GIAC GCIH Exam Questions

Question 6 of 785

Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

Demon dialing

Warkitting

War driving

Wardialing

Correct Answer: D

Question 7 of 785

Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?

Gathering private and public IP addresses

Collecting employees information

Banner grabbing

Performing Neotracerouting

Correct Answer: B

Network mapping involves identifying and documenting the devices and pathways in a network. This typically includes gathering private and public IP addresses, banner grabbing, and performing tracerouting to understand the network's structure and communication routes. Collecting employee information is not part of manual network mapping as it does not directly relate to the physical or logical layout of the network.

Question 8 of 785

Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. (Choose all that apply.)

tcp wrapper provides access control, host address spoofing, client username lookups, etc.

When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.

tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

tcp wrapper protects a Linux server from IP address spoofing.

Correct Answer: A, B, C

Question 9 of 785

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are- secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

IIS buffer overflow

NetBIOS NULL session

SNMP enumeration

DNS zone transfer

Correct Answer: C

The Internet Printing Protocol (IPP) is related to printers and can be associated with SNMP (Simple Network Management Protocol), which is used for managing devices on IP networks including printers. If John suggests removing IPP printing capability as a countermeasure, it is likely to prevent SNMP enumeration. SNMP enumeration involves querying the SNMP service for information about network devices, and removing IPP printing can help mitigate this risk.

Question 10 of 785

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected
Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site
Scripting attack Ryan intends to do?

Non persistent

Document Object Model (DOM)

SAX

Persistent

Correct Answer: D