Free GIAC GPEN Practice Exam with Questions & Answers | Set: 10

Name: How to Pass GPEN Exams
Brand: Examstrack
SKU: gpen
Price: 42 USD
Availability: InStock

Questions 91

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

Options:

UDP

TCP SYN/ACK

IDLE

RPC

GIAC GPEN Premium Access

Questions 92

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

Options:

The telnet session is being affected by the stateful inspection firewall.

The telnet service of we-are-secure.com has corrupted.

The we-are-secure.com server is using a TCP wrapper.

The we-are-secure.com server is using honeypot.

Questions 93

How many bits does SYSKEY use for encryption?

Options:

512

128

Questions 94

Which of the following federal laws are related to hacking activities?

Each correct answer represents a complete solution. Choose three.

Options:

18 U.S.C. 1030

18 U.S.C. 1028

18 U.S.C. 2510

18 U.S.C. 1029

Questions 95

Which of the following statements are true about the Enum tool?

Each correct answer represents a complete solution. Choose all that apply.

Options:

It is capable of performing brute force and dictionary attacks on individual accounts of Windows NT/2000.

One of the countermeasures against the Enum tool is to disable TCP port 139/445.

It is a console-based Win32 information enumeration utility.

It uses NULL and User sessions to retrieve user lists, machine lists, LSA policy information, etc.

Questions 96

You are using the dsniff tool to intercept communications between two entities and establish credentials with both sides of the connections. These entities do not notice that you were retrieving the information between these two. Which of the following attacks are you performing?

Options:

Man-in-the-middle

ARP poisoning

Session hijacking

DoS

Questions 97

Which of the following commands can be used for port scanning?

Options:

nc -z

nc -t

nc -w

nc –g

Questions 98

Fill in the blank with the appropriate word.

____is a port scanner that can also be used for the OS detection.

Options:

Questions 99

Which of the following can be used to mitigate the evil twin phishing attack?

Options:

Magic Lantern

Obiwan

IPSec VPN

SARA

Questions 100

John works as a Professional Ethical Hacker for we-are-secure Inc. The company is using a Wireless network. John has been assigned the work to check the security of WLAN of we-aresecure.

For this, he tries to capture the traffic, however, he does not find a good traffic to analyze data. He has already discovered the network using the ettercap tool. Which of the following tools can he use to generate traffic so that he can crack the Wep keys and enter into the network?

Options:

ICMP ping flood tool

Kismet

Netstumbler

AirSnort