Free GIAC GCIH Practice Exam with Questions & Answers | Set: 9

Fill in the blank with the appropriate word.

StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.

Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. All computers run on Windows XP. Manager of the Sales department complains Adam about the unusual behavior of his computer. He told Adam that some pornographic contents are suddenly appeared on his computer overnight. Adam suspects that some malicious software or Trojans have been installed on the computer. He runs some diagnostics programs and Port scanners and found that the Port 12345, 12346, and 20034 are open. Adam also noticed some tampering with the Windows registry, which causes one application to run every time when Windows start.

Which of the following is the most likely reason behind this issue?

Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not concerned about being stealth at this point.

Which of the following type of scans would be most accurate and reliable?

Which of the following attacks is specially used for cracking a password?

Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS cache poisoning?

In which of the following attacking methods does an attacker distribute incorrect IP address?

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

Which of the following applications is an example of a data-sending Trojan?

Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.

Which of the following steps should Adam take to overcome this problem with the least administrative effort?

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?