Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC GCIH Practice Exam with Questions & Answers | Set: 5

Questions 41

Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Phalanx2

B.

Beastkit

C.

Adore

D.

Knark

GIAC GCIH Premium Access
Questions 42

Which of the following is used to determine the operating system on the remote computer in a network environment?

Options:
A.

Spoofing

B.

Reconnaissance

C.

OS Fingerprinting

D.

Social engineering

Questions 43

Which of the following provides packet-level encryption between hosts in a LAN?

Options:
A.

PPTP

B.

IPsec

C.

PFS

D.

Tunneling protocol

Questions 44

Which of the following attacks involves multiple compromised systems to attack a single target?

Options:
A.

Brute force attack

B.

Replay attack

C.

Dictionary attack

D.

DDoS attack

Questions 45

Which of the following is used by attackers to obtain an authenticated connection on a network?

Options:
A.

Denial-of-Service (DoS) attack

B.

Replay attack

C.

Man-in-the-middle attack

D.

Back door

Questions 46

Fill in the blank with the appropriate option to complete the statement below.

You want to block all UDP packets coming to the Linux server using the portsentry utility. For this, you have to enable the ______ option in the portsentry configuration file.

Options:
Questions 47

You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack.

Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

Options:
A.

Despoof

B.

Dsniff

C.

ethereal

D.

Neotrace

Questions 48

Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?

Options:
A.

Hypervisor rootkit

B.

Boot loader rootkit

C.

Kernel level rootkit

D.

Library rootkit

Questions 49

Which of the following protocols is a maintenance protocol and is normally considered a part of the IP layer, but has also been used to conduct denial-of-service attacks?

Options:
A.

ICMP

B.

L2TP

C.

TCP

D.

NNTP

Questions 50

Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer.

After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting.

for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done

Which of the following actions does Adam want to perform by the above command?

Options:
A.

Infecting the hard disk with polymorphic virus strings.

B.

Deleting all log files present on the system.

C.

Wiping the contents of the hard disk with zeros.

D.

Making a bit stream copy of the entire hard disk for later download.

Exam Code: GCIH
Certification Provider: GIAC
Exam Name: GIAC Certified Incident Handler
Last Update: Sep 12, 2025
Questions: 328

GIAC Related Exams

How to pass GIAC GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test Exam
How to pass GIAC GPEN - GIAC Penetration Tester Exam
How to pass GIAC GSEC - GIAC Security Essentials Exam
GCFW - GIAC Certified Firewall Analyst
GASF - GIAC Advanced Smartphone Forensics
GSNA - GIAC Systems and Network Auditor
GICSP - Global Industrial Cyber Security Professional (GICSP)
GISP - GIAC Information Security Professional
GCFR - GIAC Cloud Forensics Responder (GCFR)
G2700 - GIAC Certified ISO-2700 Specialist Practice Test
GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET
GPPA - GIAC Certified Perimeter Protection Analyst
GISF - GIAC Information Security Fundamentals
GPYC - GIAC Python Coder (GPYC)
GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.