Pass4Test peut offrir la facilité aux candidats qui préparent le test GIAC GPEN. Nombreux de candidats choisissent le Pass4Test à préparer le test et réussir finalement à la première fois. Les experts de Pass4Test sont expérimentés et spécialistes. Ils profitent leurs expériences riches et connaissances professionnelles à rechercher la Q&A GIAC GPEN selon le résumé de test réel GIAC GPEN. Vous pouvez réussir le test à la première fois sans aucune doute.
C'est sûr que le Certificat GIAC GPEN puisse améliorer le lendemain de votre carrière. Parce que si vous pouvez passer le test GIAC GPEN, c'est une meilleure preuve de vos connaissances professionnelles et de votre bonne capacité à être qualifié d'un bon boulot. Le Certificat GIAC GPEN peut bien tester la professionnalité de IT.
Code d'Examen: GPEN
Nom d'Examen: GIAC (GIAC Certified Penetration Tester)
Questions et réponses: 384 Q&As
Le Pass4Test est un site qui peut offrir les facilités aux candidats et aider les candidats à réaliser leurs rêve. Si vous êtes souci de votre test Certification, Pass4Test peut vous rendre heureux. La haute précision et la grande couverture de la Q&A de Pass4Test vous aidera pendant la préparation de test. Vous n'aurez aucune raison de regretter parce que Pass4Test réalisera votre rêve.
Le temps est tellement précieux dans cette société que une bonn façon de se former avant le test GIAC GPEN est très important. Pass4Test fait tous efforts à assurer tous les candidats à réussir le test. Aussi, un an de mise à jour est gratuite pour vous. Si vous ne passez pas le test, votre argent sera tout rendu.
Vous pouvez télécharger tout d'abord une partie de Q&A Certification GIAC GPEN pour tester si Pass4Test est vraiment professionnel. Nous pouvons vous aider à réussir 100% le test GIAC GPEN. Si malheureusement, vous ratez le test, votre argent sera 100% rendu.
GPEN Démo gratuit à télécharger: http://www.pass4test.fr/GPEN.html
NO.1 Which of the following enables an inventor to legally enforce his right to exclude others from using his
invention?
A. Patent
B. Spam
C. Phishing
D. Artistic license
Answer: A
certification GIAC certification GPEN certification GPEN certification GPEN
NO.2 Which of the following are the scanning methods used in penetration testing?
Each correct answer represents a complete solution. Choose all that apply.
A. Vulnerability
B. Port
C. Network
D. Services
Answer: A,B,C
certification GIAC GPEN certification GPEN
NO.3 Which of the following tools is used to verify the network structure packets and confirm that the packets
are constructed according to specification?
A. EtherApe
B. Snort decoder
C. AirSnort
D. snort_inline
Answer: B
GIAC examen GPEN examen GPEN examen certification GPEN
NO.4 Which of the following statements are true about MS-CHAPv2?
Each correct answer represents a complete solution. Choose all that apply.
A. It is a connectionless protocol.
B. It can be replaced with EAP-TLS as the authentication mechanism for PPTP.
C. It provides an authenticator-controlled password change mechanism.
D. It is subject to offline dictionary attacks.
Answer: B,C,D
GIAC GPEN GPEN examen GPEN
NO.5 Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.
A. The target site should have limited lifetime authentication cookies.
B. The attacker must target a site that doesn't check the referrer header.
C. The target site should authenticate in GET and POST parameters, not only cookies.
D. The attacker must determine the right values for all the form inputs.
Answer: B,D
GIAC examen GPEN GPEN examen GPEN examen
NO.6 Which of the following is NOT an example of passive footprinting?
A. Scanning ports.
B. Analyzing job requirements.
C. Performing the whois query.
D. Querying the search engine.
Answer: A
GIAC GPEN GPEN
NO.7 Which of the following ports will you scan to search for SNMP enabled devices in the network?
A. 163
B. 123
C. 151
D. 161
Answer: D
GIAC examen GPEN certification GPEN certification GPEN
NO.8 Which of the following statements are true about WPA?
Each correct answer represents a complete solution. Choose all that apply.
A. WPA-PSK converts the passphrase into a 256-bit key.
B. WPA provides better security than WEP.
C. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireles s client.
D. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.
Answer: A,B,C,D
certification GIAC GPEN examen GPEN certification GPEN GPEN
NO.9 You have inserted a Trojan on your friend's computer and you want to put it in the startup so that
whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry
entries will you edit to accomplish the task?
A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start
B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
D.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Answer: D
GIAC GPEN certification GPEN GPEN GPEN examen GPEN
NO.10 You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized
access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer,
Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string
in the log file:
(Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001)
When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool
is being used for the unauthorized access. Which of the following tools have you ascertained?
A. AirSnort
B. Kismet
C. AiroPeek
D. NetStumbler
Answer: D
certification GIAC GPEN certification GPEN GPEN
NO.11 Which of the following tools can be used to read NetStumbler's collected data files and present street
maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal
strength?
A. NetStumbler
B. StumbVerter
C. WEPcrack
D. Kismet
Answer: B
GIAC examen certification GPEN certification GPEN GPEN GPEN
NO.12 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D
GIAC examen certification GPEN GPEN GPEN
NO.13 An executive in your company reports odd behavior on her PDA. After investigation you discover that a
trusted device is actually copying data off the PDA. The executive tells you that the behavior started
shortly after accepting an e-business card from an unknown person. What type of attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D
GIAC examen GPEN GPEN certification GPEN certification GPEN
NO.14 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk
and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his
task?
A. TCP FTP proxy scanning
B. Eavesdropping
C. Web ripping
D. Fingerprinting
Answer: C
GIAC GPEN GPEN examen GPEN
NO.15 You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will
you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. Restart nessusd service.
B. Place nikto.pl file in the /var/www directory.
C. Place nikto.pl file in the /etc/nessus directory.
D. Place the directory containing nikto.pl in root's PATH environment variable.
Answer: A,D
certification GIAC certification GPEN GPEN GPEN examen
NO.16 Which of the following options holds the strongest password?
A. california
B. $#164aviD
没有评论:
发表评论