1. Home
  2. GIAC
  3. Security Administration
  4. GPEN
  5. GIAC Penetration Tester Questions and Answers

Pass the GIAC Security Administration GPEN Questions and answers with CertsForce

 GIAC Exams      Go to Exam Detail      Get Premium Access
Viewing page 11 out of 12 pages
Viewing questions 101-110 out of questions
Questions # 101:

GSM uses either A5/1 or A5/2 stream cipher for ensuring over-the-air voice privacy. Which of the following cryptographic attacks can be used to break both ciphers?

Options:
A.

Man-in-the-middle attack

B.

Ciphertext only attack

C.

Known plaintext attack

D.

Replay attack

Expert Solution
Questions # 102:

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

TCP session hijacking is when a hacker takes over a TCP session between two machines.

B.

It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

C.

Use of a long random number or string as the session key reduces session hijacking.

D.

It is used to slow the working of victim's network resources.

Expert Solution
Questions # 103:

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

It is used to slow the working of victim's network resources.

B.

TCP session hijacking is when a hacker takes over a TCP session between two machines.

C.

Use of a long random number or string as the session key reduces session hijacking.

D.

It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

Expert Solution
Questions # 104:

Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

Options:
A.

Single quote (')

B.

Semi colon (;)

C.

Double quote (")

D.

Dash (-)

Expert Solution
Questions # 105:

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server. Now, he suggests some countermeasures to avoid such brute force attacks on the We-aresecure server. Which of the following are countermeasures against a brute force attack?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

The site should use CAPTCHA after a specific number of failed login attempts.

B.

The site should restrict the number of login attempts to only three times.

C.

The site should force its users to change their passwords from time to time.

D.

The site should increase the encryption key length of the password.

Expert Solution
Questions # 106:

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He has to ping 500 computers to find out whether these computers are connected to the server or not. Which of the following will he use to ping these computers?

Options:
A.

PING

B.

TRACEROUTE

C.

Ping sweeping

D.

NETSTAT

Expert Solution
Questions # 107:

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are

NOT steps in securing your wireless connection?

Each correct answer represents a complete solution. Choose two.

Options:
A.

Not broadcasting SSID

B.

MAC filtering on the router

C.

Strong password policies on workstations.

D.

Using either WEP or WPA encryption

E.

Hardening the server OS

Expert Solution
Questions # 108:

Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

Options:
A.

Whishker

B.

SARA

C.

Nmap

D.

Nessus

Expert Solution
Questions # 109:

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com network. Now, when you have finished your penetration testing, you find that the weare- secure.com server is highly vulnerable to SNMP enumeration. You advise the we-are-secure Inc. to turn off SNMP; however, this is not possible as the company is using various SNMP services on its remote nodes. What other step can you suggest to remove SNMP vulnerability?

Each correct answer represents a complete solution. Choose two.

Options:
A.

Close port TCP 53.

B.

Change the default community string names.

C.

Upgrade SNMP Version 1 with the latest version.

D.

Install antivirus.

Expert Solution
Questions # 110:

What happens when you scan a broadcast IP address of a network?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

It leads to scanning of all the IP addresses on that subnet at the same time.

B.

It will show an error in the scanning process.

C.

It may show smurf DoS attack in the network IDS of the victim.

D.

Scanning of the broadcast IP address cannot be performed.

Expert Solution
Viewing page 11 out of 12 pages
Viewing questions 101-110 out of questions