Free GIAC GCIH Practice Exam with Questions & Answers

Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. On the basis of above information, which of the following types of attack is Adam attempting to perform?

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?

Each correct answer represents a complete solution. Choose two.

Which of the following rootkits is used to attack against full disk encryption systems?

In which of the following attacks does an attacker spoof the source address in IP packets that are sent to the victim?

You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew's password?

Each correct answer represents a complete solution. Choose all that apply.

You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.

Which of the following types of attack has occurred?

Which of the following nmap command parameters is used for TCP SYN port scanning?

You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server. Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?