GIAC GCIH Exam Questions

Question 6 of 842

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?

A.

NAT spoofing

B.

DNS cache poisoning

C.

MAC spoofing

D.

ARP spoofing

Question 7 of 842

Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

A.

Demon dialing

B.

Warkitting

C.

War driving

D.

Wardialing

Question 8 of 842

Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?

A.

Gathering private and public IP addresses

B.

Collecting employees information

C.

Banner grabbing

D.

Performing Neotracerouting

Question 9 of 842

Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. (Choose all that apply.)

A.

tcp wrapper provides access control, host address spoofing, client username lookups, etc.

B.

When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.

C.

tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

D.

tcp wrapper protects a Linux server from IP address spoofing.

Question 10 of 842

Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?

A.

Evasion attack

B.

Denial-of-Service (DoS) attack

C.

Ping of death attack

D.

Buffer overflow attack