• ホーム
  • ブログ
  • 更新された2022年02月01日 GCIH試験問題集でPDF問題とテストエンジン [Q168-Q191]

更新された2022年02月01日 GCIH試験問題集でPDF問題とテストエンジン [Q168-Q191]

Share

更新された2022年02月01日 GCIH試験問題集でPDF問題とテストエンジン

最新(2022)GIAC GCIH試験問題集


GIAC GCIH 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • イベントを収集し、それらを分析し、インシデントがあるかどうかを判断するための重要な戦略の理解を示します
トピック 2
  • 公開およびオープンソースの偵察手法の理解
  • 侵害されたマシン上の攻撃者のアーティファクトを取り除くための一般的なアプローチの理解
トピック 3
  • 攻撃者がネットワーク上のトラックをカバーするためにトンネリングおよび隠蔽チャネルをどのように使用するかについての理解を示します
トピック 4
  • スキャンで使用される技術とツールの理解、およびスキャンに対応して準備する方法を示します
トピック 5
  • セッションハイジャックとキャッシュポイズニング
  • SQLインジェクション、クロスサイトスクリプティングおよびその他のWebセッション攻撃を実行するために使用されるツールとテクニックの理解
トピック 6
  • スキャンの基礎の理解; ネットワークとホストを発見してマッピングし、サービスと脆弱性を明らかにする
トピック 7
  • さまざまな種類のサービス拒否攻撃とそれらを防御する方法の包括的な理解

 

質問 168
Your network is being flooded by ICMP packets. When you trace them down they come from multiple different IP
addresses. What kind of attack is this?

  • A. Smurf attack
  • B. DDOS
  • C. Ping storm
  • D. Syn flood

正解: B

 

質問 169
John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

  • A. Cross site scripting
  • B. SQL injection
  • C. Denial-of-Service
  • D. Buffer overflow

正解: D

解説:
Section: Volume C
Explanation/Reference:

 

質問 170
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

  • A. Backdoor
  • B. Adware
  • C. Spyware
  • D. Worm

正解: A

 

質問 171
Which of the following attacking methods allows the bypassing of access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate another computer by changing the Media Access Control address?

  • A. VLAN hoping
  • B. ARP spoofing
  • C. IP address spoofing
  • D. MAC spoofing

正解: D

解説:
Section: Volume C

 

質問 172
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

  • A. tcp wrapper protects a Linux server from IP address spoofing.
  • B. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
  • C. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
  • D. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.

正解: B,C,D

解説:
Section: Volume A
Explanation/Reference:

 

質問 173
What is the purpose of configuring a password protected screen saver on a computer?

  • A. For preventing a system from a back door attack.
  • B. For preventing a system from a social engineering attack.
  • C. For preventing a system from a Denial of Service (DoS) attack.
  • D. For preventing unauthorized access to a system.

正解: D

 

質問 174
You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

  • A. Vulnerability scanning
  • B. Manual penetration testing
  • C. Automated penetration testing
  • D. Code review

正解: A

解説:
Section: Volume A

 

質問 175
Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps
is NOT a part of manual network mapping?

  • A. Performing Neotracerouting
  • B. Banner grabbing
  • C. Collecting employees information
  • D. Gathering private and public IP addresses

正解: A

 

質問 176
Which of the following is a method of gaining access to a system that bypasses normal authentication?

  • A. Back door
  • B. Teardrop
  • C. Smurf
  • D. Trojan horse

正解: A

 

質問 177
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

  • A. XMAS
  • B. TCP FIN
  • C. TCP SYN
  • D. FTP bounce

正解: B

 

質問 178
Adam works as a Security Administrator for the Umbrella Inc. A project has been assigned to him to strengthen the security policies of the company, including its password policies. However, due to some old applications, Adam is only able to enforce a password group policy in Active Directory with a minimum of
10 characters. He informed the employees of the company, that the new password policy requires that everyone must have complex passwords with at least 14 characters. Adam wants to ensure that everyone is using complex passwords that meet the new security policy requirements. He logged on to one of the network's domain controllers and runs the following command:

Which of the following actions will this command take?

