GCIH GIAC Exam Questions and Free Practice Test

Question 7

You are concerned about rootkits on your network communicating with attackers outside your network. Without using an IDS how can you detect this sort of activity?

A. By examining your domain controller server logs.

B. You cannot, you need an IDS.

C. By examining your firewall logs.

D. By setting up a DMZ.

Correct Answer:C

Question 8

Choose the correct actions performed during the Eradication step of the incident handling process.
GCIH dumps exhibit
Solution:

Does this meet the goal?

A. Yes

B. No

Correct Answer:A

Question 9

Which of the following provides packet-level encryption between hosts in a LAN?

A. PPTP

B. IPsec

C. PFS

D. Tunneling protocol

Correct Answer:B

Question 10

CORRECT TEXT
Fill in the blank with the appropriate name of the rootkit.
A _______ rootkit uses device or platform firmware to create a persistent malware image.

Correct Answer:firmware

Question 11

Which of the following malicious software travels across computer networks without the assistance of a user?

A. Worm

B. Virus

C. Hoax

D. Trojan horses

Correct Answer:A

Question 12

Which of the following types of scan does not open a full TCP connection?

A. FIN scan

B. ACK scan

C. Stealth scan

D. Idle scan

Correct Answer:C

START GCIH EXAM