IT인증시험은 국제적으로 인정받는 자격증을 취득하는 과정이라 난이도가 아주 높습니다. GIAC인증 GPEN시험은 IT인증자격증을 취득하는 시험과목입니다.어떻게 하면 난이도가 높아 도전할 자신이 없는 자격증을 한방에 취득할수 있을가요? 그 답은ITExamDump에서 찾을볼수 있습니다. ITExamDump에서는 모든 IT인증시험에 대비한 고품질 시험공부가이드를 제공해드립니다. ITExamDump에서 연구제작한 GIAC인증 GPEN덤프로GIAC인증 GPEN시험을 준비해보세요. 시험패스가 한결 편해집니다.
ITExamDump는 여러분이GIAC 인증GPEN인증시험 패스와 추후사업에 모두 도움이 되겠습니다. ITExamDump제품을 선택함으로 여러분은 시간도 절약하고 돈도 절약하는 일석이조의 득을 얻을수 있습니다. 또한 구매후 일년무료 업데이트 버전을 받을수 있는 기회를 얻을수 있습니다. GIAC 인증GPEN 인증시험패스는 아주 어렵습니다. 자기에 맞는 현명한 학습자료 선택은 성공의 지름길을 내딛는 첫발입니다. 퍼펙트한 자료만이 시험에서 성공할수 있습니다. ITExamDump시험문제와 답이야 말로 퍼펙트한 자료이죠. ITExamDump GIAC 인증GPEN인증시험자료는 100% 패스보장을 드립니다.
ITExamDump에는GIAC GPEN인증시험의 특별한 합습가이드가 있습니다. 여러분은 많은 시간과 돈을 들이지 않으셔도 많은 IT관련지식을 배우실수 있습니다.그리고 빠른 시일 내에 여러분의 IT지식을 인증 받으실 있습니다. ITExamDump인증자료들은 우리의 전문가들이 자기만의 지식과 몇 년간의 경험으로 준비중인 분들을 위하여 만들었습니다.
GIAC인증GPEN시험은 IT인증시험과목중 가장 인기있는 시험입니다. ITExamDump에서는GIAC인증GPEN시험에 대비한 공부가이드를 발췌하여 IT인사들의 시험공부 고민을 덜어드립니다. ITExamDump에서 발췌한 GIAC인증GPEN덤프는 실제시험의 모든 범위를 커버하고 있고 모든 시험유형이 포함되어 있어 시험준비 공부의 완벽한 선택입니다.
시험 번호/코드: GPEN
시험 이름: GIAC (GIAC Certified Penetration Tester)
많은 시간과 정신력을 투자하고 모험으로GIAC인증GPEN시험에 도전하시겠습니까? 아니면 우리ITExamDump 의 도움으로 시간을 절약하시겠습니까? 요즘 같은 시간인 즉 모든 것인 시대에 여러분은 당연히 ITExamDump의 제품이 딱 이라고 생각합니다. 그리고 우리 또한 그 많은 덤프판매사이트 중에서도 단연 일등이고 생각합니다. 우리 ITExamDump선택함으로 여러분은 성공을 선택한 것입니다.
GPEN 덤프무료샘플다운로드하기: http://www.itexamdump.com/GPEN.html
NO.1 You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
A. Capture data on port 53 and performing banner grabbing.
B. Listen the incoming traffic on port 53 and execute the remote shell.
C. Listen the incoming data and performing port scanning.
D. Capture data on port 53 and delete the remote shell.
Answer: B
GIAC인증 GPEN GPEN
NO.2 In which of the following scanning techniques does a scanner connect to an FTP server and request
that server to start data transfer to the third system?
A. Bounce attack scanning
B. Xmas Tree scanning
C. TCP FIN scanning
D. TCP SYN scanning
Answer: A
GIAC자료 GPEN자료 GPEN기출문제
NO.3 Which of the following statements are true about MS-CHAPv2?
Each correct answer represents a complete solution. Choose all that apply.
A. It is a connectionless protocol.
B. It can be replaced with EAP-TLS as the authentication mechanism for PPTP.
C. It provides an authenticator-controlled password change mechanism.
D. It is subject to offline dictionary attacks.
Answer: B,C,D
GIAC GPEN dumps GPEN자료 GPEN덤프 GPEN시험문제
NO.4 Adam works on a Linux system. He is using Sendmail as the primary application to transmit emails.
Linux uses Syslog to maintain logs of what has occurred on the system. Which of the following log files
contains e-mail information such as source and destination IP addresses, date and time stamps etc?
A. /log/var/logd
B. /var/log/logmail
C. /log/var/mailog
D. /var/log/mailog
Answer: D
GIAC시험문제 GPEN pdf GPEN자료 GPEN dump GPEN최신덤프
NO.5 Which of the following statements is true about the Digest Authentication scheme?
A. In this authentication scheme, the username and password are passed with every request, not just
when the user first types them.
B. A valid response from the client contains a checksum of the username, the password, the given
random value, the HTTP method, and the requested URL.
C. The password is sent over the network in clear text format.
D. It uses the base64 encoding encryption scheme.
Answer: B
GIAC GPEN GPEN GPEN최신덤프 GPEN최신덤프 GPEN
NO.6 Which of the following tools can be used to read NetStumbler's collected data files and present street
maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal
strength?
A. NetStumbler
B. StumbVerter
C. WEPcrack
D. Kismet
Answer: B
GIAC자격증 GPEN GPEN최신덤프 GPEN
NO.7 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other
networks will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate with
each other.
