GIAC Penetration Tester

Here you have the best GIAC GPEN practice exam questions

  • You have 65 total questions to study from
  • Each page has 5 questions, making a total of 13 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on November 16, 2024
Question 1 of 65

ACME corporation has decided to setup wireless (IEEE 802.11) network in it's sales branch at Tokyo and found that channels 1, 6, 9,11 are in use by the neighboring offices. Which is the best channel they can use?

    Correct Answer: A

    Channels in the IEEE 802.11 wireless networks overlap with their adjacent channels. The non-overlapping channels usually utilized are 1, 6, and 11. Given that channels 1, 6, 9, and 11 are already in use, the best option would be channel 4 as it offers the least interference compared to others. It is far enough from channels 1, 6, and 11 to avoid significant overlap but still might slightly overlap with channel 6. Nonetheless, it presents the least interference among the given options.

Question 2 of 65

What is the MOST important document to obtain before beginning any penetration testing?

    Correct Answer: D

    The most important document to obtain before beginning any penetration testing is a written statement of permission. This document serves as legal consent from the organization authorizing the penetration testing activities. It ensures that the testers are legally protected and outlines the boundaries and scope of the testing activities. Without this document, any testing could be considered unauthorized and illegal.

Question 3 of 65

While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers:

C:\>sc winternet.host.com create ncservicebinpath- "c:\tools\ncexe -I -p 2222 -e cmd.exe"

C:\>sc vJnternet.host.com query ncservice.

What is the intent of the commands?

    Correct Answer: A

    The first command creates a backdoor shell as a service. It uses 'sc' to create a service named 'ncservice' that will run 'ncexe' with parameters to start a listener on TCP port 2222 and execute cmd.exe. The second command queries the status of the created service to ensure it has been set up correctly.

Question 4 of 65

Which of the following best describes a client side exploit?

    Correct Answer: A

    A client side exploit targets a client application that retrieves content from the network. This involves attacking software such as web browsers, email clients, and other applications that connect to the internet, often using malicious content or scripts delivered via email, web pages, or other internet-based means.

Question 5 of 65

You have gained shell on a Windows host and want to find other machines to pivot to, but the rules of engagement state that you can only use tools that are already available. How could you find other machines on the target network?

    Correct Answer: B

    The 'ping' utility in a for loop can effectively sweep the network to discover other machines. By systematically sending ping requests to a range of IP addresses, you can identify which machines are active and responding. This method leverages a tool (ping) that is typically pre-installed on a Windows host and complies with the rule of using only available tools.