GCIH GIAC Exam Questions and Free Practice Test

Question 37

Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.

A. SQLBF

B. SQLDict

C. FindSA

D. nmap

Correct Answer:ABC

Question 38

Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

A. Cross-site scripting

B. Session fixation

C. ARP spoofing

D. Session sidejacking

Correct Answer:ABD

Question 39

In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

A. TCP FIN

B. FTP bounce

C. XMAS

D. TCP SYN

Correct Answer:A

Question 40

203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms
Solution:

Does this meet the goal?

A. Yes

B. No

Correct Answer:A

Question 41

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.
The we-are-secure login page is vulnerable to a __________.

A. Dictionary attack

B. SQL injection attack

C. Replay attack

D. Land attack

Correct Answer:B

Question 42

Which of the following is a version of netcat with integrated transport encryption capabilities?

A. Encat

B. Nikto

C. Socat

D. Cryptcat

Correct Answer:D

START GCIH EXAM