GCIH GIAC Exam Questions and Free Practice Test

Question 13

You are monitoring your network's behavior. You find a sudden increase in traffic on the network. It seems to come in bursts and emanate from one specific machine. You have been able to determine that a user of that machine is unaware of the activity and lacks the computer knowledge required to be responsible for a computer attack. What attack might this indicate?

A. Spyware

B. Ping Flood

C. Denial of Service

D. Session Hijacking

Correct Answer:A

Question 14

Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology was looking to law enforcement officials to protect their intellectual property.
The intruder entered through an employee's home machine, which was connected to Umbrella Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge.
The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a remote location, posing as employees.
Which of the following actions can Adam perform to prevent such attacks from occurring in future?

A. Allow VPN access but replace the standard authentication with biometric authentication

B. Replace the VPN access with dial-up modem access to the company's network

C. Disable VPN access to all employees of the company from home machines

D. Apply different security policy to make passwords of employees more complex

Correct Answer:C

Question 15

Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.

A. NetBIOS remote installation

B. Any fake executable

C. Spywares and adware

D. ActiveX controls, VBScript, and Java scripts

Correct Answer:ABCD

Question 16

Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.

A. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

B. Worms can exist inside files such as Word or Excel documents.

C. One feature of worms is keystroke logging.

D. Worms replicate themselves from one system to another without using a host file.

Correct Answer:ABD

Question 17

Adam works as a sales manager for Umbrella Inc. He wants to download software from the Internet. As the software comes from a site in his untrusted zone, Adam wants to ensure that the downloaded software has not been Trojaned. Which of the following options would indicate the best course of action for Adam?

A. Compare the file size of the software with the one given on the Website.

B. Compare the version of the software with the one published on the distribution media.

C. Compare the file's virus signature with the one published on the distribution.

D. Compare the file's MD5 signature with the one published on the distribution media.

Correct Answer:D

Question 18

Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?
Each correct answer represents a complete solution. Choose all that apply.

A. nmap

B. scanlogd

C. libnids

D. portsentry

Correct Answer:BCD

START GCIH EXAM