Pass the GIAC Security Administration GCIH Questions and answers with CertsForce

Which of the following actions is performed by the netcat command given below?

nc 55555 < /etc/passwd

Which of the following statements about Ping of Death attack is true?

Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration. The tool uses raw IP packets to determine the following:

What ports are open on our network systems.

What hosts are available on the network.

Identify unauthorized wireless access points.

What services (application name and version) those hosts are offering.

What operating systems (and OS versions) they are running.

What type of packet filters/firewalls are in use.

Which of the following tools is Victor using?

Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.

Which of the following is the destination MAC address of a broadcast frame?

Which of the following viruses/worms uses the buffer overflow attack?

Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.

How long will it take to crack the password by an attacker?

You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

Adam works as a Penetration Tester for Umbrella Inc. A project has been assigned to him check the security of wireless network of the company. He re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Adam assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs.

Which of the following types of attack is Adam performing?

In which of the following steps of the incident handling processes does the Incident Handler make sure that all business processes and functions are back to normal and then also wants to monitor the system or processes to ensure that the system is not compromised again?

Which of the following can be used as a countermeasure against the SQL injection attack?

Each correct answer represents a complete solution. Choose two.