  • A. Dumps the SAM password file to pwd.txt
  • B. Dumps the SAM password hashes to pwd.txt
  • C. Dumps the Active Directory password hashes to pwd.txt
  • D. The password history file is transferred to pwd.txt

正解: B

 

質問 179
Adam works as a Network administrator for Umbrella Inc. He noticed that an ICMP ECHO requests is coming from some suspected outside sources. Adam suspects that some malicious hacker is trying to perform ping sweep attack on the network of the company. To stop this malicious activity, Adam blocks the ICMP ECHO request from any outside sources.
What will be the effect of the action taken by Adam?

  • A. Network is now vulnerable to Ping of death attack.
  • B. Network is protected from the ping sweep attack until the next reboot of the server.
  • C. Network is still vulnerable to ping sweep attack.
  • D. Network turns completely immune from the ping sweep attacks.

正解: C

解説:
Section: Volume C

 

質問 180
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

  • A. Semi colon (;)
  • B. Single quote (')
  • C. Dash (-)
  • D. Double quote (")

正解: B

 

質問 181
Mark works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network. Mark uses SmartDefense on the HTTP servers of the company to fix the limitation for the maximum response header length. Which of the following attacks can be blocked by defining this limitation?

  • A. Melissa virus attack
  • B. HTR Overflow worms and mutations
  • C. Ramen worm attack
  • D. Shoulder surfing attack

正解: B

 

質問 182
You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following measures would be most helpful in defending against a Denial-of-Service (DoS) attack?

  • A. Place a honey pot in the DMZ.
  • B. Implement network based antivirus.
  • C. Implement a strong password policy.
  • D. Shorten the timeout for connection attempts.

正解: D

 

質問 183
In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

  • A. Session fixation
  • B. Session sidejacking
  • C. Cross-site scripting
  • D. Physical accessing

正解: B

 

質問 184
Which of the following describes network traffic that originates from the inside of a network perimeter and
progresses towards the outside?

  • A. Outwards network
  • B. Inwards network
  • C. Ingress network
  • D. Egress network

正解: D

 

質問 185
Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Session sidejacking
  • B. ARP spoofing
  • C. Session fixation
  • D. Cross-site scripting

正解: A,C,D

 

質問 186
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?

  • A. Brute Force attack
  • B. Rainbow attack
  • C. Dictionary attack
  • D. Hybrid attack

正解: B

解説:
Section: Volume A

 

質問 187
You are concerned about rootkits on your network communicating with attackers outside your network. Without
using an IDS how can you detect this sort of activity?

  • A. By examining your firewall logs.
  • B. You cannot, you need an IDS.
  • C. By setting up a DMZ.
  • D. By examining your domain controller server logs.

正解: A

 

質問 188
In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

  • A. Session fixation
  • B. Session sidejacking
  • C. Cross-site scripting
  • D. Physical accessing

正解: B

解説:
Section: Volume B

 

質問 189
Which of the following services CANNOT be performed by the nmap utility?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Passive OS fingerprinting
  • B. Port scanning
  • C. Active OS fingerprinting
  • D. Sniffing

正解: A,D

 

質問 190
Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?

  • A. Appoint someone else to check the procedures.
  • B. Create incident checklists.
  • C. Create new sub-team to keep check.
  • D. Create incident manual read it every time incident occurs.

正解: B

 

質問 191
......

更新された検証済みの合格させるGCIH試験にはリアル問題と解答:https://www.goshiken.com/GIAC/GCIH-mondaishu.html

最適な練習法にはGIAC GCIH試験の素晴らしいGCIH試験問題PDF:https://drive.google.com/open?id=19FpJD4WgqhjChn62Kbt3e6mDnNIRHits

関するブログ

もっと
GCIH無料問題集