GPEN GIAC Exam Questions and Free Practice Test

Question 97

- (Topic 3)
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He has to ping 500 computers to find out whether these computers are connected to the server or not. Which of the following will he use to ping these computers?

A. PING

B. TRACEROUTE

C. Ping sweeping

D. NETSTAT

Correct Answer:C

Question 98

- (Topic 1)
You are conducting a penetration test for a private company located in Canada. The scope extends to all internal-facing hosts controlled by the company. You have gathered necessary hold-harmless and non-disclosure agreements. Which action by your group can incur criminal liability under Criminal Code of Canada Sections 184 and 542 CC 184?

A. Analyzing internal firewall router software for vulnerabilities

B. Exploiting application vulnerabilities on end-user workstations

C. Attempting to crack passwords on a development server

D. Capturing a VoIP call to a third party without prior notice

Correct Answer:D

Question 99

- (Topic 1)
You've been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is "loading" but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn't displayed the page yet?
GPEN dumps exhibit

A. The proxy is likely hung and must be restarte

B. The proxy is configured to trap response

C. The proxy is configured to trap request

D. The site you are trying to reach is currently dow

Correct Answer:C

Question 100

- (Topic 4)
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

A. Post-attack phase

B. Attack phase

C. On-attack phase

D. Pre-attack phase

Correct Answer:D

Question 101

- (Topic 3)
Which of the following are the countermeasures against WEP cracking? Each correct answer represents a part of the solution. Choose all that apply.

A. Using a 16 bit SSI

B. Changing keys ofte

C. Using the longest key supported by hardwar

D. Using a non-obvious ke

Correct Answer:BCD

Question 102

- (Topic 4)
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the
following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.

A. Attacker can use the Ping Flood DoS attack if WZC is use

B. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain acces

C. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain acces

D. It will not allow the configuration of encryption and MAC filterin

E. Sending information is not secure on wireless networ

Correct Answer:BC

START GPEN EXAM