Answer: B,C,D
GIAC최신덤프 GPEN최신덤프 GPEN dumps GPEN
NO.8 You have inserted a Trojan on your friend's computer and you want to put it in the startup so that
whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry
entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D
GIAC GPEN GPEN dump
NO.9 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D
GIAC GPEN최신덤프 GPEN GPEN최신덤프
NO.10 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk
and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his
task?
A. TCP FTP proxy scanning
B. Eavesdropping
C. Web ripping
D. Fingerprinting
Answer: C
GIAC dumps GPEN GPEN자료
NO.11 You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will
you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. Restart nessusd service.
B. Place nikto.pl file in the /var/www directory.
C. Place nikto.pl file in the /etc/nessus directory.
D. Place the directory containing nikto.pl in root's PATH environment variable.
Answer: A,D
GIAC GPEN GPEN GPEN dump GPEN자료 GPEN dump
NO.12 Which of the following encryption modes are possible in WEP?
Each correct answer represents a complete solution. Choose all that apply.
A. No encryption
B. 256 bit encryption
C. 128 bit encryption
D. 40 bit encryption
Answer: A,C,D
GIAC덤프 GPEN GPEN GPEN자료
NO.13 Which of the following ports will you scan to search for SNMP enabled devices in the network?
A. 163
B. 123
C. 151
D. 161
Answer: D
GIAC GPEN GPEN dump GPEN pdf
NO.14 Which of the following tools is used to verify the network structure packets and confirm that the packets
are constructed according to specification?
A. EtherApe
B. Snort decoder
C. AirSnort
D. snort_inline
Answer: B
GIAC인증 GPEN dumps GPEN GPEN GPEN dump GPEN pdf
NO.15 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning.?
A. Solaris
B. Red Hat
C. Windows
D. Knoppix
Answer: C
GIAC GPEN최신덤프 GPEN GPEN덤프
NO.16 Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or
stop the traffic altogether?
A. Man-in-the-middle
B. ARP spoofing
C. Port scanning
D. Session hijacking
Answer: B
GIAC자격증 GPEN덤프 GPEN인증 GPEN시험문제 GPEN dumps GPEN
NO.17 Which of the following is NOT an example of passive footprinting?
A. Scanning ports.
B. Analyzing job requirements.
C. Performing the whois query.
D. Querying the search engine.
Answer: A
GIAC최신덤프 GPEN기출문제 GPEN GPEN dumps
NO.18 You work as a Network Administrator for Net World International. The company has a Windows Active
Directory-based single domain single forest network. The functional level of the forest is Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its
Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the
company's network through wireless connections. The company's management wants to implement
Shared Key authentication for these laptops. When you try to configure the network interface card of one
of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared
Key authentication?
A. Install PEAP-MS-CHAP v2
B. Install Service Pack 1
C. Enable WEP
D. Install EAP-TLS
Answer: C
GIAC GPEN dump GPEN GPEN dump
NO.19 Which of the following statements are true about KisMAC?
A. Data generated by KisMAC can also be saved in pcap format.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It scans for networks passively on supported cards.
D. It is a wireless network discovery tool for Mac OS X.
Answer: A,C,D
GIAC GPEN GPEN GPEN dumps GPEN dumps
NO.20 You work as a professional Ethical Hacker. You are assigned a project to perform blackhat testing on
www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition mechanic. You
claim that someone from the office called you saying that there is some fault in the air-conditioner of the
server room. After some inquiries/arguments, the Security Administrator allows you to repair the
air-conditioner of the server room.
When you get into the room, you found the server is Linux-based. You press the reboot button of the
server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly boots
backup into Knoppix. You mount the root partition of the server after replacing the root password in the
/etc/shadow file with a known password hash and salt. Further, you copy the netcat tool on the server and
install its startup files to create a reverse tunnel and move a shell to a remote server whenever the server
is restarted. You simply restart the server, pull out the Knoppix Live CD from the server, and inform that
the air-conditioner is working properly.
After completing this attack process, you create a security auditing report in which you mention various
threats such as social engineering threat, boot from Live CD, etc. and suggest the countermeasures to
stop booting from the external media and retrieving sensitive data. Which of the following steps have you
suggested to stop booting from the external media and retrieving sensitive data with regard to the above
scenario?
Each correct answer represents a complete solution. Choose two.
A. Encrypting disk partitions
B. Using password protected hard drives
C. Placing BIOS password
D. Setting only the root level access for sensitive data
Answer: A,B
GIAC GPEN GPEN GPEN
NO.21 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D
GIAC dump GPEN GPEN최신덤프 GPEN
NO.22 You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized
access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer,
Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string
in the log file:
(Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001)
When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool
is being used for the unauthorized access. Which of the following tools have you ascertained?
A. AirSnort
B. Kismet
C. AiroPeek
D. NetStumbler
Answer: D
GIAC GPEN GPEN기출문제
NO.23 Which of the following types of cyber stalking damage the reputation of their victim and turn other
people against them by setting up their own Websites, blogs or user pages for this purpose?
A. Encouraging others to harass the victim
B. False accusations
C. Attempts to gather information about the victim
D. False victimization
Answer: B
GIAC인증 GPEN인증 GPEN
NO.24 Which of the following options holds the strongest password?
A. california
B. $#164aviD
댓글 없음:
댓글 쓰기