It is more faster and easier to pass the GIAC GPEN exam by using High quality GIAC GIAC Certified Penetration Tester questuins and answers. Immediate access to the Up to date GPEN Exam and find the same core area GPEN questions with professionally verified answers, then PASS your exam with a high score now.

Check GPEN free dumps before getting the full version:

NEW QUESTION 1

How many bits encryption does SHA-1 use?

  • A. 140
  • B. 512
  • C. 128
  • D. 160

Answer: D

NEW QUESTION 2

Which of the following tools is not a BlueSnarf attacking tool?

  • A. Blooover
  • B. Redsnarf
  • C. BlueSnarfer
  • D. Freejack

Answer: D

NEW QUESTION 3

Which of the following is the feature that separates the use of Rainbow Tables from other applications such as Cain or John the Ripper?

  • A. Salts are used to create massive password databases for compariso
  • B. Applications take advantage of 64-bit CPU processor and multithread the crackingproces
  • C. Data Is aligned efficiently in the rainbow tables making the search process quicker
  • D. Raw hashed passwords are compared to pre-calculated hash table

Answer: B

NEW QUESTION 4

You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?

  • A. 1024
  • B. 256
  • C. 512
  • D. 64

Answer: C

NEW QUESTION 5

Which of the following techniques are NOT used to perform active OS fingerprinting?
Each correct answer represents a complete solution. Choose all that apply.

  • A. ICMP error message quoting
  • B. Analyzing email headers
  • C. Sniffing and analyzing packets
  • D. Sending FIN packets to open ports on the remote system

Answer: BC

NEW QUESTION 6
CORRECT TEXT
Fill in the blank with the appropriate act name.
The___ act gives consumers the right to ask emailers to stop spamming them.

  • A.

Answer: CAN-SPAM

NEW QUESTION 7

Which of the following commands can be used for port scanning?

  • A. nc -z
  • B. nc -t
  • C. nc -w
  • D. nc –g

Answer: A

NEW QUESTION 8

In which of the following attacks is a malicious packet rejected by an IDS, but accepted by the host system?

  • A. Insertion
  • B. Evasion
  • C. Fragmentation overwrite
  • D. Fragmentation overlap

Answer: B

NEW QUESTION 9

You have compromised a Windows XP system and Injected the Meterpreter payload into the lsass process. While looking over the system you notice that there is a popular
password management program on the system. When you attempt to access the file that contains the password you find it is locked. Further investigation reveals that it is locked by the passmgr process. How can you use the Meterpreter to get access to this file?

  • A. Use the getuid command to determine the user context the process is runningunder, then use the imp command to impersonate that use
  • B. use the getpid command to determine the user context the process is runningunder, then use the Imp command to impersonate that use
  • C. Use the execute command to the passmgr executabl
  • D. That will give you access to the fil
  • E. Use the migrate command to jump to the passmgr proces
  • F. That will give you accessto the fil

Answer: C

NEW QUESTION 10

You want to retrieve the default security report of nessus. Which of the following google search queries will you use?

  • A. link:pdf nessus "Assessment report"
  • B. filetype:pdf nessus
  • C. filetype:pdf "Assessment Report" nessus
  • D. site:pdf nessus "Assessment report"

Answer: C

NEW QUESTION 11

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Dictionary attack
  • B. Rule based attack
  • C. Hybrid attack
  • D. Brute Force attack

Answer: ACD

NEW QUESTION 12

In the screen shot below, which selections would you need click in order to intercept and alter all http traffic passing through OWASP ZAP?
GPEN dumps exhibit

  • A. Trap response and continue
  • B. Set Break and Continue
  • C. Trap request and continue
  • D. Continue and drop

Answer: B

NEW QUESTION 13

How does OWASP ZAP function when used for performing web application assessments?

  • A. It is a non-transparent proxy that sits between your web browser and the targetapplicatio
  • B. It is a transparent policy proxy that sits between Java servers and |SP web page
  • C. It is a non-transparent proxy that passively sniffs network traffic for HTTPvulnerabilitie
  • D. It is a transparent proxy that sits between a target application and the backenddatabas

Answer: D

NEW QUESTION 14

Which of the following is the correct sequence of packets to perform the 3-way handshake method?

  • A. SYN, ACK, ACK
  • B. SYN, ACK, SYN/ACK
  • C. SYN, SYN/ACK, ACK
  • D. SYN, SYN, ACK

Answer: C

NEW QUESTION 15

You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do nc -q 2 -v $i 80 < request.txt done where, hostlist.txt file contains
the list of IP addresses and request.txt is the output file.
Which of the following tasks do you want to perform by running this script?

  • A. You want to perform port scanning to the hosts given in the IP address lis
  • B. You want to transfer file hostlist.txt to the hosts given in the IP address lis
  • C. You want to perform banner grabbing to the hosts given in the IP address lis
  • D. You want to put nmap in the listen mode to the hosts given in the IP address lis

Answer: C

NEW QUESTION 16

What is the purpose of die following command:
nc.exe -I -p 2222 -e cmd.exe

  • A. It is used to start a persistent listener linked to cmd.exe on port 2222 TCP
  • B. It is used to start a listener linked to cmd.exe on port 2222 TCP
  • C. It is used to start a listener linked to cmd.exe on port 2222 UDP
  • D. It is used to start a persistent listener linked to cmd.exe on port 2222 UDP

Answer: C

NEW QUESTION 17

In which of the following attacks is a malicious packet rejected by an IDS, but accepted by the host system?

  • A. Insertion
  • B. Evasion
  • C. Fragmentation overwrite
  • D. Fragmentation overlap

Answer: B

NEW QUESTION 18

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Brute Force attack
  • B. Dictionary attack
  • C. Hybrid attack
  • D. Rule based attack

Answer: ABC

NEW QUESTION 19
......

Recommend!! Get the Full GPEN dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/GPEN-exam-dumps.html (New 385 Q&As Version)