IT인증시험에 도전해보려는 분들은 회사에 다니는 분들이 대부분입니다. 승진을 위해서나 연봉협상을 위해서나 자격증 취득은 지금시대의 필수입니다. ITExamDump의GIAC인증 GPEN덤프는 회사다니느라 바쁜 나날을 보내고 있는 분들을 위해 준비한 시험준비공부자료입니다. ITExamDump의GIAC인증 GPEN덤프를 구매하여 pdf버전을 공부하고 소프트웨어버전으로 시험환경을 익혀 시험보는게 두렵지 않게 해드립니다. 문제가 적고 가격이 저렴해 누구나 부담없이 애용 가능합니다. ITExamDump의GIAC인증 GPEN덤프를 데려가 주시면 기적을 안겨드릴게요.
GIAC인증 GPEN시험은 IT업종종사분들에게 널리 알려진 유명한 자격증을 취득할수 있는 시험과목입니다. GIAC인증 GPEN시험은 영어로 출제되는만큼 시험난이도가 많이 높습니다.하지만 ITExamDump의GIAC인증 GPEN덤프만 있다면 아무리 어려운 시험도 쉬워집니다. 오르지 못할 산도 정복할수 있는게ITExamDump제품의 우점입니다. ITExamDump의GIAC인증 GPEN덤프로 시험을 패스하여 자격증을 취득하면 정상에 오를수 있습니다.
ITExamDump의 완벽한 GIAC인증 GPEN덤프는 고객님이GIAC인증 GPEN시험을 패스하는 지름길입니다. 시간과 돈을 적게 들이는 반면 효과는 십점만점에 십점입니다. ITExamDump의 GIAC인증 GPEN덤프를 선택하시면 고객님께서 원하시는 시험점수를 받아 자격증을 쉽게 취득할수 있습니다.
ITExamDump 에서 제공해드리는 GIAC인증GPEN시험덤프자료를 구입하시면 퍼펙트한 구매후 서비스를 약속드립니다. ITExamDump에서 제공해드리는 덤프는 IT업계 유명인사들이 자신들의 노하우와 경험을 토대로 하여 실제 출제되는 시험문제를 연구하여 제작한 최고품질의 덤프자료입니다. GIAC인증GPEN시험은ITExamDump 표GIAC인증GPEN덤프자료로 시험준비를 하시면 시험패스는 아주 간단하게 할수 있습니다. 구매하기전 PDF버전 무료샘플을 다운받아 공부하세요.
ITExamDump에서 제공하는 제품들은 품질이 아주 좋으며 또 업뎃속도도 아주 빠릅니다 만약 우리가제공하는GIAC GPEN인증시험관련 덤프를 구매하신다면GIAC GPEN시험은 손쉽게 성공적으로 패스하실 수 있습니다.
IT인증시험은 국제적으로 인정받는 자격증을 취득하는 과정이라 난이도가 아주 높습니다. GIAC인증 GPEN시험은 IT인증자격증을 취득하는 시험과목입니다.어떻게 하면 난이도가 높아 도전할 자신이 없는 자격증을 한방에 취득할수 있을가요? 그 답은ITExamDump에서 찾을볼수 있습니다. ITExamDump에서는 모든 IT인증시험에 대비한 고품질 시험공부가이드를 제공해드립니다. ITExamDump에서 연구제작한 GIAC인증 GPEN덤프로GIAC인증 GPEN시험을 준비해보세요. 시험패스가 한결 편해집니다.
ITExamDump는 IT업계에서 유명한 IT인증자격증 공부자료를 제공해드리는 사이트입니다. 이는ITExamDump 의 IT전문가가 오랜 시간동안 IT인증시험을 연구한 끝에 시험대비자료로 딱 좋은 덤프를 제작한 결과입니다. GIAC인증 GPEN덤프는 수많은 덤프중의 한과목입니다. 다른 덤프들과 같이GIAC인증 GPEN덤프 적중율과 패스율은 100% 보장해드립니다. GIAC인증 GPEN시험에 도전하려는 분들은ITExamDump 의GIAC인증 GPEN덤프로 시험을 준비할것이죠?
