Le test simulation GIAC GPEN sorti par les experts de Pass4Test est bien proche du test réel. Nous sommes confiant sur notre produit qui vous permet à réussir le test GIAC GPEN à la première fois. Si vous ne passe pas le test, votre argent sera tout rendu.
Obtenez la Q&A de test GIAC GPEN de Pass4Test plus tôt, vous pouvez réussir le test Certification GIAC GPEN plus tôt.
Le test de Certification GIAC GPEN devient de plus en plus chaud dans l'Industrie IT. En fait, ce test demande beaucoup de travaux pour passer. Généralement, les gens doivent travailler très dur pour réussir.
Code d'Examen: GPEN
Nom d'Examen: GIAC (GIAC Certified Penetration Tester)
Questions et réponses: 384 Q&As
Pass4Test a capacité d'économiser vos temps et de vous faire plus confiant à réussir le test. Vous pouvez télécharger le démo GIAC GPEN gratuit à connaître mieux la bonne fiabilité de Pass4Test. Nous nous font toujours confiant sur nos produits, et vous aussi dans un temps proche. La réussite de test GIAC GPEN n'est pas loin de vous une fois que vous choisissez le produit de Pass4Test. C'est un choix élégant pour vous faciliter à réussir le test GIAC GPEN.
GPEN Démo gratuit à télécharger: http://www.pass4test.fr/GPEN.html
NO.1 Which of the following enables an inventor to legally enforce his right to exclude others from using his
invention?
A. Patent
B. Spam
C. Phishing
D. Artistic license
Answer: A
certification GIAC GPEN certification GPEN GPEN
NO.2 You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will
you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. Restart nessusd service.
B. Place nikto.pl file in the /var/www directory.
C. Place nikto.pl file in the /etc/nessus directory.
D. Place the directory containing nikto.pl in root's PATH environment variable.
Answer: A,D
GIAC GPEN GPEN GPEN GPEN GPEN examen
NO.3 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other
networks will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate with
each other.
Answer: B,C,D
GIAC GPEN GPEN
NO.4 You have inserted a Trojan on your friend's computer and you want to put it in the startup so that
whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry
entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D
certification GIAC certification GPEN GPEN examen
NO.5 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D
GIAC examen GPEN GPEN certification GPEN
NO.6 Which of the following are the scanning methods used in penetration testing?
Each correct answer represents a complete solution. Choose all that apply.
A. Vulnerability
B. Port
C. Network
D. Services
Answer: A,B,C
GIAC examen GPEN examen GPEN certification GPEN
NO.7 Which of the following types of cyber stalking damage the reputation of their victim and turn other
people against them by setting up their own Websites, blogs or user pages for this purpose?
A. Encouraging others to harass the victim
B. False accusations
C. Attempts to gather information about the victim
D. False victimization
Answer: B
GIAC GPEN examen GPEN GPEN examen GPEN GPEN examen
NO.8 In which of the following scanning techniques does a scanner connect to an FTP server and request
that server to start data transfer to the third system?
A. Bounce attack scanning
B. Xmas Tree scanning
C. TCP FIN scanning
D. TCP SYN scanning
Answer: A
GIAC certification GPEN GPEN GPEN GPEN
NO.9 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D
certification GIAC GPEN certification GPEN certification GPEN
NO.10 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk
and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his
task?
A. TCP FTP proxy scanning
B. Eavesdropping
C. Web ripping
D. Fingerprinting
Answer: C
GIAC examen GPEN examen GPEN examen GPEN
NO.11 Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.
A. The target site should have limited lifetime authentication cookies.
B. The attacker must target a site that doesn't check the referrer header.
C. The target site should authenticate in GET and POST parameters, not only cookies.
D. The attacker must determine the right values for all the form inputs.
Answer: B,D
GIAC certification GPEN GPEN GPEN GPEN GPEN
NO.12 A Web developer with your company wants to have wireless access for contractors that come in to work
on various projects. The process of getting this approved takes time. So rather than wait, he has put his
own wireless router attached to one of the network ports in his department. What security risk does this
present?
A. An unauthorized WAP is one way for hackers to get into a network.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. None, adding a wireless access point is a common task and not a security risk.
Answer: A
GIAC examen GPEN examen certification GPEN GPEN GPEN examen GPEN
NO.13 Which of the following statements are true about KisMAC?
A. Data generated by KisMAC can also be saved in pcap format.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It scans for networks passively on supported cards.
D. It is a wireless network discovery tool for Mac OS X.
Answer: A,C,D
GIAC examen certification GPEN certification GPEN certification GPEN GPEN examen
NO.14 Which of the following attacks is a form of active eavesdropping in which the attacker makes
independent connections with the victims and relays messages between them, making them believe that
they are talking directly to each other over a private connection, when in fact the entire conversation is
controlled by the attacker?
A. DoS
B. Sniffing
C. Man-in-the-middle
D. Brute force
Answer: C
GIAC GPEN GPEN GPEN
NO.15 Which of the following encryption modes are possible in WEP?
Each correct answer represents a complete solution. Choose all that apply.
A. No encryption
B. 256 bit encryption
C. 128 bit encryption
D. 40 bit encryption
Answer: A,C,D
GIAC GPEN examen GPEN examen GPEN examen GPEN examen certification GPEN
NO.16 Which of the following options holds the strongest password?
A. california
B. $#164aviD
没有评论:
发表评论