[Mar 13, 2024] Genuine GPEN Exam Dumps New 2024 GIAC Pratice Exam
New 2024 Realistic GPEN Dumps Test Engine Exam Questions in here
NEW QUESTION # 100
Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?
- A. Collecting employees information
- B. Gathering private and public IP addresses
- C. Banner grabbing
- D. Performing Neotracerouting
Answer: D
Explanation:
Section: Volume C
NEW QUESTION # 101
Which of the following security protocols can be used to support MS-CHAPv2 for wireless client authentication?
Each correct answer represents a complete solution. Choose two.
- A. HTTP
- B. PEAP
- C. PPTP
- D. IPSec
Answer: B,C
Explanation:
Section: Volume C
Explanation/Reference:
NEW QUESTION # 102
You want to perform an active session hijack against Secure Inc. You have found a target that allows Telnet session. You have also searched an active session due to the high level of traffic on the network. What should you do next?
- A. Use a sniffer to listen network traffic.
- B. Use brutus to crack telnet password.
- C. Use macoff to change MAC address.
- D. Guess the sequence numbers.
Answer: D
Explanation:
Section: Volume B
NEW QUESTION # 103
You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared Key authentication for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?
- A. Install PEAP-MS-CHAP v2
- B. Install Service Pack 1
- C. Install EAP-TLS
- D. Enable WEP
Answer: D
NEW QUESTION # 104
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?
- A. Double quote (")
- B. Semi colon (;)
- C. Single quote (')
- D. Dash (-)
Answer: C
Explanation:
Section: Volume C
NEW QUESTION # 105
You've been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is
"loading" but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn't displayed the page yet?
- A. The site you are trying to reach is currently down.
- B. The proxy is configured to trap responses.
- C. The proxy is likely hung and must be restarted.
- D. The proxy is configured to trap requests.
Answer: D
NEW QUESTION # 106
You work as a Network Administrator in the Secure Inc. You often need to send PDF documents that contain secret information, such as, client password, their credit card details, email passwords, etc. through email to your customers. However, you are making PDFs password protected you are getting complaints from customers that their secret information is being misused. When you analyze this complaint you get that however you are applying the passwords on PDFs, they are not providing the maximum protection. What may be the cause of this security hole?
- A. PDF passwords can easily be cracked by brute force attacks.
- B. PDFs can be read easily in the plain-text form by applying a sniffer.
- C. PDFs are sent in email in the plain-text form.
- D. You are applying easily guessed passwords.
Answer: A
NEW QUESTION # 107
What is the most likely cause of the responses on lines 10 and 11 of the output below?
- A. The device at hop 10 is down and not forwarding any requests at all.
- B. The host running the tracer utility lost its network connection during the scan
- C. The devices at hops 10 and II did not return an "ICMP TTL Exceeded in Transit" message.
- D. The device at hop 10 silently drops UDP packets with a high destination port.
Answer: C
NEW QUESTION # 108
You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?
- A. Network anti-virus software
- B. Network anti-spyware software
- C. Site surveys
- D. Protocol analyzers
Answer: C
NEW QUESTION # 109
A pen tester is able to pull credential information from memory on a Windows system. Based on the command and output below, what advantage does this technique give a penetration tester when trying to access another windows system on the network?
- A. The technique is more effective through perimeter firewalls than otherauthentication attacks.
- B. Salts are removed from the hashes to allow for faster, offline cracking
- C. Access to the system can be gained without password guessing or cracking.
- D. It allows the tester to escalate the privilege level of the account,
Answer: A
NEW QUESTION # 110
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:
Information gathering
Determination of network range
Identification of active systems
Location of open ports and applications
Now, which of the following tasks should he perform next?
- A. Map the network of We-are-secure Inc.
- B. Perform OS fingerprinting on the We-are-secure network.
- C. Install a backdoor to log in remotely on the We-are-secure server.
- D. Fingerprint the services running on the we-are-secure network.
Answer: B
Explanation:
Section: Volume C
NEW QUESTION # 111
You have detected what appears to be an unauthorized wireless access point on your network.
However this access point has the same MAC address as one of your real access points and is broadcasting with a stronger signal. What is this called?
- A. DOS
- B. The evil twin attack
- C. WAP cloning
- D. Buesnarfing
Answer: B
NEW QUESTION # 112
Which of the following commands can be used for port scanning?
- A. nc -w
- B. nc -t
- C. nc -z
- D. nc -g
Answer: C
NEW QUESTION # 113
Given the following Scapy information, how is default Layer 2 information derived?
- A. If not explicitly defined, pseudo-random values are generated for the Layer 2 defaultinformation.
- B. Scapy relies on the underlying operating system to construct Layer 2 information touse as default.
- C. The default layer 2 information is contained in a local scapy.cfg configuration fileon the local system.
- D. If not explicitly defined, the Ether type field value Is created using the hex value ofthe destination port, in this case 80
Answer: A
NEW QUESTION # 114
Which of the following is the JavaScript variable used to store a cookie?
- A. Session cookie
- B. Windowcookie
- C. Browsercookie
- D. Document cookie
Answer: D
Explanation:
Reference:
http://www.w3schools.com/js/js_cookies.asp
NEW QUESTION # 115
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following pre-attack phases while testing the security of the server:
Footprinting Scanning Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?
Each correct answer represents a complete solution. Choose all that apply.
- A. WinSSLMiM
- B. UserInfo
- C. PsFile
- D. PsPasswd
Answer: B,C,D
NEW QUESTION # 116
Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?
- A. Change hub with switch.
- B. Disabling SSID broadcast.
- C. Deploying a powerful antenna.
- D. Implement WEP.
Answer: B
Explanation:
Section: Volume B
NEW QUESTION # 117
You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?
- A. Implement MAC filtering
- B. Implement WPA
- C. Implement WEP
- D. Don't broadcast SSID
Answer: D
NEW QUESTION # 118
While performing a code audit, you discover a SQL injection vulnerability assuming the following vulnerable query, what user input could be injected to make the query true and return data?
select * from widgets where name = '[user-input]';
- A. `or l=l...
- B. 'or 1=1--
- C. 'or 1=1
- D. `or l=1'
Answer: D
NEW QUESTION # 119
Which of the following describes the direction of the challenges issued when establishing a wireless (IEEE 802.11) connection?
- A. Two-way, both the client and the access point challenge each other
- B. One-way, the client challenges the access point
- C. No challenges occur (or wireless connection
- D. One-way, the access point challenges the client
Answer: A
NEW QUESTION # 120
Which of the following ports must you filter to check null sessions on your network?
- A. 1234 and 300
- B. 130 and 200
- C. 111 and 222
- D. 139 and 445
Answer: D
Explanation:
Section: Volume C
NEW QUESTION # 121
......
Grab latest Amazon GPEN Dumps as PDF Updated: https://www.fast2test.com/GPEN-premium-file.html
Updated Official licence for GPEN Certified by GPEN Dumps PDF: https://drive.google.com/open?id=13VXstmdHLLFLe6c1SuCNlKJ1JztF2cPP