Free GIAC GCIA Practice Exam with Questions & Answers | Set: 9

Which of the following hacking tools provides shell access over ICMP?

Which of the following Windows XP system files handles memory management, I/O operations, and interrupts?

Which of the following types of Intrusion detection systems (IDS) is used for port mirroring?

Which of the following is a checksum algorithm?

Which of the following can be applied as countermeasures against DDoS attacks?

Each correct answer represents a complete solution. Choose all that apply.

Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect's computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime. Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?

Which of the following methods is a behavior-based IDS detection method?

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except ports that must be used.

He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about programs like Hping2 that can get into a network through covert channels.

Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

Which of the following is NOT an Intrusion Detection System?

Which of the following commands is used to flush the destination cache for IPv6 interface?

Which of the following is the process of categorizing attack alerts produced from IDS?

Routers work at which layer of the OSI reference model?

What is the name of the first computer virus that infected the boot sector of the MS-DOS operating system?

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc.

Which of the following types of Cross-Site Scripting attack Ryan intends to do?