GCIH Online Practice Questions and Answers

In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

A. TCP FIN

B. FTP bounce

C. XMAS

D. TCP SYN

You work as a System Engineer for Cyber World Inc. Your company has a single Active Directory domain. All servers in the domain run Windows Server 2008. The Microsoft Hyper-V server role has been installed on one of the servers, namely uC1. uC1 hosts twelve virtual machines. You have been given the task to configure the Shutdown option for uC1, so that each virtual machine shuts down before the main Hyper-V server shuts down. Which of the following actions will you perform to accomplish the task?

A. Enable the Shut Down the Guest Operating System option in the Automatic Stop Action Properties on each virtual machine.

B. Manually shut down each of the guest operating systems before the server shuts down.

C. Create a batch file to shut down the guest operating system before the server shuts down.

D. Create a logon script to shut down the guest operating system before the server shuts down.

In which of the following attacks does an attacker create the IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system?

A. Rainbow attack

B. IP address spoofing

C. Cross-site request forgery

D. Polymorphic shell code attack

Which of the following actions is performed by the netcat command given below?

nc 55555 < /etc/passwd

A. It changes the /etc/passwd file when connected to the UDP port 55555.

B. It resets the /etc/passwd file to the UDP port 55555.

C. It fills the incoming connections to /etc/passwd file.

D. It grabs the /etc/passwd file when connected to UDP port 55555.

You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?

Each correct answer represents a complete solution. (Choose two.)

A. Place nikto.pl file in the /etc/nessus directory.

B. Place nikto.pl file in the /var/www directory.

C. Place the directory containing nikto.pl in root's PATH environment variable.

D. Restart nessusd service.

Which of the following types of skills are required in the members of an incident handling team? Each correct answer represents a complete solution. (Choose all that apply.)

A. Organizational skills

B. Diplomatic skills

C. Methodical skills

D. Technical skills

In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

A. Session fixation

B. Cross-site scripting

C. Session sidejacking

D. ARP spoofing

Which of the following is used to determine the range of IP addresses that are mapped to a live hosts?

A. Port sweep

B. Ping sweep

C. IP sweep

D. Telnet sweep

Which of the following makes it difficult to block the source of DNS amplification attacks?

A. TCP packets are easy to spoof

B. UDP packets are easy to spoof

C. Clients require external DNS communications

D. Clients require recursive DNS lookups

What is the result of unloading a process' forward and backwards links in memory?

A. The process is hidden from the operating system

B. Analysis tools cannot find the process when scanning memory

C. The process owner is elevated to SYSTEM permissions

D. The application crashes