Free GIAC GPEN Practice Exam with Questions & Answers | Set: 8

Name: How to Pass GPEN Exams
Brand: Examstrack
SKU: gpen
Price: 42 USD
Availability: InStock

Questions 71

Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

Options:

This is where sites typically store sensitive information such as credit card numbers.

These tables contain a list of allowed database applications

The information in these tables will reveal details about the web application's code.

These tables contain metadata that can be queried to gain additional helpful information.

GIAC GPEN Premium Access

Questions 72

Approximately how many packets are usually required to conduct a successful FMS attack onWEP?

Options:

250.000

20.000

10.000,000

l (with a weak IV)

Questions 73

You've been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is "loading" but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn't displayed the page yet?

GPEN Question 73

Options:

The proxy is likely hung and must be restarted.

The proxy is configured to trap responses.

The proxy is configured to trap requests.

The site you are trying to reach is currently down.

Questions 74

Which Metasploit payload includes simple upload and download functionality for moving files to and from compromised systems?

Options:

DLL inject

Upexec

Meterpreter

Vncinject

Questions 75

What is the purpose of the following command?

C:\>wmic /node:[target IP] /user:[admin-user]

/password:[password] process call create [command]

Options:

Running a command on a remote Windows machine

Creating a service on a remote Windows machine

Creating an admin account on a remote Windows machine

Listing the running processes on a remote windows machine

Questions 76

Which of the following modes describes a wireless interface that is configured to passively grab wireless frames from one wireless channel and pass them to the operating system?

Options:

Monitor Mode

Promiscuous Mode

Managed Mode

Master Mode

Questions 77

When a DNS server transfers its zone file to a remote system, what port does it typically use?

Options:

53/TCP

153/UDP

35/TCP

53/UDP

Questions 78

Which of the following TCP packet sequences are common during a SYN (or half-open) scan?

Options:

The source computer sends SYN and the destination computer responds with RST

The source computer sends SYN-ACK and no response Is received from the destination computer

The source computer sends SYN and no response is received from the destination computer

The source computer sends SYN-ACK and the destination computer responds with RST-ACK

A,B and C

A and C

C and D

Questions 79

A tester has been contracted to perform a penetration test for a corporate client. The scope of the test is limited to end-user workstations and client programs only. Which of die following actions is allowed in this test?

Options:

Attempting to redirect the internal gateway through ARP poisoning

Activating bot clients and performing a denial-of-service against the gateway.

Sniffing and attempting to crack the Domain Administrators password hash.

Sending a malicious pdf to a user and exploiting a vulnerable Reader version.

Questions 80

A customer has asked for a scan or vulnerable SSH servers. What is the penetration tester attempting to accomplish using the following Nmap command?

GPEN Question 80