1. Home
  2. GIAC
  3. Security Administration
  4. GPEN
  5. GIAC Penetration Tester Questions and Answers

Pass the GIAC Security Administration GPEN Questions and answers with CertsForce

 GIAC Exams      Go to Exam Detail      Get Premium Access
Viewing page 4 out of 12 pages
Viewing questions 31-40 out of questions
Questions # 31:

Which of the following is an open source Web scanner?

Options:
A.

Nikto

B.

GFI LANguird

C.

NetRecon

D.

Internet scanner

Expert Solution
Questions # 32:

You want that some of your Web pages should not be crawled. Which one of the following options will you use to accomplish the task?

Options:
A.

Use HTML NO Crawl tag in the Web page not to be crawled

B.

Place the name of restricted Web pages in the private.txt file

C.

Place the name of restricted Web pages in the robotes.txt file

D.

Enable the SSL

Expert Solution
Questions # 33:

Which of the following is the correct sequence of packets to perform the 3-way handshake method?

Options:
A.

SYN, ACK, ACK

B.

SYN, ACK, SYN/ACK

C.

SYN, SYN/ACK, ACK

D.

SYN, SYN, ACK

Expert Solution
Questions # 34:

Which of the following is NOT a Back orifice plug-in?

Options:
A.

BOSOCK32

B.

STCPIO

C.

BOPeep

D.

Beast

Expert Solution
Questions # 35:

Which of the following is the correct syntax to create a null session?

Options:
A.

c:\>net view \\IP_addr\IPC$ "" /u: ""

B.

c:\>net view \\IPC$\IP_addr "" /u: ""

C.

c:\>net use \\IP_addr\IPC$ "" /u: ""

D.

c:\>net use \\IPC$\IP_addr "" /u: ""

Expert Solution
Questions # 36:

In which of the following attacks is a malicious packet rejected by an IDS, but accepted by the host system?

Options:
A.

Insertion

B.

Evasion

C.

Fragmentation overwrite

D.

Fragmentation overlap

Expert Solution
Questions # 37:

In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

Options:
A.

Cross-site scripting

B.

Session sidejacking

C.

ARP spoofing

D.

Session fixation

Expert Solution
Questions # 38:

You want to search Microsoft Outlook Web Access Default Portal using Google search on the

Internet so that you can perform the brute force attack and get unauthorized access. What search string will you use to accomplish the task?

Options:
A.

intitle:index.of inbox dbx

B.

intext:"outlook.asp"

C.

allinurl:"exchange/logon.asp"

D.

intitle:"Index Of" -inurl:maillog maillog size

Expert Solution
Questions # 39:

Which of the following ports is used for NetBIOS null sessions?

Options:
A.

130

B.

139

C.

143

D.

131

Expert Solution
Questions # 40:

Which of the following statements about SSID is NOT true?

Options:
A.

Default settings of SSIDs are secure.

B.

All wireless devices on a wireless network must have the same SSID in order to communicate with each other.

C.

It acts as a password for network access.

D.

It is used to identify a wireless network.

Expert Solution
Viewing page 4 out of 12 pages
Viewing questions 31-40 out of questions