시험 번호/코드: GPEN
시험 이름: GIAC (GIAC Certified Penetration Tester)
GPEN 덤프무료샘플다운로드하기: http://www.itexamdump.com/GPEN.html
NO.1 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D
GIAC GPEN GPEN시험문제 GPEN GPEN
NO.2 Which of the following encryption modes are possible in WEP?
Each correct answer represents a complete solution. Choose all that apply.
A. No encryption
B. 256 bit encryption
C. 128 bit encryption
D. 40 bit encryption
Answer: A,C,D
GIAC자격증 GPEN pdf GPEN pdf
NO.3 You have inserted a Trojan on your friend's computer and you want to put it in the startup so that
whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry
entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D
GIAC GPEN GPEN GPEN GPEN
NO.4 Which of the following attacks is a form of active eavesdropping in which the attacker makes
independent connections with the victims and relays messages between them, making them believe that
they are talking directly to each other over a private connection, when in fact the entire conversation is
controlled by the attacker?
A. DoS
B. Sniffing
C. Man-in-the-middle
D. Brute force
Answer: C
GIAC dump GPEN GPEN최신덤프
NO.5 Which of the following tools is used to verify the network structure packets and confirm that the packets
are constructed according to specification?
A. EtherApe
B. Snort decoder
C. AirSnort
D. snort_inline
Answer: B
GIAC GPEN GPEN덤프
NO.6 Which of the following statements are true about MS-CHAPv2?
Each correct answer represents a complete solution. Choose all that apply.
A. It is a connectionless protocol.
B. It can be replaced with EAP-TLS as the authentication mechanism for PPTP.
C. It provides an authenticator-controlled password change mechanism.
D. It is subject to offline dictionary attacks.
Answer: B,C,D
GIAC자료 GPEN dump GPEN GPEN자료 GPEN최신덤프
NO.7 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk
and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his
task?
A. TCP FTP proxy scanning
B. Eavesdropping
C. Web ripping
D. Fingerprinting
Answer: C
GIAC GPEN GPEN
NO.8 Which of the following statements are true about WPA?
Each correct answer represents a complete solution. Choose all that apply.
A. WPA-PSK converts the passphrase into a 256-bit key.
B. WPA provides better security than WEP.
C. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireles s client.
D. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.
Answer: A,B,C,D
GIAC인증 GPEN GPEN
NO.9 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other
networks will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate with
each other.
Answer: B,C,D
GIAC인증 GPEN GPEN GPEN
NO.10 Which of the following statements is true about the Digest Authentication scheme?
A. In this authentication scheme, the username and password are passed with every request, not just
when the user first types them.
B. A valid response from the client contains a checksum of the username, the password, the given
random value, the HTTP method, and the requested URL.
C. The password is sent over the network in clear text format.
D. It uses the base64 encoding encryption scheme.
Answer: B
GIAC GPEN인증 GPEN
NO.11 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the
target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker
and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port
will drop the packet. Which of the following operating systems can be easily identified with the help of TCP
FIN scanning.?
A. Solaris
B. Red Hat
C. Windows
D. Knoppix
Answer: C
GIAC dump GPEN최신덤프 GPEN기출문제 GPEN dumps GPEN GPEN
NO.12 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D
GIAC덤프 GPEN덤프 GPEN
NO.13 A Web developer with your company wants to have wireless access for contractors that come in to work
on various projects. The process of getting this approved takes time. So rather than wait, he has put his
own wireless router attached to one of the network ports in his department. What security risk does this
present?
A. An unauthorized WAP is one way for hackers to get into a network.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. None, adding a wireless access point is a common task and not a security risk.
Answer: A
GIAC GPEN GPEN pdf GPEN dump
NO.14 You work as a Network Administrator for Net World International. The company has a Windows Active
Directory-based single domain single forest network. The functional level of the forest is Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its
Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the
company's network through wireless connections. The company's management wants to implement
Shared Key authentication for these laptops. When you try to configure the network interface card of one
of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared
Key authentication?
A. Install PEAP-MS-CHAP v2
B. Install Service Pack 1
C. Enable WEP
D. Install EAP-TLS
Answer: C
GIAC GPEN GPEN GPEN GPEN최신덤프 GPEN pdf
NO.15 You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will
you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. Restart nessusd service.
