Certified GIAC GPEN Exam Guide Online
Exambible offers free demo for GPEN exam. "GIAC Certified Penetration Tester", also known as GPEN exam, is a GIAC Certification. This set of posts, Passing the GIAC GPEN exam, will help you answer those questions. The GPEN Questions & Answers covers all the knowledge points of the real exam. 100% real GIAC GPEN exams and revised by experts!
Check GPEN free dumps before getting the full version:
NEW QUESTION 1
CORRECT TEXT
Fill in the blank with the appropriate word.
____is a port scanner that can also be used for the OS detection.
- A.
Answer: Nmap
NEW QUESTION 2
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:
Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'
This error message shows that the We-are-secure Website is vulnerable to __________.
- A. A SQL injection attack
- B. A Denial-of-Service attack
- C. A buffer overflow
- D. An XSS attack
Answer: A
NEW QUESTION 3
Which of the following IEEE standards defines Wired Equivalent Privacy encryption scheme?
- A. 802.15
- B. 802.11b
- C. 802.11a
- D. 802.11g
Answer: B
NEW QUESTION 4
Which of the following Trojans does not use TCP protocol?
- A. Donald Dick
- B. Beast
- C. Back Oriffice
- D. NetBus
Answer: C
NEW QUESTION 5
What command will correctly reformat the Unix passwordcopy and shadowcopy Tiles for input to John The Ripper?
- A. /Un shadow passwd copy shadowcopy > johnfile
- B. /Unshadow passwdcopy shadowcopy > johnfile
- C. /Unshadow shadowcopy passwdcopy >john file
- D. /Unshadow passwdcopy shadowcopy > johnfile
Answer: C
Explanation:
Reference:
https://books.google.co.in/books?id=SC-tAwAAQBAJ&pg=PA286&lpg=PA286&dq=/Unshadow+shadow+copy+passwd+copy+%3Ej ohn+file&source=bl&ots=OnZK9atlc1&sig=co7EM5EHye96vO74W3wZxky3sXU&hl=en&sa =X&ei=FBuoVPLHDc-cugSDxYGYBA&ved=0CCwQ6AEwAg#v=onepage&q=%2FUnshadow%20shadow%20cop y%20passwd%20copy%20%3Ejohn%20file&f=false
NEW QUESTION 6
Which of the following tools can be used to perform Windows password cracking, Windows enumeration, and VoIP session sniffing?
- A. L0phtcrack
- B. John the Ripper
- C. Cain
- D. Pass-the-hash toolkit
Answer: C
NEW QUESTION 7
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter committing?
- A. E-mail spoofing
- B. E-mail Spam
- C. E-mail bombing
- D. E-mail Storm
Answer: B
NEW QUESTION 8
Which of the following are the countermeasures against WEP cracking?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Using the longest key supported by hardwar
- B. Using a non-obvious ke
- C. Using a 16 bit SSI
- D. Changing keys ofte
Answer: ABD
NEW QUESTION 9
This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:
It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.
It is commonly used for the following purposes:
:a. War driving
:b. Detecting unauthorized access points
:c. Detecting causes of interference on a WLAN
:d. WEP ICV error tracking
:e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.
- A. Absinthe
- B. THC-Scan
- C. NetStumbler
- D. Kismet
Answer: C
NEW QUESTION 10
You run the rdisk /s command to retrieve the backup SAM file on a computer. Where should you go on the computer to find the file?
- A. %systemroot%\password\sam._
- B. %systemroot%\sam._
- C. %systemroot%\repair\sam._
- D. %systemroot%\backup\sam._
Answer: C
NEW QUESTION 11
You work as a professional Ethical Hacker. You are assigned a project to perform blackhat testing on www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition mechanic. You claim that someone from the office called you saying that there is some fault in the air-conditioner of the server room. After some inquiries/arguments, the Security Administrator allows you to repair the air-conditioner of the server room.
When you get into the room, you found the server is Linux-based. You press the reboot button of the server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly boots backup into Knoppix. You mount the root partition of the server after replacing the root password in the /etc/shadow file with a known password hash and salt.
Further, you copy the netcat tool on the server and install its startup files to create a reverse tunnel and move a shell to a remote server whenever the server is restarted. You simply restart the server, pull out the Knoppix Live CD from the server, and inform that the air-conditioner is working properly.
After completing this attack process, you create a security auditing report in which you mention various threats such as social engineering threat, boot from Live CD, etc. and suggest the countermeasures to stop booting from the external media and retrieving sensitive data. Which of the following steps have you suggested to stop booting from the external media and retrieving sensitive data with regard to the above scenario?
Each correct answer represents a complete solution. Choose two.
- A. Setting only the root level access for sensitive dat
- B. Encrypting disk partition
- C. Placing BIOS passwor
- D. Using password protected hard drive
Answer: BD
NEW QUESTION 12
You have compromised a Windows XP system and Injected the Meterpreter payload into the lsass process. While looking over the system you notice that there is a popular
password management program on the system. When you attempt to access the file that contains the password you find it is locked. Further investigation reveals that it is locked by the passmgr process. How can you use the Meterpreter to get access to this file?
- A. Use the getuid command to determine the user context the process is runningunder, then use the imp command to impersonate that use
- B. use the getpid command to determine the user context the process is runningunder, then use the Imp command to impersonate that use
- C. Use the execute command to the passmgr executabl
- D. That will give you access to the fil
- E. Use the migrate command to jump to the passmgr proces
- F. That will give you accessto the fil
Answer: C
NEW QUESTION 13
Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?
- A. Internet layer
- B. Application layer
- C. Transport Layer
- D. Link layer
Answer: D
NEW QUESTION 14
You successfully compromise a target system's web application using blind command injection. The command you injected is ping-n 1 192.168.1.200. Assuming your machine is
Solution:
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 15
CORRECT TEXT
Fill in the blank with the appropriate tool name.
__________is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters.
- A.
Answer: WEPcrack
NEW QUESTION 16
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.
- A. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain acces
- B. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain acces
- C. Attacker can use the Ping Flood DoS attack if WZC is use
- D. It will not allow the configuration of encryption and MAC filterin
- E. Sending information is not secure on wireless networ
Answer: AB
NEW QUESTION 17
You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
- A. Capture data on port 53 and performing banner grabbin
- B. Capture data on port 53 and delete the remote shel
- C. Listen the incoming traffic on port 53 and execute the remote shel
- D. Listen the incoming data and performing port scannin
Answer: C
NEW QUESTION 18
Which of the following tools is NOT used for wireless sniffing?
- A. AirMagnet
- B. Sniffer Wireless
- C. AiroPeek
- D. MiniStumbler
Answer: D
NEW QUESTION 19
......
100% Valid and Newest Version GPEN Questions & Answers shared by Dumps-hub.com, Get Full Dumps HERE: https://www.dumps-hub.com/GPEN-dumps.html (New 385 Q&As)