Your success in GIAC GCIH is our sole target and we develop all our GCIH braindumps in a way that facilitates the attainment of this target. Not only is our GCIH study material the best you can find, it is also the most detailed and the most updated. GCIH Practice Exams for GIAC GCIH are written to the highest standards of technical accuracy.

Free GCIH Demo Online For GIAC Certifitcation:

NEW QUESTION 1
Which of the following is spy software that records activity on Macintosh systems via snapshots, keystrokes, and Web site logging?

  • A. Spector
  • B. Magic Lantern
  • C. eblaster
  • D. NetBus

Answer: A

NEW QUESTION 2
You are the Security Consultant and have been hired to check security for a client's network. Your client has stated that he has many concerns but the most critical is the security of Web applications on their Web server. What should be your highest priority then in checking his network?

  • A. Setting up IDS
  • B. Port scanning
  • C. Vulnerability scanning
  • D. Setting up a honey pot

Answer: C

NEW QUESTION 3
Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?

  • A. Replay
  • B. Firewalking
  • C. Session fixation
  • D. Cross site scripting

Answer: A

NEW QUESTION 4
Which of the following is used to determine the operating system on the remote computer in a network environment?

  • A. Spoofing
  • B. Reconnaissance
  • C. OS Fingerprinting
  • D. Social engineering

Answer: C

NEW QUESTION 5
In which of the following steps of the incident handling processes does the Incident Handler make sure that all business processes and functions are back to normal and then also wants to monitor the system or processes to ensure that the system is not compromised again?

  • A. Eradication
  • B. Lesson Learned
  • C. Recovery
  • D. Containment

Answer: C

NEW QUESTION 6
Which of the following is executed when a predetermined event occurs?

  • A. Trojan horse
  • B. Logic bomb
  • C. MAC
  • D. Worm

Answer: B

NEW QUESTION 7
You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

  • A. Smurf
  • B. Denial of Service
  • C. Evil Twin
  • D. Virus

Answer: B

NEW QUESTION 8
Which of the following tools can be used to detect the steganography?

  • A. Dskprobe
  • B. Blindside
  • C. ImageHide
  • D. Snow

Answer: A

NEW QUESTION 9
Which of the following are the automated tools that are used to perform penetration testing?
Each correct answer represents a complete solution. Choose two.

  • A. Pwdump
  • B. Nessus
  • C. EtherApe
  • D. GFI LANguard

Answer: BD

NEW QUESTION 10
Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.

  • A. Internet bots
  • B. Scripts
  • C. Anti-virus software
  • D. Spyware

Answer: AB

NEW QUESTION 11
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?

  • A. 22 hours
  • B. 23 days
  • C. 200 years
  • D. 5 minutes

Answer: D

NEW QUESTION 12
Which of the following Nmap commands is used to perform a UDP port scan?

  • A. nmap -sY
  • B. nmap -sS
  • C. nmap -sN
  • D. nmap -sU

Answer: D

NEW QUESTION 13
Which of the following functions can be used as a countermeasure to a Shell Injection attack?
Each correct answer represents a complete solution. Choose all that apply.

  • A. escapeshellarg()
  • B. mysql_real_escape_string()
  • C. regenerateid()
  • D. escapeshellcmd()

Answer: AD

NEW QUESTION 14
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

  • A. RPC
  • B. IDLE
  • C. UDP
  • D. TCP SYN/ACK

Answer: B

NEW QUESTION 15
Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Cross-site scripting
  • B. Session fixation
  • C. ARP spoofing
  • D. Session sidejacking

Answer: ABD

NEW QUESTION 16
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

  • A. Scanning
  • B. Preparation
  • C. gaining access
  • D. Reconnaissance

Answer: B

NEW QUESTION 17
Peter works as a Network Administrator for the Exambible Inc. The company has a Windows- based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

  • A. SQL injection attack
  • B. Denial-of-Service (DoS) attack
  • C. Man-in-the-middle attack
  • D. Buffer overflow attack

Answer: B

NEW QUESTION 18
Adam works as a Network Administrator for Exambible Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?

  • A. SPI
  • B. Distributive firewall
  • C. Honey Pot
  • D. Internet bot

Answer: A

NEW QUESTION 19
Who are the primary victims of smurf attacks on the contemporary Internet system?

  • A. IRC servers are the primary victims to smurf attacks
  • B. FTP servers are the primary victims to smurf attacks
  • C. SMTP servers are the primary victims to smurf attacks
  • D. Mail servers are the primary victims to smurf attacks

Answer: A

NEW QUESTION 20
......

Recommend!! Get the Full GCIH dumps in VCE and PDF From Certshared, Welcome to Download: https://www.certshared.com/exam/GCIH/ (New 328 Q&As Version)