Unique Top-selling GPEN Exams – New 2022 GIAC Pratice Exam [Q120-Q143]

NO.120 You work as a Network Administrator for Tech-E-book Inc. You are configuring the ISA Server
2006 firewall to provide your company with a secure wireless intranet. You want to accept inbound mail delivery though an SMTP server. What basic rules of ISA Server do you need to configure to accomplish the task.

NO.121 You want to perform an active session hijack against Secure Inc. You have found a target that allows Telnet session. You have also searched an active session due to the high level of traffic on the network.
What should you do next?

NO.122 Which of the following IEEE standards defines Wired Equivalent Privacy encryption scheme?

NO.123 Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

NO.124 John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Which of the following tools is John using to crack the wireless encryption keys?

NO.125 Which of the following is a Windows-based tool that is used for the detection of wireless LANs using the IEEE
802.11a, 802.11b, and 802.11g standards and also detects wireless networks marking their relative position with a GPS?

NO.126 Which of the following methods can be used to detect session hijacking attack?

NO.127 John works as a Professional Ethical Hacker for we-are-secure Inc. The company is using a Wireless network.
John has been assigned the work to check the security of WLAN of we-aresecure.
For this, he tries to capture the traffic, however, he does not find a good traffic to analyze data. He has already discovered the network using the ettercap tool. Which of the following tools can he use to generate traffic so that he can crack the Wep keys and enter into the network?

NO.128 Which of the following is the second half of the LAN manager Hash?

NO.129 A penetration tester used a client-side browser exploit from metasploit to get an unprivileged shell prompt on the target Windows desktop. The penetration tester then tried using the getsystem command to perform a local privilege escalation which failed. Which of the following could resolve the problem?

NO.130 Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniffing of trusted addresses, and it also supports spoofing and promiscuous listening for reply packets?

NO.131 Which of the following are considered Bluetooth security violations?
Each correct answer represents a complete solution. Choose two.

NO.132 Which of following tasks can be performed when Nikto Web scanner is using a mutation technique?
Each correct answer represents a complete solution. Choose all that apply.

NO.133 You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

NO.134 You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the svchost process. After modifying some files to set up a persistent backdoor you realize that you will need to change the modified and access times of the files to ensure that the administrator can’t see the changes you made. Which Meterpreter module would you need to load in order to do this?

NO.135 Which of the following tools allows you to download World Wide Web sites from the Internet to a local computer?

NO.136 Which of the following is NOT an example of passive footprinting?

NO.137 Which of the following syntaxes is the correct syntax for the master.dbo.sp_makewebtask procedure?

NO.138 Which of the following is possible in some SQL injection vulnerabilities on certain types of databases that affects the underlying server OS?

NO.139 You are running a vulnerability scan on a remote network and the traffic Is not making It to the target system. You investigate the connection issue and determine that the traffic is making it to the internal interface of your network firewall, but not making. It to the external Interface or to any systems outside your firewall. What is the most likely problem?

NO.140 John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Which of the following tools is John using to crack the wireless encryption keys?

NO.141 Which of the following worms performs random scanning?

NO.142 Which of the following tools can be used by a user to hide his identity?
Each correct answer represents a complete solution. Choose all that apply.

NO.143 Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?