B. Place nikto.pl file in the /var/www directory.
C. Place nikto.pl file in the /etc/nessus directory.
D. Place the directory containing nikto.pl in root's PATH environment variable.
Answer: A,D
GIAC자격증 GPEN pdf GPEN기출문제 GPEN pdf GPEN pdf
NO.16 Which of the following ports will you scan to search for SNMP enabled devices in the network?
A. 163
B. 123
C. 151
D. 161
Answer: D
GIAC덤프 GPEN기출문제 GPEN최신덤프 GPEN최신덤프
NO.17 In which of the following scanning techniques does a scanner connect to an FTP server and request
that server to start data transfer to the third system?
A. Bounce attack scanning
B. Xmas Tree scanning
C. TCP FIN scanning
D. TCP SYN scanning
Answer: A
GIAC GPEN덤프 GPEN GPEN dump GPEN덤프
NO.18 Which of the following statements are true about KisMAC?
A. Data generated by KisMAC can also be saved in pcap format.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It scans for networks passively on supported cards.
D. It is a wireless network discovery tool for Mac OS X.
Answer: A,C,D
GIAC인증 GPEN dumps GPEN GPEN GPEN
NO.19 Which of the following enables an inventor to legally enforce his right to exclude others from using his
invention?
A. Patent
B. Spam
C. Phishing
D. Artistic license
Answer: A
GIAC dumps GPEN GPEN최신덤프 GPEN
NO.20 You work as a professional Ethical Hacker. You are assigned a project to perform blackhat testing on
www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition mechanic. You
claim that someone from the office called you saying that there is some fault in the air-conditioner of the
server room. After some inquiries/arguments, the Security Administrator allows you to repair the
air-conditioner of the server room.
When you get into the room, you found the server is Linux-based. You press the reboot button of the
server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly boots
backup into Knoppix. You mount the root partition of the server after replacing the root password in the
/etc/shadow file with a known password hash and salt. Further, you copy the netcat tool on the server and
install its startup files to create a reverse tunnel and move a shell to a remote server whenever the server
is restarted. You simply restart the server, pull out the Knoppix Live CD from the server, and inform that
the air-conditioner is working properly.
After completing this attack process, you create a security auditing report in which you mention various
threats such as social engineering threat, boot from Live CD, etc. and suggest the countermeasures to
stop booting from the external media and retrieving sensitive data. Which of the following steps have you
suggested to stop booting from the external media and retrieving sensitive data with regard to the above
scenario?
Each correct answer represents a complete solution. Choose two.
A. Encrypting disk partitions
B. Using password protected hard drives
C. Placing BIOS password
D. Setting only the root level access for sensitive data
Answer: A,B
GIAC GPEN dumps GPEN GPEN
NO.21 Which of the following types of cyber stalking damage the reputation of their victim and turn other
people against them by setting up their own Websites, blogs or user pages for this purpose?
A. Encouraging others to harass the victim
B. False accusations
C. Attempts to gather information about the victim
D. False victimization
Answer: B
GIAC GPEN GPEN GPEN자료 GPEN시험문제
NO.22 Which of the following is NOT an example of passive footprinting?
A. Scanning ports.
B. Analyzing job requirements.
C. Performing the whois query.
D. Querying the search engine.
Answer: A
GIAC기출문제 GPEN인증 GPEN dumps GPEN
NO.23 Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or
stop the traffic altogether?
A. Man-in-the-middle
B. ARP spoofing
C. Port scanning
D. Session hijacking
Answer: B
GIAC자료 GPEN최신덤프 GPEN시험문제 GPEN
NO.24 Which of the following tools can be used to read NetStumbler's collected data files and present street
maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal
strength?
A. NetStumbler
B. StumbVerter
C. WEPcrack
D. Kismet
Answer: B
GIAC기출문제 GPEN GPEN GPEN최신덤프 GPEN
NO.25 You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
A. Capture data on port 53 and performing banner grabbing.
B. Listen the incoming traffic on port 53 and execute the remote shell.
C. Listen the incoming data and performing port scanning.
D. Capture data on port 53 and delete the remote shell.
Answer: B
GIAC자격증 GPEN GPEN GPEN
NO.26 Which of the following options holds the strongest password?
A. california
B. $#164aviD
댓글 없음:
댓글 쓰기