Free GIAC GCIA Practice Exam with Questions & Answers | Set: 6

You work as a Network Administrator for McRobert Inc. You want to know the NetBIOS name of your computer. Which of the following commands will you use?

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

Which of the following can be monitored by using the host-based intrusion detection system (HIDS)?

Which of the following is a checksum algorithm?

Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?

Each correct answer represents a complete solution. Choose three.

Which of the following types of write blocker device uses one interface for one side and a different one for the other?

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following cryptographic methods are used in EnCase to ensure the integrity of the data, which is acquired for the investigation?

Each correct answer represents a complete solution. Choose two.

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?

Each correct answer represents a complete solution. Choose two.

Which of the following is used over the Internet for better security?

Which of the following programs in UNIX is used to identify and fix lost blocks or orphans?

Which of the following protocols uses only User Datagram Protocol (UDP)?

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He scans the We-are-secure server and gets the following result:

sysDescr.0 = STRING. "SunOS we-are-secure.com 4.1.3_U1 1 sun4m"

sysObjectID.0 = OID. enterprises.hp.nm.hpsystem.10.1.1

sysUpTime.0 = Timeticks: (156474552) 18 days, 12:00:09

sysContact.0 = STRING. ""

sysName.0 = STRING. "we-are-secure.com"

sysLocation.0 = STRING. ""

sysServices.0 = INTEGER: 6

Which of the following tools is John using to perform the scan?

Which of the following password cracking attacks is implemented by calculating all the possible hashes for a set of characters?