GPEN GIAC Exam Questions and Free Practice Test

Question 43

- (Topic 1)
You suspect that a firewall or IPS exists between you and the target machine. Which nmap option will elicit responses from some firewalls and IPSs while being silently dropped by the target, thus confirming the existence of a firewall or IPS?

A. –Traceroute

B. –Firewalk

C. –Badsum

D. --SF

Correct Answer:B

Question 44

- (Topic 2)
You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement?
Each correct answer represents a complete solution. Choose two.

A. MAC filtering the router

B. Using WPA encryption

C. Using WEP encryption

D. Not broadcasting SSID

Correct Answer:BC

Question 45

- (Topic 2)
You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

A. History folder

B. Temporary Internet Folder

C. Cookies folder

D. Download folder

Correct Answer:ABC

Question 46

- (Topic 1)
Analyze the command output below. Given this information, which is the appropriate next step for the tester?
Starting Nmap4.53 (hnp://insecure.org I at2010-09-30 19:13 EDT interesting ports on 192.163.116.101:
PORT STATE SERVICE
130/tcp filtered cisco-fna
131/tcp filtered cisco-tna
132/tcp filtered cisco-sys
133/tcp filtered statsrv
134/tcp filtered Ingres-net
135/tcp filtered msrpc
136/tcp filtered profile
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp open netbios-ssn
140/tcp filtered emfis-data
MAC Address: 00:30:1&:B8:14:8B (Shuttle)
warning: OSS can results may be unreliable because we could not find at least l open and l closed port
Device type, general purpose
Running: Microsoft Windows XP
OS details: Microsoft Windows XP SP2
Network Distance : 1 hop
Nmap done: I IP address (I host up) scanned in l .263 seconds

A. Determine the MAC address of the scanned hos

B. Send a single SYN packet to port 139/tcp on the hos

C. Send spoofed packets to attempt to evade any firewall

D. Request a list of shares from the scanned hos

Correct Answer:B

Question 47

- (Topic 3)
Which of the following methods can be used to detect session hijacking attack?

A. ntop

B. Brutus

C. nmap

D. sniffer

Correct Answer:D

Question 48

- (Topic 2)
You run the rdisk /s command to retrieve the backup SAM file on a computer. Where should you go on the computer to find the file?

A. %systemroot%\password\sam._

B. %systemroot%\sam._

C. %systemroot%\repair\sam._

D. %systemroot%\backup\sam._

Correct Answer:C

START GPEN EXAM