GCIH Online Practice Questions and Answers
Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?
A. Vulnerability attack
B. Man-in-the-middle attack
C. Denial-of-Service (DoS) attack
D. Impersonation attack
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?
A. Block all outgoing traffic on port 21
B. Block all outgoing traffic on port 53
C. Block ICMP type 13 messages
D. Block ICMP type 3 messages
In which of the following methods does a hacker use packet sniffing to read network traffic between two parties to steal the session cookies?
A. Cross-site scripting
B. Physical accessing
C. Session fixation
D. Session sidejacking
You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:
What task will the above SQL query perform?
A. Deletes the database in which members table resides.
B. Deletes the rows of members table where email id is '[email protected]' given.
C. Performs the XSS attacks.
D. Deletes the entire members table.
FILL BLANK
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.
A. Ingress filtering
Which of the following is a process of searching unauthorized modems?
A. Espionage
B. Wardialing
C. System auditing
D. Scavenging
Which of the following will best protect your network from being mapped by untrusted, external sources, while still allowing trusted sources to verify network connectivity with ping requests and replies?
A. Use settings on a network mapping tool to limit inbound ICMP and protect your network
B. Establish an IDS on the DMZ to alert on all inbound ICMP requests
C. Shut down ICMP and traceroute on your internal servers
D. Filter ICMP at the perimeter, allowing ICMP only from trusted sources
Which describes a Web Application Firewall?
A. Filters network traffic by protocol and controls network security boundaries
B. Matches network traffic to protocol anomalies or signatures and prevents violations
C. Proxies outgoing and returning HTTP/HTTPS traffic and protects an enterprise from untrusted website issues
D. Analyzes specific layer 7 traffic for state element status and prevents application attacks
An attacker compromises a host and runs the following commands. What did the attacker do?
A. A tunnel was created
B. A password was cracked
C. A file was hidden
D. A log file was edited
When probing for command injection opportunities on a remote host, why would an attacker target her own address space from the remote host?
A. Collection of URL session tokens
B. Legal requirement
C. Verification of a blind attack
D. Detect target's operating system