Ultimate Guide to Prepare GCIH Certification Exam for GIAC Information Security in 2023 [Q194-Q214]

NEW QUESTION 194
Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?

NEW QUESTION 195
Which of the following is a type of computer security vulnerability typically found in Web applications that allow code injection by malicious Web users into the Web pages viewed by other users?

NEW QUESTION 196
John works as a Network Administrator for We-are-secure Inc. He finds that TCP port 7597 of the Weare- secure server is open. He suspects that it may be open due to a Trojan installed on the server. He presents a report to the company describing the symptoms of the Trojan. A summary of the report is given below:
Once this Trojan has been installed on the computer, it searches Notpad.exe, renames it Note.com, and then copies itself to the computer as Notepad.exe. Each time Notepad.exe is executed, the Trojan executes and calls the original Notepad to avoid being noticed.
Which of the following Trojans has the symptoms as the one described above?

NEW QUESTION 197
Which of the following controls is described in the statement given below?
“It ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.”

NEW QUESTION 198
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

NEW QUESTION 199
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denialof- service, or unauthorized changes to system hardware, software, or data?

NEW QUESTION 200
Which of the following attacks saturates network resources and disrupts services to a specific computer?

NEW QUESTION 201
In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

NEW QUESTION 202
Which of the following describes network traffic that originates from the inside of a network perimeter and progresses towards the outside?

NEW QUESTION 203
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

NEW QUESTION 204
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker’s intentions?

NEW QUESTION 205
Which of the following functions can you use to mitigate a command injection attack?
Each correct answer represents a part of the solution. Choose all that apply.

NEW QUESTION 206
Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

NEW QUESTION 207
A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to a network. The problems caused by a DoS attack are as follows:
* l Saturation of network resources
* l Disruption of connections between two computers, thereby preventing communications between services
* l Disruption of services to a specific computer
* l Failure to access a Web site
* l Increase in the amount of spam
Which of the following can be used as countermeasures against DoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

NEW QUESTION 208
Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

NEW QUESTION 209
Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client
computers and four Windows 2000 servers. All the client computers are able to connect to the Internet. Mark is
concerned about malware infecting the client computers through the Internet. What will Mark do to protect the client
computers from malware?
Each correct answer represents a complete solution. Choose two.

NEW QUESTION 210
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

NEW QUESTION 211
Which of the following malicious code can have more than one type of trigger, multiple task
capabilities, and can replicate itself in more than one manner?

NEW QUESTION 212
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?

NEW QUESTION 213
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack. Which of the following attacks best describes the attacker’s intentions?

NEW QUESTION 214
In which of the following attacking methods does an attacker distribute incorrect IP address?