Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free GIAC GCIH Practice Exam with Questions & Answers | Set: 6

Questions 51

John works as a Network Security Professional. He is assigned a project to test the security of

www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a bad html request in order to retrieve information about the service on the host.

GCIH Question 51

Which of the following attacks is John using?

Options:
A.

Sniffing

B.

Eavesdropping

C.

War driving

D.

Banner grabbing

GIAC GCIH Premium Access
Questions 52

Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?

Options:
A.

Cross Site Scripting attack

B.

Replay attack

C.

Rainbow attack

D.

Hashing attack

Questions 53

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Hybrid attack

B.

Rule based attack

C.

Dictionary attack

D.

Brute Force attack

Questions 54

Which of the following wireless network security solutions refers to an authentication process in which a user can connect wireless access points to a centralized server to ensure that all hosts are properly authenticated?

Options:
A.

Remote Authentication Dial-In User Service (RADIUS)

B.

IEEE 802.1x

C.

Wired Equivalent Privacy (WEP)

D.

Wi-Fi Protected Access 2 (WPA2)

Questions 55

You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?

Options:
A.

UPDATE DBM CONFIGURATION USING DFT_MON_TABLE

B.

UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP

C.

UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL

D.

UPDATE DBM CONFIGURATION USING DFT_MON_SORT

Questions 56

Which of the following attacks allows an attacker to retrieve crucial information from a Web server's database?

Options:
A.

Database retrieval attack

B.

PHP injection attack

C.

SQL injection attack

D.

Server data attack

Questions 57

Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?

Options:
A.

Steganography

B.

Public-key cryptography

C.

RSA algorithm

D.

Encryption

Questions 58

Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

Options:
A.

Extensible Authentication Protocol (EAP)

B.

WEP

C.

MAC address filtering

D.

Wireless Transport Layer Security (WTLS)

Questions 59

US Garments wants all encrypted data communication between corporate office and remote location.

They want to achieve following results:

l Authentication of users

l Anti-replay

l Anti-spoofing

l IP packet encryption

They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Anti-replay

B.

IP packet encryption

C.

Authentication of users

D.

Anti-spoofing

Questions 60

Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.

In which of the following steps of malicious hacking does dumpster diving come under?

Options:
A.

Multi-factor authentication

B.

Role-based access control

C.

Mutual authentication

D.

Reconnaissance

Exam Code: GCIH
Certification Provider: GIAC
Exam Name: GIAC Certified Incident Handler
Last Update: Sep 12, 2025
Questions: 328

GIAC Related Exams

How to pass GIAC GCIA - GCIA – GIAC Certified Intrusion Analyst Practice Test Exam
How to pass GIAC GPEN - GIAC Penetration Tester Exam
How to pass GIAC GSEC - GIAC Security Essentials Exam
GSSP-NET-CSHARP - GIAC GIAC Secure Software Programmer - C#.NET
GCED - GIAC Certified Enterprise Defender
GSLC - GIAC Security Leadership Certification (GSLC)
GICSP - Global Industrial Cyber Security Professional (GICSP)
GCFW - GIAC Certified Firewall Analyst
GSSP-.NET - GIAC GIAC Secure Software Programmer - C#.NET
G2700 - GIAC Certified ISO-2700 Specialist Practice Test
GISP - GIAC Information Security Professional
GCPM - GIAC Certified Project Manager Certification Practice Test
GSNA - GIAC Systems and Network Auditor
GSSP-Java - GIAC Secure Software Programmer – Java
GCCC - GIAC Critical Controls Certification (GCCC)
GIAC Free Access
Get GIAC Full Access

GIAC Free Exams
GIAC Free Exams
Prepare for GIAC certification with free access to reliable study resources and practice tests at Examstrack.