最新GCIHテスト材料には有効なGCIHテストエンジン [Q100-Q123]

Share

最新GCIHテスト材料には有効なGCIHテストエンジン

GCIH更新された試験問題集で[2023年最新] 練習には有効な試験問題集


GIAC GCIH(GIAC Certified Incident Handler)試験は、サイバーセキュリティの分野で最も高く評価され尊敬されている資格の1つです。この試験は、組織内のインシデントの検出、対応、管理を担当する個人の知識、スキル、能力をテストするように設計されています。この認定は、サイバーセキュリティの認定とトレーニングを提供する主要なプロバイダーであるGlobal Information Assurance Certification(GIAC)によって提供されています。

 

質問 # 100
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

  • A. Malware installation from unknown Web sites
  • B. Distributed denial of service (DDOS) attack
  • C. Brute force attack
  • D. Mail bombing

正解:A


質問 # 101
Which of the following is the process of comparing cryptographic hash functions of system executables and
configuration files?

  • A. File integrity auditing
  • B. Spoofing
  • C. Reconnaissance
  • D. Shoulder surfing

正解:A


質問 # 102
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

  • A. Hardware
  • B. Firmware
  • C. Melissa
  • D. Grayware

正解:D


質問 # 103
Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half
open?

  • A. Spoofing
  • B. SYN attack
  • C. Hacking
  • D. PING attack

正解:B


質問 # 104
Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism?
Each correct answer represents a complete solution. Choose two.

  • A. SYN flood attack
  • B. Land attack
  • C. Ping of Death attack
  • D. Teardrop attack

正解:C、D

解説:
Section: Volume A


質問 # 105
You work as a System Engineer for Cyber World Inc. Your company has a single Active Directory domain. All servers in the domain run Windows Server 2008. The Microsoft Hyper-V server role has been installed on one of the servers, namely uC1. uC1 hosts twelve virtual machines. You have been given the task to configure the Shutdown option for uC1, so that each virtual machine shuts down before the main Hyper-V server shuts down. Which of the following actions will you perform to accomplish the task?

  • A. Manually shut down each of the guest operating systems before the server shuts down.
  • B. Create a batch file to shut down the guest operating system before the server shuts down.
  • C. Enable the Shut Down the Guest Operating System option in the Automatic Stop Action Properties on each virtual machine.
  • D. Create a logon script to shut down the guest operating system before the server shuts down.

正解:C


質問 # 106
Which of the following rootkits is used to attack against full disk encryption systems?

  • A. Kernel level rootkit
  • B. Hypervisor rootkit
  • C. Library rootkit
  • D. Boot loader rootkit

正解:D


質問 # 107
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-
secure.com. He has successfully completed the following steps of the pre-attack phase:
* Information gathering
* Determining network range
* Identifying active machines
* Finding open ports and applications
* OS fingerprinting
* Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use
to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Traceroute
  • B. NeoTrace
  • C. Ettercap
  • D. Cheops

正解:A、B、D


質問 # 108
Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen.
Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?

  • A. Containment
  • B. Eradication
  • C. Recovery
  • D. Identification

正解:A


質問 # 109
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

  • A. The attack was Cross Site Scripting and the firewall blocked it.
  • B. Security was not compromised as the webpage was hosted internally.
  • C. Security was compromised as keylogger is invisible for firewall.
  • D. The attack was social engineering and the firewall did not detect it.

正解:D


質問 # 110
You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server.
Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?

  • A. XSS
  • B. Replay
  • C. Brute force
  • D. Cookie poisoning

正解:C

解説:
Section: Volume B


質問 # 111
You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

  • A. Netcraft
  • B. Ethereal
  • C. Ettercap
  • D. Nmap

正解:A


質問 # 112
Which of the following steps can be taken as countermeasures against sniffer attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Reduce the range of the network to avoid attacks into wireless networks.
  • B. Use encrypted protocols for all communications.
  • C. Use tools such as StackGuard and Immunix System to avoid attacks.
  • D. Use switches instead of hubs since they switch communications, which means that information is
    delivered only to the predefined host.

正解:A、B、D


質問 # 113
Which of the following rootkits patches, hooks, or replaces system calls with versions that hide information about the attacker?

  • A. Kernel level rootkit
  • B. Hypervisor rootkit
  • C. Library rootkit
  • D. Boot loader rootkit

正解:C

解説:
Section: Volume B


質問 # 114
John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's
password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Rule based attack
  • B. Dictionary attack
  • C. Hybrid attack
  • D. Brute Force attack

正解:B、C、D


質問 # 115
You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Recovery
  • B. Identification
  • C. Preparation
  • D. Contamination
  • E. Eradication

正解:A、D、E

解説:
Section: Volume B


質問 # 116
Which of the following tools is described in the statement given below?
"It has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DdoS zombies and Trojans as well."

  • A. SARA
  • B. Anti-x
  • C. Nmap
  • D. Nessus

正解:D


質問 # 117
Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his new computer, he notices that it is not running nearly as fast as it used to. Adam uses antivirus software, anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?

  • A. Computer is infected with the Self-Replication Worm.
  • B. Computer is infected with stealth virus.
  • C. Computer is infected with the Stealth Trojan Virus.
  • D. Computer is infected with the stealth kernel level rootkit.

正解:D


質問 # 118
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?

  • A. Klez
  • B. Beast
  • C. SQL Slammer
  • D. Code red

正解:C


質問 # 119
Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.

  • A. ActiveX controls, VBScript, and Java scripts
  • B. Spywares and adware
  • C. Any fake executable
  • D. NetBIOS remote installation

正解:A、B、C、D


質問 # 120
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

  • A. tcp wrapper protects a Linux server from IP address spoofing.
  • B. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
  • C. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
  • D. tcp wrapper provides access control, host address spoofing, client username lookups, etc.

正解:B、C、D

解説:
Section: Volume A


質問 # 121
Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the
behavior of existing applications using hooks, patches, or injected code?

  • A. Kernel level rootkit
  • B. Application level rootkit
  • C. Hypervisor rootkit
  • D. Boot loader rootkit

正解:B


質問 # 122
John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit.
John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Rule based attack
  • B. Dictionary attack
  • C. Hybrid attack
  • D. Brute Force attack

正解:B、C、D

解説:
Section: Volume C


質問 # 123
......


GCIH認定試験では、インシデント対応手法、ネットワークおよびシステムフォレンジック、マルウェア分析、脆弱性管理など、インシデント処理に関連する幅広いトピックをカバーしています。この試験は、これらのトピックに関する候補者の理解と、実際の状況でそれらを適用する能力をテストするように設計されています。これは、候補者がインシデント処理の概念の理論的理解と実践的な経験の両方を持っている必要があることを意味します。

 

GCIHサンプルには正確な更新された問題:https://jp.fast2test.com/GCIH-premium-file.html

GCIH試験情報と無料練習テストを提供します:https://drive.google.com/open?id=1plMe7KyHymq11ycUL9jUwIzLKFJQI6NH


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어