2014年1月15日星期三

GIAC certification GPEN exam training materials

ITCertKing is a website which can give much convenience and meet the needs and achieve dreams for many people participating IT certification exams. If you are still worrying about passing some IT certification exams, please choose ITCertKing to help you. ITCertKing can make you feel at ease, because we have a lot of IT certification exam related training materials with high quality, coverage of the outline and pertinence, too, which will bring you a lot of help. You won't regret to choose ITCertKing, it can help you build your dream career.

ITCertKing is a website to achieve dreams of many IT people. ITCertKing provide candidates participating in the IT certification exams the information they want to help them pass the exam. Do you still worry about passing GIAC certification GPEN exam? Have you thought about purchasing an GIAC certification GPEN exam counseling sessions to assist you? ITCertKing can provide you with this convenience. ITCertKing's training materials can help you pass the certification exam. ITCertKing's exercises are almost similar to real exams. With ITCertKing's accurate GIAC certification GPEN exam practice questions and answers, you can pass GIAC certification GPEN exam with a high score.

If you are still hesitate to choose our ITCertKing, you can try to free download part of GIAC GPEN exam certification exam questions and answers provided in our ITCertKing. So that you can know the high reliability of our ITCertKing. Our ITCertKing will be your best selection and guarantee to pass GIAC GPEN exam certification. Your choose of our ITCertKing is equal to choose success.

Exam Code: GPEN
Exam Name: GIAC (GIAC Certified Penetration Tester)
One year free update, No help, Full refund!
Total Q&A: 384 Questions and Answers
Last Update: 2014-01-15

Are you worrying about how to pass GIAC GPEN test? Now don't need to worry about the problem. ITCertKing that committed to the study of GIAC GPEN certification exam for years has a wealth of experience and strong exam dumps to help you effectively pass your exam. Whether to pass the exam successfully, it consists not in how many materials you have seen, but in if you find the right method. ITCertKing is the right method which can help you sail through GIAC GPEN certification exam.

GPEN Free Demo Download: http://www.itcertking.com/GPEN_exam.html

NO.1 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D

GIAC   GPEN test answers   GPEN

NO.2 Which of the following is NOT an example of passive footprinting?
A. Scanning ports.
B. Analyzing job requirements.
C. Performing the whois query.
D. Querying the search engine.
Answer: A

GIAC   GPEN answers real questions   GPEN   GPEN pdf   GPEN   GPEN braindump

NO.3 A Web developer with your company wants to have wireless access for contractors that come
in to work on various projects. The process of getting this approved takes time. So rather than wait,
he has put his own wireless router attached to one of the network ports in his department. What
security risk does this present?
A. An unauthorized WAP is one way for hackers to get into a network.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. None, adding a wireless access point is a common task and not a security risk.
Answer: A

GIAC   GPEN   GPEN

NO.4 An executive in your company reports odd behavior on her PDA. After investigation you
discover that a trusted device is actually copying data off the PDA. The executive tells you that the
behavior started shortly after accepting an e-business card from an unknown person. What type of
attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D

GIAC test questions   GPEN   GPEN dumps

NO.5 Which of the following statements are true about KisMAC?
A. Data generated by KisMAC can also be saved in pcap format.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It scans for networks passively on supported cards.
D. It is a wireless network discovery tool for Mac OS X.
Answer: A,C,D

GIAC   GPEN   GPEN certification training   GPEN test answers

NO.6 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks
will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate
with each other.
Answer: B,C,D

GIAC   GPEN questions   GPEN practice test

NO.7 Which of the following encryption modes are possible in WEP?
Each correct answer represents a complete solution. Choose all that apply.
A. No encryption
B. 256 bit encryption
C. 128 bit encryption
D. 40 bit encryption
Answer: A,C,D

GIAC   GPEN   GPEN original questions

NO.8 Adam works on a Linux system. He is using Sendmail as the primary application to transmit
emails.
Linux uses Syslog to maintain logs of what has occurred on the system. Which of the following log
files contains e-mail information such as source and destination IP addresses, date and time stamps
etc?
A. /log/var/logd
B. /var/log/logmail
C. /log/var/mailog
D. /var/log/mailog
Answer: D

GIAC   GPEN study guide   GPEN   GPEN test   GPEN

NO.9 Which of the following statements is true about the Digest Authentication scheme?
A. In this authentication scheme, the username and password are passed with every request, not
just when the user first types them.
B. A valid response from the client contains a checksum of the username, the password, the given
random value, the HTTP method, and the requested URL.
C. The password is sent over the network in clear text format.
D. It uses the base64 encoding encryption scheme.
Answer: B

GIAC answers real questions   GPEN   GPEN   GPEN practice test   GPEN   GPEN

NO.10 You work as a professional Ethical Hacker. You are assigned a project to perform blackhat
testing on www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition
mechanic. You claim that someone from the office called you saying that there is some fault in the
air-conditioner of the server room. After some inquiries/arguments, the Security Administrator
allows you to repair the air-conditioner of the server room.
When you get into the room, you found the server is Linux-based. You press the reboot button of
the server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly
boots backup into Knoppix. You mount the root partition of the server after replacing the root
password in the /etc/shadow file with a known password hash and salt. Further, you copy the netcat
tool on the server and install its startup files to create a reverse tunnel and move a shell to a remote
server whenever the server is restarted. You simply restart the server, pull out the Knoppix Live CD
from the server, and inform that the air-conditioner is working properly.
After completing this attack process, you create a security auditing report in which you mention
various threats such as social engineering threat, boot from Live CD, etc. and suggest the
countermeasures to stop booting from the external media and retrieving sensitive data. Which of
the following steps have you suggested to stop booting from the external media and retrieving
sensitive data with regard to the above scenario?
Each correct answer represents a complete solution. Choose two.
A. Encrypting disk partitions
B. Using password protected hard drives
C. Placing BIOS password
D. Setting only the root level access for sensitive data
Answer: A,B

GIAC demo   GPEN original questions   GPEN braindump

NO.11 Which of the following are the scanning methods used in penetration testing?
Each correct answer represents a complete solution. Choose all that apply.
A. Vulnerability
B. Port
C. Network
D. Services
Answer: A,B,C

GIAC   GPEN original questions   GPEN certification training   GPEN   GPEN   GPEN

NO.12 Which of the following attacks allows an attacker to sniff data frames on a local area network
(LAN) or stop the traffic altogether?
A. Man-in-the-middle
B. ARP spoofing
C. Port scanning
D. Session hijacking
Answer: B

GIAC   GPEN demo   GPEN

NO.13 You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
A. Capture data on port 53 and performing banner grabbing.
B. Listen the incoming traffic on port 53 and execute the remote shell.
C. Listen the incoming data and performing port scanning.
D. Capture data on port 53 and delete the remote shell.
Answer: B

GIAC   GPEN certification training   GPEN   GPEN   GPEN practice test

NO.14 You have inserted a Trojan on your friend's computer and you want to put it in the startup so
that whenever the computer reboots the Trojan will start to run on the startup. Which of the
following registry entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D

GIAC   GPEN   GPEN   GPEN

NO.15 Which of the following options holds the strongest password?
A. california
B. $#164aviD

没有评论:

发表评论