Act now and download your GIAC GCIH test today! Do not waste time for the worthless GIAC GCIH tutorials. Download Most up-to-date GIAC GIAC Certified Incident Handler exam with real questions and answers and begin to learn GIAC GCIH with a classic professional.

GIAC GCIH Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

  • A. Maintaining access
  • B. Covering tracks
  • C. Gaining access
  • D. Reconnaissance

Answer: B

NEW QUESTION 2
You are monitoring your network's behavior. You find a sudden increase in traffic on the network. It seems to come in bursts and emanate from one specific machine. You have been able to determine that a user of that machine is unaware of the activity and lacks the computer knowledge required to be responsible for a computer attack. What attack might this indicate?

  • A. Spyware
  • B. Ping Flood
  • C. Denial of Service
  • D. Session Hijacking

Answer: A

NEW QUESTION 3
Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN. What steps can be used as a countermeasure of ARP spoofing?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Using smash guard utility
  • B. Using ARP Guard utility
  • C. Using static ARP entries on servers, workstation and routers
  • D. Using ARP watch utility
  • E. Using IDS Sensors to check continually for large amount of ARP traffic on local subnets

Answer: BCDE

NEW QUESTION 4
Which of the following is the best method of accurately identifying the services running on a victim host?

  • A. Use of the manual method of telnet to each of the open ports.
  • B. Use of a port scanner to scan each port to confirm the services running.
  • C. Use of hit and trial method to guess the services and ports of the victim host.
  • D. Use of a vulnerability scanner to try to probe each port to verify which service is running.

Answer: A

NEW QUESTION 5
Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?

  • A. The Electronic Communications Privacy Act of 1986 (ECPA)
  • B. The Fair Credit Reporting Act (FCRA)
  • C. The Equal Credit Opportunity Act (ECOA)
  • D. Federal Information Security Management Act of 2002 (FISMA)

Answer: D

NEW QUESTION 6
Which of the following commands can be used for port scanning?

  • A. nc -t
  • B. nc -z
  • C. nc -w
  • D. nc -g

Answer: B

NEW QUESTION 7
James works as a Database Administrator for Techsoft Inc. The company has a SQL Server 2005 computer. The computer has a database named Sales. Users complain that the performance of the database has deteriorated. James opens the System Monitor tool and finds that there is an increase in network traffic. What kind of attack might be the cause of the performance deterioration?

  • A. Denial-of-Service
  • B. Injection
  • C. Internal attack
  • D. Virus

Answer: A

NEW QUESTION 8
Choose the correct six -step process of threat modeling from the list of different steps.
GCIH dumps exhibit


Solution:
GCIH dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 9
Which of the following statements are true about a keylogger?
Each correct answer represents a complete solution. Choose all that apply.

  • A. It records all keystrokes on the victim's computer in a predefined log file.
  • B. It can be remotely installed on a computer system.
  • C. It is a software tool used to trace all or specific activities of a user on a computer.
  • D. It uses hidden code to destroy or scramble data on the hard disk.

Answer: ABC

NEW QUESTION 10
Which of the following rootkits patches, hooks, or replaces system calls with versions that hide information about the attacker?

  • A. Library rootkit
  • B. Kernel level rootkit
  • C. Hypervisor rootkit
  • D. Boot loader rootkit

Answer: A

NEW QUESTION 11
In which of the following attacks does an attacker spoof the source address in IP packets that are sent to the victim?

  • A. Dos
  • B. DDoS
  • C. Backscatter
  • D. SQL injection

Answer: C

NEW QUESTION 12
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

  • A. Trojan Man
  • B. EliteWrap
  • C. Tiny
  • D. NetBus

Answer: A

NEW QUESTION 13
Which of the following attacks is specially used for cracking a password?

  • A. PING attack
  • B. Dictionary attack
  • C. Vulnerability attack
  • D. DoS attack

Answer: B

NEW QUESTION 14
You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

  • A. Port scanning
  • B. Cloaking
  • C. Firewalking
  • D. Spoofing

Answer: C

NEW QUESTION 15
Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?

  • A. Evasion attack
  • B. Insertion attack
  • C. DDoS attack
  • D. Dictionary attack

Answer: C

NEW QUESTION 16
Which of the following is the Web 2.0 programming methodology that is used to create Web pages that are dynamic and interactive?

  • A. UML
  • B. Ajax
  • C. RSS
  • D. XML

Answer: B

NEW QUESTION 17
Which of the following statements about Ping of Death attack is true?

  • A. In this type of attack, a hacker sends more traffic to a network address than the buffer can handle.
  • B. This type of attack uses common words in either upper or lower case to find a password.
  • C. In this type of attack, a hacker maliciously cuts a network cable.
  • D. In this type of attack, a hacker sends ICMP packets greater than 65,536 bytes to crash a system.

Answer: D

NEW QUESTION 18
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email
you@gmail.com
And press the submit button.
The Web application displays the server error. What can be the reason of the error?

  • A. You have entered any special character in email.
  • B. Email entered is not valid.
  • C. The remote server is down.
  • D. Your internet connection is slow.

Answer: A

NEW QUESTION 19
Drag and drop the mapping techniques to their respective descriptions.
GCIH dumps exhibit


Solution:
GCIH dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 20
......

100% Valid and Newest Version GCIH Questions & Answers shared by Certleader, Get Full Dumps HERE: https://www.certleader.com/GCIH-dumps.html (New 328 Q&As)