer: B,C

Explanation:
Section: Volume C
Explanation/Reference:

NEW QUESTION # 35
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denialof-service, or unauthorized changes to system hardware, software, or data?

• A. Disaster Recovery Plan
• B. Crisis Communication Plan
• C. Cyber Incident Response Plan
• D. Occupant Emergency Plan

Answer: C

Explanation:
Section: Volume C

NEW QUESTION # 36
You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast
traffic. What is this most likely to be an indicator of?

• A. Misconfigured router
• B. DoS attack
• C. Syn flood
• D. Virus

Answer: B

NEW QUESTION # 37
You enter the netstat -an command in the command prompt and you receive intimation that port number
7777 is open on your computer. Which of the following Trojans may be installed on your computer?

• A. Tini
• B. QAZ
• C. NetBus
• D. Donald Dick

Answer: A

NEW QUESTION # 38
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?

• A. nmap -vO
• B. nmap -sO
• C. nmap -sT
• D. nmap -sS

Answer: B

NEW QUESTION # 39
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?

• A. Information Security representative
• B. Legal representative
• C. Lead Investigator
• D. Human Resource

Answer: B

NEW QUESTION # 40
Jane works as a Consumer Support Technician for ABC Inc. The company provides troubleshooting support to users.
Jane is troubleshooting the computer of a user who has installed software that automatically gains full permissions on
his computer. Jane has never seen this software before. Which of the following types of malware is the user facing on
his computer?

• A. Rootkits
• B. Adware
• C. Spyware
• D. Viruses

Answer: A

NEW QUESTION # 41
You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following
commands will you run to activate the appropriate monitor?

• A. UPDATE DBM CONFIGURATION USING DFT_MON_SORT
• B. UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP
• C. UPDATE DBM CONFIGURATION USING DFT_MON_TABLE
• D. UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL

Answer: A

NEW QUESTION # 42
Which of the following techniques does an attacker use to sniff data frames on a local area network and modify the traffic?

• A. Email spoofing
• B. ARP spoofing
• C. MAC spoofing
• D. IP address spoofing

Answer: B

Explanation:
Section: Volume C

NEW QUESTION # 43
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

• A. RPC
• B. IDLE
• C. TCP SYN/ACK
• D. UDP

Answer: B

NEW QUESTION # 44
Your network is being flooded by ICMP packets. When you trace them down they come from multiple different IP
addresses. What kind of attack is this?

• A. Ping storm
• B. DDOS
• C. Smurf attack
• D. Syn flood

Answer: B

NEW QUESTION # 45
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

• A. Security was compromised as keylogger is invisible for firewall.
• B. Security was not compromised as the webpage was hosted internally.
• C. The attack was Cross Site Scripting and the firewall blocked it.
• D. The attack was social engineering and the firewall did not detect it.

Answer: D

NEW QUESTION # 46
You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will you perform to accomplish the task?

• A. XMAS scan
• B. Ping sweep scan
• C. TCP SYN scan
• D. Idle scan

Answer: B

Explanation:
Section: Volume A
Explanation

NEW QUESTION # 47
Which of the following tools is used to attack the Digital Watermarking?

• A. Active Attacks
• B. Gifshuffle
• C. Steg-Only Attack
• D. 2Mosaic

Answer: D

NEW QUESTION # 48
You work as a System Administrator for Happy World Inc. Your company has a server named uC1 that runs Windows Server 2008. The Windows Server virtualization role service is installed on the uC1 server which hosts one virtual machine that also runs Windows Server 2008. You are required to install a new application on the virtual machine. You need to ensure that in case of a failure of the application installation, you are able to quickly restore the virtual machine to its original state.
Which of the following actions will you perform to accomplish the task?

• A. Log on to the virtual host and create a new dynamically expanding virtual hard disk.
• B. Use the Virtualization Management Console to save the state of the virtual machine.
• C. Use the Virtualization Management Console to create a snapshot of the virtual machine.
• D. Use the Edit Virtual Hard Disk Wizard to copy the virtual hard disk of the virtual machine.

Answer: C

NEW QUESTION # 49
......

Real GIAC GCIH Exam Dumps with Correct 335 Questions and Answers: https://www.actualtests4sure.com/GCIH-test-questions.html

GIAC GCIH Certification Real 2023 Mock Exam: https://drive.google.com/open?id=1rAELMxlE0Biw7xHbet2psHOe8_aOi-Fr