
[Feb-2023] Feel GIAC GCIH Dumps PDF Will likely be The best Option
GCIH exam torrent GIAC study guide
The GIAC GCIH exam is necessary for obtaining the GIAC Certified Incident Handler certification that validates the candidate’s skills in resolving incidents related to computer security.
NEW QUESTION 110
In which of the following attacks does an attacker create the IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system?
- A. IP address spoofing
- B. Rainbow attack
- C. Polymorphic shell code attack
- D. Cross-site request forgery
Answer: A
NEW QUESTION 111
Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client computers and four Windows 2000 servers. All the client computers are able to connect to the Internet. Mark is concerned about malware infecting the client computers through the Internet. What will Mark do to protect the client computers from malware?
Each correct answer represents a complete solution. Choose two.
- A. Educate users of the client computers to avoid malware.
- B. Educate users of the client computers about the problems arising due to malware.
- C. Assign Read-Only permission to the users for accessing the hard disk drives of the client computers.
- D. Prevent users of the client computers from executing any programs.
Answer: A,B
NEW QUESTION 112
Which of the following tools is used to attack the Digital Watermarking?
- A. Active Attacks
- B. Gifshuffle
- C. 2Mosaic
- D. Steg-Only Attack
Answer: C
Explanation:
Section: Volume B
NEW QUESTION 113
Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.
- A. ActiveX controls, VBScript, and Java scripts
- B. Any fake executable
- C. Spywares and adware
- D. NetBIOS remote installation
Answer: A,B,C,D
Explanation:
Section: Volume B
NEW QUESTION 114
Peter works as a Network Administrator for the PassGuide Inc. The company has a Windows-based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests.
Which of the following attacks is being implemented by the malicious hacker?
- A. SQL injection attack
- B. Man-in-the-middle attack
- C. Buffer overflow attack
- D. Denial-of-Service (DoS) attack
Answer: D
NEW QUESTION 115
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
- A. Software keylogger
- B. Hardware keylogger
- C. OS keylogger
- D. Kernel keylogger
Answer: B
Explanation:
Section: Volume B
NEW QUESTION 116
In which of the following attacking methods does an attacker distribute incorrect IP address?
- A. IP spoofing
- B. Mac flooding
- C. Man-in-the-middle
- D. DNS poisoning
Answer: D
Explanation:
Section: Volume A
NEW QUESTION 117
Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?
- A. Create new sub-team to keep check.
- B. Create incident manual read it every time incident occurs.
- C. Create incident checklists.
- D. Appoint someone else to check the procedures.
Answer: C
NEW QUESTION 118
Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?
- A. SPI
- B. Internet bot
- C. Honey Pot
- D. Distributive firewall
Answer: A
NEW QUESTION 119
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
- A. Jolt
- B. Teardrop
- C. Ping of death
- D. Fraggle
Answer: C
Explanation:
Section: Volume A
NEW QUESTION 120
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but
can still negatively affect the performance of the computers on your network and introduce significant security risks
to your organization.
- A. Hardware
- B. Grayware
- C. Firmware
- D. Melissa
Answer: B
NEW QUESTION 121
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the
We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the
server log files?
- A. Reconnaissance
- B. Gaining access
- C. Covering tracks
- D. Maintaining access
Answer: C
NEW QUESTION 122
You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?
- A. UPDATE DBM CONFIGURATION USING DFT_MON_SORT
- B. UPDATE DBM CONFIGURATION USING DFT_MON_TABLE
- C. UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP
- D. UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL
Answer: A
NEW QUESTION 123
Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not concerned about being stealth at this point.
Which of the following type of scans would be most accurate and reliable?
- A. ACK scan
- B. UDP sacn
- C. Fin scan
- D. TCP Connect scan
Answer: D
NEW QUESTION 124
John works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The
company uses Check Point SmartDefense to provide security to the network of the company. On the HTTP servers of
the company, John defines a rule for dropping any kind of userdefined URLs. Which of the following types of attacks
can be prevented by dropping the user-defined URLs?
- A. Code red worm
- B. PTC worms and mutations
- C. Hybrid attacks
- D. Morris worm
Answer: B
NEW QUESTION 125
John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?
- A. Reconnaissance
- B. Gaining access
- C. Covering tracks
- D. Maintaining access
Answer: C
Explanation:
Section: Volume C
NEW QUESTION 126
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?
- A. RPC
- B. IDLE
- C. UDP
- D. TCP SYN/ACK
Answer: B
NEW QUESTION 127
Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.
- A. One feature of worms is keystroke logging.
- B. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
- C. Worms replicate themselves from one system to another without using a host file.
- D. Worms can exist inside files such as Word or Excel documents.
Answer: B,C,D
NEW QUESTION 128
John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection.
Which of the following scanning techniques will he use to accomplish this task?
- A. Xmas tree
- B. TCP SYN
- C. TCP SYN/ACK
- D. TCP FIN
Answer: B
Explanation:
Section: Volume C
NEW QUESTION 129
......
How to book GCIH Exams
In order to apply for the GCIH, You have to follow these steps
- Go to the GCIH Official Site
- Read the instruction Carefully
- Follow the given steps
- Apply for the GCIH
Use Valid New GCIH Test Notes & GCIH Valid Exam Guide: https://www.fast2test.com/GCIH-premium-file.html
GCIH Actual Questions Answers PDF 100% Cover Real Exam Questions: https://drive.google.com/open?id=1Rq0TAE7jFWi7SdevYeDJXS6GSCEbNRlF