Master the GCIH GIAC Certified Incident Handler content and be ready for exam day success quickly with this Actualtests GCIH actual test. We guarantee it!We make it a reality and give you real GCIH questions in our GIAC GCIH braindumps.Latest 100% VALID GIAC GCIH Exam Questions Dumps at below page. You can use our GIAC GCIH braindumps and pass your exam.

Also have GCIH free dumps questions for you:

NEW QUESTION 1
Which of the following types of skills are required in the members of an incident handling team?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Organizational skills
  • B. Diplomatic skills
  • C. Methodical skills
  • D. Technical skills

Answer: ABD

NEW QUESTION 2
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

  • A. The attacker must determine the right values for all the form inputs.
  • B. The attacker must target a site that doesn't check the referrer header.
  • C. The target site should have limited lifetime authentication cookies.
  • D. The target site should authenticate in GET and POST parameters, not only cookies.

Answer: AB

NEW QUESTION 3
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it to chess.exe. The size of chess.exe was 526,895 bytes originally, and after joining this chess file to the Trojan, the file size increased to 651,823 bytes. When he gives you this new game, you install the infected chess.exe file on your computer. He now performs various malicious tasks on your computer remotely. But you suspect that someone has installed a Trojan on your computer and begin to investigate it. When you enter the netstat command in the command prompt, you get the following results:
C:\WINDOWS>netstat -an | find "UDP" UDP IP_Address:31337 *:*
Now you check the following registry address:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
In the above address, you notice a 'default' key in the 'Name' field having " .exe" value in the corresponding 'Data' field. Which of the following Trojans do you think your friend may have installed on your computer on the basis of the above evidence?

  • A. Qaz
  • B. Donald Dick
  • C. Tini
  • D. Back Orifice

Answer: D

NEW QUESTION 4
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker's intentions?

  • A. Internal attack
  • B. Reconnaissance attack
  • C. Land attack
  • D. DoS attack

Answer: D

NEW QUESTION 5
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.

  • A. It contains Trojans.
  • B. It is a virus.
  • C. It is antivirus.
  • D. It is a collection of various hacking tools.

Answer: AD

NEW QUESTION 6
Which of the following techniques can be used to map 'open' or 'pass through' ports on a gateway?

  • A. Traceport
  • B. Tracefire
  • C. Tracegate
  • D. Traceroute

Answer: D

NEW QUESTION 7
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

  • A. Kernel keylogger
  • B. Software keylogger
  • C. Hardware keylogger
  • D. OS keylogger

Answer: C

NEW QUESTION 8
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?

  • A. Information Security representative
  • B. Lead Investigator
  • C. Legal representative
  • D. Human Resource

Answer: C

NEW QUESTION 9
You enter the following URL on your Web browser:
http://www.we-are-secure.com/scripts/..%co%af../..%co%
af../windows/system32/cmd.exe?/c+dir+c:\
What kind of attack are you performing?

  • A. Directory traversal
  • B. Replay
  • C. Session hijacking
  • D. URL obfuscating

Answer: A

NEW QUESTION 10
Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client computers and four Windows 2000 servers. All the client computers are able to connect to the Internet. Mark is concerned about malware infecting the client computers through the Internet. What will Mark do to protect the client computers from malware?
Each correct answer represents a complete solution. Choose two.

  • A. Educate users of the client computers to avoid malware.
  • B. Educate users of the client computers about the problems arising due to malware.
  • C. Prevent users of the client computers from executing any programs.
  • D. Assign Read-Only permission to the users for accessing the hard disk drives of the client computers.

Answer: AB

NEW QUESTION 11
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denialof-service, or unauthorized changes to system hardware, software, or data?

  • A. Disaster Recovery Plan
  • B. Cyber Incident Response Plan
  • C. Crisis Communication Plan
  • D. Occupant Emergency Plan

Answer: B

NEW QUESTION 12
Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.
Which of the following is the destination MAC address of a broadcast frame?

  • A. 0xDDDDDDDDD
  • B. 0x00000000000
  • C. 0xFFFFFFFFFFFF
  • D. 0xAAAAAAAAAA

Answer: C

NEW QUESTION 13
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of the company complains to John that his system contains an unknown package named as tar.gz and his documents are exploited. To resolve the problem, John uses a Port scanner to enquire about the open ports and finds out that the HTTP server service port on 27374 is open. He suspects that the other computers on the network are also facing the same problem. John discovers that a malicious application is using the synscan tool to randomly generate IP addresses.
Which of the following worms has attacked the computer?

  • A. Code red
  • B. Ramen
  • C. LoveLetter
  • D. Nimda

Answer: B

NEW QUESTION 14
Which of the following is the most common vulnerability that can affect desktop applications written in native code?

  • A. SpyWare
  • B. DDoS attack
  • C. Malware
  • D. Buffer overflow

Answer: D

NEW QUESTION 15
Which of the following methods can be used to detect session hijacking attack?

  • A. nmap
  • B. Brutus
  • C. ntop
  • D. sniffer

Answer: D

NEW QUESTION 16
Which of the following is the method of hiding data within another media type such as graphic or document?

  • A. Spoofing
  • B. Steganography
  • C. Packet sniffing
  • D. Cryptanalysis

Answer: B

NEW QUESTION 17
Rick works as a Professional Ethical Hacker for Exambible Inc. The company has opened a new branch that uses Windows-based computers. Rick has been assigned a project to check the network security of the new branch office. He wants to ensure that the company is free from remote hacking attacks.
Choose the appropriate steps that Rick should perform to accomplish the task.
GCIH dumps exhibit


Solution:
GCIH dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 18
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we- are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

  • A. Hunt
  • B. IPChains
  • C. Ethercap
  • D. Tripwire

Answer: A

NEW QUESTION 19
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it with chess.exe. Which of the following tools are required in such a scenario?
Each correct answer represents a part of the solution. Choose three.

  • A. NetBus
  • B. Absinthe
  • C. Yet Another Binder
  • D. Chess.exe

Answer: ACD

NEW QUESTION 20
......

Recommend!! Get the Full GCIH dumps in VCE and PDF From Certshared, Welcome to Download: https://www.certshared.com/exam/GCIH/ (New 328 Q&As Version)